Professors: Steven M. Bellovin, Jason Healey, and Evan Wolff

Time: Tuesday 4:10-6:00
Room 1302 International Affairs Building

Office Hours:


This seminar will bring together professors and select students from three schools to discuss how different disciplines solve cybersecurity issues. Classes will cover the technical underpinnings of the Internet and computer security; the novel legal aspects from technology, crime and national security; and the various policy problems and solutions involved in this new field.


See the readings assigned for each lecture.


Permission of the instructor.

Some knowledge of programming is helpful but not required


  1. One main outcome of this class is to bring together students from each school to bring their perspectives to problems of global interest. Early in the semester, the professors will assign groups of six students, two from each school. Each group will focus on the problem of operational collaboration in cybersecurity: working together across the public and private sectors to improve protection, resilience, or response. This could include a very wide range of ideas, from finding new ways to disrupt attackers at scale, novel public-private or private-private partnerships, or radical notions to secure the Internet at large scale and low cost.
  2. There are three related assignments for this paper. First, each group is responsible for an initial scoping paper, of about 2000 words, on the issue, bringing the perspective and tools from the viewpoint of professionals from their field. So for example, on a team studying a new organization for botnet takedowns, the students from Computer Science would write on botnets and their history and general and botnet and counter-botnet technologies; the Law students on criminal statutes and the role of law enforcement, issues of liability, and organizational law; the SIPA students on relevant public policy solutions, such as aligning market incentives and thinking of who pays.
  3. Second, each group will present their findings on the final class. The class instructors will grade the ideas and presentation and invite cyber professionals working on cyber collaboration issues.
  4. Third, the group is collectively responsible for a final paper, of about 6000 words, bringing together all their research together into a polished product. This paper will be due the Tuesday after the final class. The expectation is that some or all of these papers will be published. The last time this course was offered, one of the papers (on a replacement for social security numbers) was published by the University of Illinois Journal of Technology & Policy. In that paper, the computer science team developed the cryptographic algorithm, the law students looked at the relevant legislation on where SSNs must or must not be used, while the policy students took the lead on the proposed pilot program for the new scheme: Federal students aid.
  5. During this process, the professors will connect the students to relevant professionals to be interviewed for these papers.
  6. Other Items:
    1. Please familiarize yourself with the proper methods of citation and attribution, for both traditional publications and legal writings, e.g., statutes and cases. There are various useful resources online; we strongly encourage you to familiarize yourself with these various styles before conducting your research. In particular, law students must use Blue Book-style citations.
    2. Columbia University does not tolerate cheating and/or plagiarism in any form. Those students who violate the Code of Academic & Professional Conduct of their relevant school will be reported and subject to the appropriate disciplinary procedures.


Final project
  • 15%: Initial scoping and recommendations (group paper)
  • 35%: Presentation and final submission
Two short papers on specific issues to be determined during the semester. Your two papers must be from an area not your own. That is, if you'r a law student, your short papers will be on policy and technology, etc.
Class participation