US Cybersecurity Policy HW 1

US Cybersecurity Policy HW 1


1          Assignment

Before starting this assignment, I suggest you become familiar with the content of the Week02 lectures.

For this assignment, you are to write an essay on the following topic:

Suppose you have been hired by the Federal Government as a cybersecurity consultant. Write a memo with suggestions for what you would do to improve US cybersecurity policy?

You may make any assumptions that are viable. Examples include actions that are taken by the president, a member of congress, etc. You may not make unreasonable assumptions (“the parties in congress will work together without lobbyist influence and pass a bill that works!”). However, please state any assumptions that you are making.

Your actions don’t need to fix it in one fell swoop—it may well be that your actions make a marked improvement, but do not completely fix it. You will need to cite some evidence that your proposal will make some positive change. These can be references (online or other, but they need to be accessible to me for the grading) or explanations of how/why your proposal will have an effect.

The essay must be 500 words or less. That’s about 1 page worth of content. This may seem short, but often times in government you need to get your point across in a one-page memo because busy policymakers don’t have time to read long papers. As such, I am more interested in quality rather than quantity; I’d like to see a persuasive document that convinces me you understand cybersecurity policy and have some ideas for improving it. Note that any header information (name, title, date, class, etc.) do not count toward the word limit. References also do not count against this limit. If it is over 500 words, then I will not grade it and give you a zero! The HW policies in the syllabus discuss this in more detail.

In addition to the viable assumptions from above, I am looking for well thought out policy changes that are reasonable. So stating that Congress should pass a law to force everybody to use high levels of encryption (for example) is not reasonable in the current political climate. Nor are presidential executive orders that exceed the authority vested in said orders. I can tell if you are just writing a load of BS to fill the space, and I will not look favorably on that. Revist the homework policies on “fluff” in the syllabus—I’ve become a good fluff detector over the years, and will mark your assignment down for it.

2          How to Structure Your Essay

When writing an essay or policy memo like this, it is critical that you use your space wisely. Remember, your audience for this is a busy policymaker who needs to be able to quickly look at your essay and know what the point is. Therefore, I ask that you follow a few basic principles for writing effective policy memos.

State your Bottom Line Up Front (BLUF)

In your memo, you need to get right to the point. In one or two sentences at the very beginning you need to state the problem and provide a summary of your solution. The rest of the memo then describes and provides evidence for that solution.

Explanation of Recommendations

This is the meat of your essay. You need to make your recommendations for changes to cybersecurity policy and provide evidence (explanations, citations) for why this will be an improvement over the status quo. To make your essay clear and easy to read (i.e., not a wall of text), I recommend a separate paragraph for each recommendation. Several short paragraphs are more effective than a single giant one.


Return to the big picture and the motivation for your recommendations. This is sort of a restatement of your BLUF and your opportunity to remind your reader (remember, a busy policymaker) of the importance of the issue and the potential for your recommendations.

3          Submission

Submit your essay via Moodle as a PDF.