ACIT4055 Security politics, cyberwar, and ethics Emneplan

In this course, you will learn the technical, political, legal and ethical views on cyber warfare.

States and societies have grown highly dependent on the functioning of IT infrastructures. This has created new vulnerabilities. In cyberspace, only limited resources are often needed to cause significant harm; this poses security threats for States and societies. For instance, harmful cross-border cyber operations, both by State and non-State actors, can jeopardize international stability. Cyber activities have become an integral part of international relations, and cyber security is a very discussed topic in international law today and very pertinent to international security and geopolitical discussions.

At the same time, attacks against information technology and consequently against people and physical processes connected to them have become a means of war. Information warfare, targeted hacking, weaponization of stolen information and the digitally induced disruption of infrastructure are new methods in conflict. Their use in concealed hybrid warfare poses challenges in both critical infrastructure protection, as well as in law enforcement and international politics. The solution to those challenges are an emerging field in all related disciplines.

Students should be proficient in using literature reference mangers (e.g. Zotero, EndNote, Refworks, Mendeley) in both literature search and referencing in written work. OsloMet’s library offers introduction courses to literature search and to reference manag

No formal requirements over and above the admission requirements.

A student who has completed this course should have the following learning outcomes defined in terms of knowledge, skills and general competence:

Knowledge

On successful completion of this course the student has:

• advanced knowledge of how international law applies to hostile cyber activities by States and non-State actors during both peacetime and armed conflict
• an understanding of the context in which cybercrime is affecting the security of States and society
• an understanding of the threat landscape
• and understanding of advanced persistent threats (APTs) and how they operate
• an understanding of how technological developments interact with broader geopolitical dynamics that call for different national and international political responses
• an understanding of how state actors create advanced, persistent threats, and knows where to find up-to-date information about such threats

• an understanding of nations states or Advanced persistent threats (APTs) and how to mitigate APTs
• an understanding of the impact of security attack on critical infrastructure
• a holistic understanding of legal, political and military aspects of cyber security issues
• a solid understanding of the elements of national security policy in the digital domain and its consequences for governance, trust in society, public safety, national sovereignty and a functioning economy.

Skills:

On successful completion of this course the student can:

• critically assess and discuss cyber security challenges and extant regulatory frameworks
• argue for and against security policies and practices using new technologies
• identify national security implications of cybersecurity and the current challenges that senior lawyers, policymakers, and the private sector face in addressing those issues
• identify and address related ethical concerns; and to anticipate myriad, related issues and interests so that they can more effectively represent their clients in the future
• explain how governments attempt to develop policies and frameworks to deal with emerging cyber threats, specifically at societal scale, e.g. against critical infrastructures
• hunt and analyze Advanced Persistent threats (APT)
• explore various legal and policy issues related to enabling a safe and secure Internet and protecting government and private sector networks

• appreciate how cyber capabilities have transformed the use of information by States, and the increased threats to national security posed by these activities

General competence

On successful completion of this course the student can:

• critically address complex legal and policy issues that senior national security decision-makers must address and to provide insight into the practical challenges they present

• understand the ethical responsibilities of cybersecurity profession and be able to treat ethical, moral and privacy issues responsibly
• appreciate the need to protect critical infrastructure
• has the intellectual flexibility required to understand and respond to the challenges posed by new and emerging technologies and their consequences

• Lectures
• Reading assignments
• Case studies, including field work on the internet and policy development
• Writing assignments
• Group discussions or group presentations

• Group work and peer review of classmates’ work
• Challenges / competitions based on scenarios

The following required coursework must be approved before the student can take the exam:

• Individual: a written case report, policy, strategy document or essay (1500 - 2000 words)

• Participation in three in-course group activities such as case analysis, presentation, role play
• Group-based: give one presentation on given topics in groups up to three students, and participate as a discussant in one group presentation

The final assessment is an individual written policy, strategy document or essay (1500 - 2000 words) The exam can be appealed.

New/postponed exam:

In case of failed exam or legal absence, the student may apply for a new or postponed exam. New or postponed exams are offered within a reasonable time span following the regular exam. The student is responsible for registering for a new/postponed exam within the time limits set by OsloMet. The Regulations for new or postponed examinations are available in Regulations relating to studies and examinations at OsloMet.

All aids are permitted, provided the rules for plagiarism and source referencing are complied with.

A-F

Two internal examiners. External examiner is used periodically.

Lothar Fritsch, Nuno Marques