The phenomenal growth of the networked environment, the increase in the number of malicious cyberattacks and the heightened risk of cyberterrorism against critical information infrastructures (such as national power grid, transportation, health, banking and finance infrastructure) have made cybersecurity a critical national agenda. Cyberattacks harm national security and business interests and are considered as criminal acts in most jurisdictions. In dealing with cybersecurity attacks, understanding how the law and legal processes operate is a critical and unavoidable aspect. Beyond cybercrimes, broader cybersecurity concerns such as cyberattacks from nation states and non-state actors have emerged. With cyberterrorism and state sponsored cyberintelligence activities on the rise, cyberdefence has become a new strategic imperative. With traditional geopolitical risks increasingly layered with cybersecurity risks, international relationship management now requires new forms of cooperation between states in the new cyberworld. At the enterprise level, the establishment of a robust legal risk management framework and prosecution regime to fight cybercrime and cyberterrorism continues to be an essential building block. Enterprises, governments and other organizations needs to create a proactive and structured legal and regulatory risk management framework to better manage cybersecurity risks and ensure cybersecurity resilience.
This course will equip students with the knowledge and skills to deal with cybersecurity attacks from the legal, investigative, risk management and policy aspects. It will introduce the concepts and principles of computer crime laws and regulations, cyberterrorism and policy principles and practices to counter cyberthreats.
By the completion of this subject, the student should be able to understand: