Cybersecurity Law, Policy, and Institutions (version 3.1)

274 Pages Posted: 26 Mar 2020 Last revised: 24 Aug 2021

See all articles by Robert Chesney

Robert Chesney

University of Texas School of Law

Date Written: August 23, 2021


This is the full text of my interdisciplinary “eCasebook” designed from the ground up to reflect the intertwined nature of the legal and policy questions associated with cyber-security. My aim is to help the reader understand the nature and functions of the various government and private-sector actors associated with cyber-security in the United States, the policy goals they pursue, the issues and challenges they face, and the legal environment in which all of this takes place. It is designed to be accessible for beginners from any disciplinary background, yet useful to experienced audiences too.

The first part of the book focuses on the “defensive” perspective (meaning that we will assume an overarching policy goal of minimizing unauthorized access to or disruption of computer systems). The second part focuses on the “offensive” perspective (meaning that there are contexts in which unauthorized access or disruption might actually be desirable as a matter of policy).

In short, the book is a guided tour of the broad cyber-security landscape, suitable both for classroom use and for independent study.

Keywords: Cybersecurity, Information Security, Infosec, CFAA, FTC Act, Sanctions, CYBERCOM, NSA, FBI, Hackback, Network Investigative Techniques, Deterrence, Cyberdeterrence, CISA, Information-Sharing

Suggested Citation

Chesney, Robert, Cybersecurity Law, Policy, and Institutions (version 3.1) (August 23, 2021). U of Texas Law, Public Law Research Paper No. 716, Available at SSRN: or

Robert Chesney (Contact Author)

University of Texas School of Law ( email )

727 East Dean Keeton Street
Austin, TX 78705
United States

Do you have a job opening that you would like to promote on SSRN?

Paper statistics

Abstract Views
PlumX Metrics