• Reflect on the changing relationship between tech companies and the state, and the reasons why states increasingly seek to regulate new technologies
• Understand and assess the difficulties related to the regulation of the risks posed by new technologies such as digital platforms, AI or Cloud computing as well as the political and economic power of those companies bringing them to the market
• Reflect on the changing nature of the internet as a global forum
• Reflect on the evolution of the cyber threat landscape and the ways in which this endangers the prosperity or survival of businesses
• Conduct basic cyber risk analysis of organisations and their networks and compile cyber-security related documentation such as company cyber security policies and incident response plans
• Evaluate the trade-offs and strategic decisions that must be made when establishing a businesses’ cyber security posture and risk appetite
• Account for the regulatory, political and technological developments that set the framework for business cyber security

The time when startups could disrupt existing structures with any technological vision they managed to obtain funding for, and when Big Tech companies could develop their global platforms as they pleased, is well and truly over.

Today’s business leaders need to understand the emergent security, regulatory and policy environments to guide their companies to prosperity in the middle of rapid change.This course will equip students with the knowledge and tools to analyze and confront the most pertinent questions in information- and cyber security and the most important political debates about the regulation of tech companies, from gatekeeper rules for the largest platforms to software security requirements affecting the smallest producers.

These range from questions about the management of data privacy, access to communications platforms, to the monitoring of content spreading there to the outright intrusion of these platforms to shape election campaigns; from the wholesale transfer of data into the cloud and how it can be kept secure and private there, to the regulation of cryptocurrencies. We will take a broad view to understand the ways in which the challenge of regulating complex innovations such as AI and reining in the power of huge global tech companies is pushing the existing political system to its limits.

The second part of the course will introduce students to the concepts and tools necessary to understand and assess the cybersecurity risks faced by companies, as well as to the security controls and procedures available to manage this risk. Students will learn how to craft and write company cybersecurity policies, incident response plans and other forms of documentation related to business cyber security and risk management.

In this way, the course provides the students with practice-oriented insights while offering reflections on current and future developments in the context of digital business cyber security, regulation, and policy, and the ways in which they will affect tech companies from the smallest to the largest.
 

The literature will be shared via Canvas before the semester starts. Due to the fast-changing nature of the field, additions and changes may be made throughout the course – these will always be communicated via Canvas. Students are advised to check the syllabus on Canvas before they buy any material.

Sample literature:

Martin Moore, Damian Tambini (eds): Regulating Big Tech: Policy Responses to Digital Dominance (OUP 2021)