HARVARD SUMMER SCHOOL

GOVT S-1743: Cyberspace and International Security

Draft
Course Overview and Contact Information

Course Overview
Semester and Year: Summer 2021
Day/Times: Mondays and Wednesdays, 6:30-9:30 pm
Format: Online Web Conference (Zoom)

Faculty
Derek Reveron: reveron1636@gmail.com

Course Assistants
Alexandra Bruer (lead): alexandrab1900@gmail.com
Meridith Bell: bellmeridith@gmail.com
Coen Williams: coenwilliams2@gmail.com

NOTE: THIS SYLLABUS IS SUBJECT TO CHANGE as of 19 June 2021

Course Description and Learning Objectives

In a very short time, individuals and companies have harnessed cyberspace to create new
industries, a vibrant social space, and a new economic sphere that are intertwined with our
everyday lives. At the same time, individuals, subnational groups, and governments are using
cyberspace to advance interests through malicious activity. Terrorists recruit, train, and target
through the Internet, hackers steal data, and intelligence services conduct espionage. Still, the
vast majority of cyberspace is a civilian space used by individuals, businesses, and governments
for legitimate purposes. Cyberspace and International Security examines current and future
threats to cyberspace, various approaches to advance and defend national interests, and contrasts
the US approach with European, Russian, and Chinese approaches in cyberspace.

Students are cast as participants of the policymaking process, in most cases as a trusted member
of the NSC reporting to the President or National Security Advisor, where they are required to
devise strategies and write “Strategic Options Memos.” Strategic Options Memos combine
careful analysis and strategic imagination, on the one hand, with the necessity to communicate to
major constituencies in order to sustain public support, on the other. Students will write three,
three-page memos.

Learning Objectives: To enhance participants’ ability to: (1) analyze challenges in cyberspace
(2) think strategically about cyber challenges; (3) contrast U.S. approaches in cyberspace with
other cyber powers; (4) communicate analyses of issues in Strategic Options Memos; operate
within current national security policymaking processes surrounded by an intrusive, inquiring
press; and (5) appreciate the complexities of communicating national security policies to
multiple audiences.

GOVT S-1743 – Reveron Page 1 of 11

GOVT S-1743 – Reveron Page 2 of 11
 Course Materials

Required Readings: In addition to the assigned articles, two books are required.
• Reveron, Derek. Cyberspace and National Security: Threats, Opportunities, and Power in a
Virtual World. Georgetown University Press, 2012. (available through Harvard Hollis)

• Sanger, David E. The Perfect Weapon: War, Sabotage, and Fear in the Cyber Age. Crown,
2018. (available through Harvard Hollis)

• Video: The Perfect Weapon (HBO: 2020)

Recommended
● Abbate, Janet. Inventing the Internet, MIT Press, 1999.

Grading

Grades: Given the nature of the national security system, there are no deadline extensions or
revision options. Late papers will not be accepted. Grade appeals will be submitted no more than
five days after the assignment is returned and must address the comments and consider the
assignment as a basis.
● Class Participation: 15 percent
o Students will be expected to participate through the discussion board.
● Case Study Assignments: 50 percent
o Memo One: Sony Redux (25 percent)
o Memo Two: Cyberpower and Interstate Rivalry (25 percent)
● Final Case Study: 35 percent
o Memo Three: Final Exam

GOVT S-1743 – Reveron Page 3 of 11

Final grades reflect the quality and quantity of a student’s work submitted throughout the term.
Students registered for undergraduate or graduate credit who complete the requirements of a
course may earn one of the following grades:
● A and A–: Earned by work whose superior quality indicates a full mastery of the subject,
and in the case of A, work of extraordinary distinction. There is no grade of A+
● B+, B, and B–: Earned by work that indicates a strong comprehension of the course
material, a good command of the skills needed to work with the course materials, and the
student’s full engagement with the course requirements and activities.
● C+, C, and C–: Earned by work that indicates an adequate and satisfactory
comprehension of the course material and the skills needed to work with the course
materials, and that indicates that the student has met the basic requirements for
completing assigned work and participating in class activities.
● D+, D, and D–: Earned by work that is unsatisfactory but that indicates some minimal
command of the course materials and some minimal participation in class activities that is
worthy of course credit.
● E: Earned by work that is unsatisfactory and unworthy of course credit. This grade may
also be assigned to students who do not submit required work in courses from which they
have not officially withdrawn by the withdrawal deadline. Zero or E grades are assigned
to students for missing work.

