Module content

Enhancing cybersecurity is a critical issue affecting the competitiveness of firms and the security of governments. Increasingly policymakers are fashioning regulatory schemes around the world that promise to shape not only the day-to-day realities of operating information systems, but also cyberspace itself. This course takes an interdisciplinary, global approach to introduce students to cybersecurity risk management. Course content includes comparative and international law related to managing cyber-attacks as well as managing compliance across multinational organizations, best practices for mitigating cyber risk, communicating effectively with executive leadership, motivating employees while managing insider threats, responding to data breaches and government investigations, and thinking strategically about how best to conduct cybersecurity due diligence in a given transaction or venture. Connected topics such as Internet governance and ethical norms of conduct will also be addressed. Ultimately, we will analyze regulatory solutions as part of a larger universe of reforms needed to enhance cybersecurity and safeguard intellectual property.

Module title

Managing Information Risk and Security

Module status






Number of hours:

60 [(L+E+S) = 40 + 0 + 20 ]

L= lectures; S= seminars; E= exercises;


Module tag



Scott J. Shackelford, Managing Cyber Attacks in International Law, Business and Relations: In Search of Cyber Peace (Cambridge University Press, 2014)

Supplementary literature

1. Cybersecurity and Cyber War: What Everyone Needs to Know (Oxford University Press)
2. Eric L.Richards and Scott J. Shackelford , Legal and Ethical Aspects of International Business (Aspen College Series, Wolters Kluwer Law and Business, 2014)