Cybersecurity and Governance

Objectives

The subject Cybersecurity and Governance aims to provide students with fundamental knowledge about the new threats and risks within Cyberspace, Cybersecurity governance frameworks at the enterprise, national and international levels, as well as existing counter-cyberconflicts tools. This subject also aims to contribute to the understanding of the relevance and emergence of different actors and security measures.

 

General characterization

Code

36121

Credits

6

Responsible teacher

Lino Santos, Armando Marques Guedes

Hours

Weekly - 3

Total - 36

Teaching language

English

Prerequisites

Not Applicable

Bibliography

Clarke, R. A. & Knake, R. K. (2011). Cyber war. HarperCollins.

 

CNCS (2020). Relatório Ética e Direito 2020. Observatório de Cibersegurança.

 

CNCS (2022). Relatório Riscos e Conflitos 2021. Observatório de Cibersegurança.

 

Demchak, C. C. & Dombrowski, P. (2011). Rise of a cybered westphalian age. Strategic Studies, 5(1), 32-61.

 

Denning, D. E. R. (1999). Information warfare and security. Reading MA: Addison Wesley.

 

Gozzi Jr, R. (1994). The cyberspace metaphor. Etc.: A Review of General Semantics, 51(2), 218.

 

Luiijf, E., Besseling, K., & De Graaf, P. (2013). Nineteen national cyber security strategies. International journal of critical infrastructures, 9(1), 3-31.

 

Libicki, M. C. (2012). Cyberspace is not a warfghting domain. ISJLP, 8, 321-336.

 

Klimburg, A. (2011). Mobilising cyber power. Survival, 53(1), 41-60.

 

Morozov, E. (2012). The net delusion: The dark side of Internet freedom. PublicAffairs.

 

Nye Jr, J. S. (2010). Cyber power. Technical report, Belfer Center for Science and International Affairs, Harvard Kennedy School.

 

O'Connell, M. E. (2012). Cyber security without cyber war. Journal of Conflict and Security Law, 17(2), 187-209.

 

O'neil, C. (2016). Weapons of math destruction: How big data increases inequality and threatens democracy. Broadway books.

 

Santos, L. (2012). Contributos para uma Melhor Governação da Cibersegurança em Portugal. In J. Bacelar Gouveia (ed.), Estudos Avançados de Direito e Segurança (Vol. II, pp. 217-305). Almedina.

 

Schmitt, M. (1999). Computer network attack and the use of force in international law: thoughts on a normative framework. Columbia Journal of Transnational Law, 37, 887-937.

 

Schmitt, M. N. (Ed.). (2017). Tallinn manual 2.0 on the international law applicable to cyber operations. Cambridge University Press.

 

Strate, L. (1999). The varieties of cyberspace: Problems in definition and delimitation. Western Journal of Communication, 63(3), 382-412.

 

West-Brown, M. J. et al. (2003) Handbook for Computer Security Teams (CSIRTs), CMU

 

Zuboff, S. (2019). The age of surveillance capitalism: The fight for a human future at the new frontier of power: Barack Obama's books of 2019. Profile books.

 

Teaching method

12 theoretical-practical lessons and 3 seminar

 

Evaluation method

Written examination, which may be replaced by written work.

Subject matter

  1. Introduction: Information, Information Security and Cybersecurity
    1. Cyberspace and Cyberspaces
    2. Information and Information Security therory
    3. Cybersecurity evolution
  2. Hackers, Crackers e other outlaws in Cyberspace
    1. Hacktivism, Cybercrime, Cyberterrorism and Cyberwar
    2. Tools, Tactics and Procedures
    3. Cyber Intelligence
  3. Cyberspace Regulation
    1. Portuguese Cyberspace Security Regulation Law
    2. NIS2 directive
    3. CER directive
  4. Fight against Cybercrime
    1. Budapeste Convention
    2. Portuguese Cybercrime Law
  5. Incident response and Cybersecurity crisis management
    1. Computer Emergency Response Teams (CERTs)
    2. Information Sharing and Alerting Centres (ISACs)
    3. Cybersecurity crisis management
    4. National and International cooperation
  6. Other public policies
    1. Coordinated vulnerability disclosure
    2. Cyber-higiene
    3. Risk management
    4. Certification
  7. Algorithms and future technologies
    1. Big data
    2. Artifitial Intelligence
    3. Blockchain
    4. Qantic computing