Expectations and Policies

Expectations: Completion of assignments on time, reading of all assigned materials in advance

of class, readiness to discuss cybersecurity topics, and weekly participation in an online
discussion forum.

Office Hours: will be held before class or online by appointment. Given the number of students
who participate online, post questions to the discussion forum for the weekly topic or the course
FAQ.

Assignments: You are required to submit three, three-page memos. Just like the real-world, you
will adhere to a set of formatting guidelines (SOPs). Students are encouraged to discuss the case
and ideas with fellow students, but must do individual write-ups based on their own analysis. In
your write-up, you do not need to cite ideas that come from the assigned readings, but you must
cite any outside sources used. Memos should be no more than 1800 words. A complete
description will be distributed one week before the assignment is due.

Graduate Students: will have additional assignment length requirements specified in prompts.

Accessibility

The Summer School is committed to providing an accessible academic community. The

Accessibility Office offers a variety of accommodations and services to students with
documented disabilities. Please visit http://www.summer.harvard.edu/resources-
policies/accessibility-services for more information.

GOVT S-1743 – Reveron Page 4 of 11

GOVT S-1743 – Reveron Page 5 of 11
Academic Integrity/Honesty
You are responsible for understanding Harvard Summer School policies on academic integrity
(http://www.summer.harvard.edu/policies/student-responsibilities) and how to use sources
responsibly. Not knowing the rules, misunderstanding the rules, running out of time, submitting
the wrong draft, or being overwhelmed with multiple demands are not acceptable excuses. To
support your learning about academic citation rules, please visit the Resources to Support
Academic Integrity (http://www.summer.harvard.edu/resources- policies/resources-support-
academic-integrity) where you will find links to the Harvard Guide to Using Sources
(https://usingsources.fas.harvard.edu) and two free online 15-minute tutorials to test your
knowledge of academic citation policy. The tutorials are anonymous open-learning tools.

Course Outline and Schedule

DSR= Reveron, Derek. Cyberspace and National Security: Threats, Opportunities, and Power
in a Virtual World. Georgetown University Press, 2012.

Jun 21: National Security and Cyberspace

● Reveron, Derek S. “An Introduction to Cyberspace.” in DSR, pp. 3-20.
● Nelson, Ted. “Computer Lib.” 1974.
● Lessig, Lawrence. “Laws of Cyberspace.” Essay presented at the Taiwan Net ’98, pp. 1-
16.
● Jaikaran, Chris. “Cybersecurity: A Primer.” Congressional Research Service, 15
December 2020.
● “Joint Statement for the Record on Foreign Cyber Threats to the U.S. to the SASC.” 5
January 2017.
● Symantec. “Internet Security Threat Report 2019.”
● Report of the Commission on America’s National Interests. pp. 1-21.
● Google Employee Letter. 4 April 2018.
● Post-class Discussion Post (to complete after June 21 lecture)
o Video: Schneider, Jacquelyn. “How Dangerous are Cyberattacks?” 11 November
2020.

