Cyber 9/12 Strategy Challenge WEEK 4: Bringing it all together – Cyber Resilience Policy Development 

go to 9/12 home page

 

In this final week of the Module, participants will explore how non-technical cyber security considerations form the foundation of national and international policy solutions. Cyber security and cyber resilience cannot be achieved by technical means alone. As weeks 1, 2 and 3 of this Module have shown, there are political, economic, social, legal and increasingly environmental considerations to take into account in addition to the technical (the PESTLE approach to cyber security). Effective policy must, if possible, draw together these elements as they are each important parts of wider solutions. 

 

In this unit, students will explore what makes effective policy in the cyber context when dealing with major cyber incidents targeting critical national infrastructure. Crucial to this is the ability to combine and address different thematic areas and create succinct policy recommendations that still achieve particular goals and make states resilient to cyber incidents. 

Learning outcomes

By the end of Week 4, students will have:

  1. Brought together the previous three weeks learning to develop holistic policy solutions.
  2. Understood and made aware of how technology, law and (inter)national politics interact.
  3. Analysed a major cyber incident from a holistic, non-technical perspective.
  4. Confidently provided, recommended and discussed holistic cyber resilience policy solutions which do not solely rely on technical tools.
  5. Navigated the complexities of reserved (Westminster) and devolved (Holyrood) areas of policy in relation to cyber issues

1. Watch this video

YouTube player

2. Read these

 

 

Government Policy Snapshots. A collection of analyses of national government cyber security strategies conducted by Senior Researchers at ETH Zurich’s Centre for Security Studies

 

Dr R Dewar and E. Templeton, The Impact of Regulatory Frameworks on the global Digital Communications Industry, 2020, Geneva Centre for Security Policy

 An academic login may be required to access these.

 

 

3. Group activities

In your groups, discuss how to develop holistic policy solutions incorporating, or at least acknowledging and addressing, the political, economic, social, technical, legal and environmental aspects of cyber security

 

In your groups, prepare a 10minute presentation addressing the unit’s three questions:

Provide 3 policy recommendations to help Scotland be more resilient against Stuxnet-style operations. Think about:

  1. The way Stuxnet entered the target system.
  2. The impact of the operation if successful.
  3. Explain and support your choices.
  4. Set out the cross-government (UK and Scotland) policy relationships that need to be considered?
4. Assessment

10-minute oral presentation and feedback from module leader