Jun 23: Cyber as a Tool of National Power Memo 1 released

● Video: The Perfect Weapon
● Sanger, David E. The Perfect Weapon. Chapters 1 and 2.
● Andres, Richard. “The Emerging Structure of Cyber Offense, Cyber Defense, and Cyber
Deterrence.” in DSR, pp. 89-104.
● Theohary, Catherine A. “Defense Primer: Cyberspace Operations.” Congressional
Research Service, 15 December 2020.
● Theohary, Catherine. “Defense Primer: Information Operations.” Congressional
Research Service, 15 December 2020.
● Lewis, James A. “Toward a More Coercive Cyber Strategy: Remarks to U.S. Cyber
Command Legal Conference.” 4 March 2021.
● Reveron, Derek and Nikolas Gvosdev. “National Interests and Grand Strategy.” The
Oxford Handbook of U.S. National Security, July 2018.
● “U.S. Foreign Policy Tools: An Illustrative Matrix of Selected Options.” National
Foreign Trade Council.
● Post-class Discussion Post (to complete after June 23 lecture)

GOVT S-1743 – Reveron Page 6 of 11

 o Video: Joyce, Rob. “NSA TAO Chief on Disrupting Nation State Hackers.” 28
January 2016.
Jun 28: Operational Considerations in Cyberspace
● Lin, Herbert. “Operational Considerations in Cyber Attack and Cyber Exploitation.” in
DSR, pp. 37-56.
● Sanger, David E. The Perfect Weapon, Chapter 4.
● Department of Defense. Joint Publication 3-12: Cyberspace Operations, chapters II and
III, June 2018.
● MITRE. “Assets in Industrial Control Systems (ICS), Software/Code Used in
Attacks, Techniques Implemented, and Groups Involved in ICS Incidents.” August 2020.
● Schmitt, Michael N. “Peacetime Cyber Responses and Wartime Cyber Operations Under
International Law: An Analytical Vade Mecum.” Harvard National Security Journal, pp.
243-260.
● Post-class Discussion Post (to complete after June 28 lecture)
o Video: “The Stuxnet Story: What Really Happened at Natanz.” 20 July 2020.

Jun 30: Sony Redux Memo 1 Due

● Sanger, David E. The Perfect Weapon. Chapters 6 and 12.
● Martin, Timothy. “How North Korea's Hackers Became Dangerously Good.” The Wall
Street Journal. 19 April 2018.
● Chesney, Robert. “Hackback Is Back: Assessing the Active Cyber Defense Certainty
Act.” Lawfare, 14 June 2019.
● Inkster, Nigel. “Cyber Attacks in La-La Land.” Survival 57, no. 1, 2015, pp. 105-116.
● Rid, Thomas and Ben Buchanan. “Attributing Cyber Attacks.” Journal of Strategic
Studies, 38:1-2, 23 December 2014, pp. 4-37.
● Seal, Mark. “An Exclusive Look at Sony’s Hacking Saga.” Vanity Fair, March 2015.
● FBI. “Update on Sony Investigation.” 19 December 2014.
● Department of Justice. “United States of America v. Jon Chang Hyok et. al.” January
2020. (just scan)
● No discussion post.

Jul 5: No Class in Honor of U.S. Independence Day

Jul 7: Interstate Rivalry and Deterrence

● Allison, Graham. “The New Spheres of Influence: Sharing the Globe with Other Great
Powers.” Foreign Affairs, March/April 2020.
● Valeriano, Brandon and Ryan Maness. “Persistent Enemies and Cyberwar: Rivalry
Relations in an Age of Information Warfare.” in DSR, pp. 139-158.
● Nye, Joseph S. Jr. “Deterrence and Dissuasion in Cyberspace.” International Security,
Winter 2016-17.
● Nakasone, Paul and Major Charlie Lewis. “Cyberspace in Multi-Domain Battle.” The
Cyber Defense Review, 2017.
● Geers, Kenneth, Darien Kindlund, Ned Moran, and Rob Rachwald. “World War C:
Understanding Nation-State Motives Behind Today’s Advanced Cyber Attacks.”
FireEye.
● Williams, Brad. “Meet the scholar challenging the cyber deterrence paradigm.” Fifth
Domain, 19 July 2017.

GOVT S-1743 – Reveron Page 7 of 11

 ● Chesney, Robert and Max Smeets. “Policy Roundtable: Cyber Conflict as an Intelligence
Contest.” Texas National Security Review, 17 September 2020.
● Post-class Discussion Post (to complete after July 7 lecture)
o Video: “Strategic Competition: The Rise of Persistent Presence and Innovation.”
6 March 2019.
Jul 12: European Approaches Memo 2 Released
● Joyner, James. “Competing Transatlantic Visions of Cybersecurity.” in DSR 2012, pp.
159-172.
● NATO. “Cyber Defence.” 12 April 2021.
● Howard, LeAnne and Derek Reveron. “NATO’s Achilles Heel: Russian Political
Warfare.” National Interest, 21 March 2018.
● Healey, Jason and Klara Tothova Jordan. “NATO’s Cyber Capabilities: Yesterday,
Today, and Tomorrow.” Atlantic Council, September 2014, pp. 1-7.
● Jordan, Klara Tothova. “Would NATO Go to War Over a Cyberattack?” National
Interest, 4 September 2014.
● Lewis, James A. “The Role of Offensive Cyber Operations Weapons in NATO's
Collective Defense.” NATO Cooperative Cyber Defence Centre of Excellence, 2015.
● European Union, “Cybersecurity Strategy of the European Union: An Open, Safe and
Secure Cyberspace.” July 2013, pp. 1-20.
● Bendiek, Annegret Christoph Berlich and Tobias Metzger. “The European Union’s
Digital Assertiveness.” German Institute for International and Security Affairs,
September 2015.
● Mackenzie, Christina. “France’s new cyber defense ‘conductor’ talks retaliation,
protecting industry.” Fifth Domain. 30 September 2019.
● “Brussels Summit Communique.” NATO, 15 June 2021.
● Post-class Discussion Post (to complete after July 12 lecture)
o Video: “NATO Cyber Defense: A Decade of Opportunities and Challenges.” 20
April 2021.
Jul 14: Russian Approaches
● Sanger, David E. The Perfect Weapon. Chapter 7.
● Gerasimov, Valery. “The Value of Science Is in the Foresight.” Originally published in
Military-Industrial Kurier, 27 February 2013.
● Alexander D. Chekov, Anna V. Makarycheva, Anastasia M. Solomentseva, Maxim A.
Suchkov & Andrey A. Sushentsov. War of the Future: A View from
Russia,  Survival, 61:6, (2019), pp. 25-48.
● National Intelligence Council. ICA 2017-01D. 6 January 2017.
● Nimmo, Ben. “Russia’s Full Spectrum Propaganda A case study in how Russia’s
propaganda machine works.” Atlantic Council's Digital Forensic Research Lab, 23
January 2018.
● Connell, Michael and Sarah Vogler. “Russia’s Approach to Cyber Warfare.” Center for
Naval Analyses, March 2017.
● Allison, Graham and Dimitri K. Simes. “Russia and America: Stumbling to War.” The
National Interest, 20 April 2015.
● Smith, Julianne and Michael Williams. “A Defining Moment for the Alliance.” Center
for a New American Security, 3 August 2015.
● Tucker, Patrick. “Russia Will Test Its Ability to Disconnect from the Internet.” Defense
One, 24 October 2019.

GOVT S-1743 – Reveron Page 8 of 11

 ● Conley, Heather and Ruslan Stefanov, James Mina, and Martin Vladimirov. “The
Kremlin Playbook: Understanding Russian Influence in Central and Eastern Europe.”
Center for Strategic & International Studies, October 2016.
● Berzins, Janis. “Russia’s New Generation Warfare in Ukraine: Implications for Latvian
Defense Policy.” National Defence Academy of Latvia – Center for Security and
Strategic Research, April 2014.
● “FACT SHEET: Imposing Costs for Harmful Foreign Activities by the Russian
Government.” White House, 15 April 2021.
● Post-class Discussion Post (to complete after July 14 lecture)
○ Video: CSIS, “Evolution of Russian Cyber Tactics and Operations.” 25 March
2021.

Jul 19: Crisis with the Kremlin Memo 2 Due

● Sanger, David and Nicole Perlroth. “U.S. Escalates Online Attacks on Russia’s Power
Grid.” New York Times, 15 June 2019.
● Stoltenberg, Jens. “Remarks at Cyber Defence Pledge Conference, London.” NATO, 23
May 2019.
● Polyakova, Alina. “The Kremlin’s Plot Against Democracy: How Russia Updated Its
2016 Playbook for 2020.” Foreign Affairs, September/October 2020.
● Gioe, David V. “Cyber operations and useful fools: the approach of Russian hybrid
intelligence.” Intelligence and National Security, 28 May 2018.
● Thomas, Timothy. “Russian Military Thought: Concepts and Elements.” MITRE, August
2019, chapter 7 (Russia’s Context for Cyber and Information Issues).
● Video: “The Russians Are Coming: Estonia’s National Militia.” Vice News, December
2015.
● No discussion post.
Jul 21: Norms and Law
● Schmitt, Michael and Katharina Ziolkowski. “Trends in international law for
cyberspace.” NATO Cooperative Cyber Defence Centre of Excellence, May 2019.
● Foltz, Andrew C. “Stuxnet, Schmitt Analysis, and the cyber "use-of-force" debate.” Joint
Force Quarterly, (67), (2012), pp. 40-48.
● Kleinger, Sam and Ambassador (ret.) Lee Wolosky. “Time for a Cyber-Attack Exception
to the Foreign Sovereign Immunities Act.” Just Security, 14 August 2019.
● Efrony, Dan. “Entering the Third Decade of Cyber Threats: Toward Greater Clarity in
Cyberspace.” Lawfare, 13 June 2019.
● Schmitt, Michael N. “Peacetime Cyber Responses and Wartime Cyber Operations Under
International Law: An Analytical Vade Mecum.” Harvard National Security Journal, pp.
261-280.
● The Convention on Cybercrime (Budapest Convention)
● Boston Global Forum. “Ise-Shima Norms.” May 2016.
● Post-class Discussion Post (to complete after July 21 lecture)
o Video: Brad Smith. “Cyber Security and Internet Governance.” 9 November
2017.
Jul 26: Chinese Approaches Memo 3 released
● Sanger, David E. The Perfect Weapon. Chapter 5.
● Inkster, Nigel. “The Huawei Affair and China’s Technology Ambitions.” Survival, 29
January 2019.

GOVT S-1743 – Reveron Page 9 of 11

 ● New America. “China’s Strategic Thinking and Building Power in Cyberspace.” 25
September 2017.
● White House. “How China’s Economic Aggression Threatens the Technologies and
Intellectual Property of the United States and the World.” June 2018.
● Allison, Graham T. “The Thucydides Trap: Are the U.S. and China Headed for War?”
Atlantic, 24 September 2015.
● Lindsay, Jon R., Tai Ming Cheung, Derek Reveron. “Will China and America Clash in
Cyberspace?” National Interest, 12 April 2015.
Sanger, David E. et al. “White House Weighs New Cybersecurity Approach After Failure
to Detect Hacks.” New York Times, 14 March 2021.
● George Perkovich et al. “China-U.S. Cyber Nuclear C3 Stability.” Carnegie Endowment
for International Peace, 8 April 2021. (skim)
● “Chinese Malicious Cyber Activity.” CISA. (skim for awareness)
● Post-class Discussion Post (to complete after July 26 lecture)
o Video: Campbell, Kurt. “‘Opening Remarks’ at Sino-US Colloquium VIII:
Beyond the Current Distrust.” George Washington University Elliott School of
International Affairs, 5 October 2015, 40:25-1:02:15.
Jul 28: Cyber Homeland Defense
● Reveron, Derek, Jacquelyn Schneider, Michael Miner, John Savage, Allan Cytryn, Tuan
Anh Nguyen. "Cyber-Defense Strategy for a Nation." Boston Global Forum, 12
December 2017.
● Cyberspace Solarium Commission. “Executive Summary.” 11 May 2020.
● Rosenbach, Eric. “America, Democracy, and Cyber Risk: Time to Act.” 24 April 2018.
● U.S. Department of Homeland Security. “2018 Cybersecurity Strategy.” 15 May 2018.
● White House Council of Economic Advisors. “The Cost of Malicious Cyber Activity to
the US Economy.” February 2018.
● Defense Science Board, “Task Force on Cyber Deterrence.” February 2017.
● Seals, Tara. “40% of ICS, Critical Infrastructure Targeted by Cyberattacks.” Info
Security Magazine, 29 March 2017.
● Testimony of Christopher C. Krebs before the Committee on Homeland Security
Subcommittee on Cybersecurity, Infrastructure Protection, & Innovation U.S. House of
Representatives on Responding to Ransomware: Exploring Policy Solutions to a
Cybersecurity Crisis, 5 May 2021.
● Post-class Discussion Post (to complete after July 28 lecture)
o Video: Goldman, Emily. “Cyber Strategy and Policy.” 5 August 2020.

Aug 2: U.S. Cybersecurity Strategy Memo 3 Due

● “Executive Order on Improving the Nation’s Cybersecurity.” White House, 12 May 2021.
● Sheldon, John B. “Toward a Theory of Cyber Power: Strategic Purpose in Peace and
War.” in DSR 2012, pp. 207-224.
● Nakasone, Paul and Michael Sulmeyer. “How to Compete in Cyberspace: Cyber
Command’s New Approach.” Foreign Affairs, 25 August 2020.
● Terri Moon Cronk. “White House Releases First National Cyber Strategy in 15 Years.”
Department of Defense, 21 September 2018.
● Department of Defense, “The DOD Cyber Strategy.” Department of Defense, 2018.
● Fischerkeller, Michael P. and Richard J. Harknett. “Persistent Engagement and Tacit
Bargaining: A Path Toward Constructing Norms in Cyberspace.” 9 November 2018. 

GOVT S-1743 – Reveron Page 10 of 11

 ● Nakasone, Paul M. “An Interview with GEN Nakasone.” and “A Cyber Force for
Persistent Operations.” Joint Forces Quarterly 92 pg. 4-14. 
● Cybersecurity and Information Systems Information Analysis Center. DOD
Cybersecurity Policy Chart.
● Healy, Jason. “The implications of persistent (and permanent) engagement in
cyberspace.” Journal of Cybersecurity,6 August 2019.
● Sanger, David E. The Perfect Weapon. Afterword.
● Wolff, Josephine. “How Would the U.S. Respond to a Nightmare Cyber Attack?”
Scientific American, 23 July 2013.
● Zimmerman, Carson. “Ten Strategies of a World-Class Cybersecurity Operations
Center.” MITRE Corporation, 2014, pp. 1-2 and pp. 3-43 (skim for additional insight).
● National Institute of Standards and Technology. “Framework for improving critical
infrastructure cybersecurity.” Version 1.1, 2018.
● No discussion post.
Aug 4: Conclusions
● Video: Healey, Jason. “Saving Cyberspace.” 6 December 2014.
● No discussion post.

Tips for your memos:

● Follow the directions.

● Use the sample memo as a guide in structure and content; it is not a template.
● Write as if you are on the NSC - not as a student in this course.
● Your analysis should not be a history lesson, but past actions can be informative.
● Use your knowledge of U.S. national interests and apply to the case.
● Your options are meant to be strategic and long-term.
● Your options should be unique - do not duplicate the same actions across options.
● Beware the Goldilocks setup - do not make your first option "Fight China", the second
"Give China Everything", and third "Be Perfect Friends". All three options should be
equally likely to occur. The best option sets are ones that you as the writer have a difficult
time choosing a recommendation.
● Your recommendation should be a single option - do not mix options or stage (e.g.,
option 1 unless it fails, then option 2.).

GOVT S-1743 – Reveron Page 11 of 11