Students of the first MASCI cohort during an al-fresco presentation.

The Alperovitch Institute offers a cybersecurity track within the MASCI degree, and provides cybersecurity and intelligence-related teaching to SAIS students in general.

Our courses are taught by leading practitioners and scholars in both the public and the private sectors. A sample of our classes is listed below. We are currently in the process of bringing online classes on security in critical infrastructure, cyber operations, hands-on cybersecurity, and artificial intelligence.

Intelligence II: Cybersecurity, Counterintelligence, and Covert Action (core MASCI class)

On a practical level, state-nexus cyberspace (“cyber”) operations have become a ubiquitous element of contemporary intelligence activities. To that end, this course presents cyber operations through a traditional intelligence tradecraft lens. This includes the specific role and function of cyber operations when they are employed to support intelligence collection, counterintelligence, covert action, and operational enablement activities. Students will also be exposed to how unique elements of cyber activity (such as cybercrime tactics) can and have been leveraged in an intelligence context, the ethics of cyber operations as an intelligence activity, and case studies regarding how different countries approach the conduct of such activities. Students who complete this course will be prepared to interpret state-nexus cyber operations in the context of traditional intelligence contests between states.

Disinformation

Disinformation—or Active Measures, in old-school intelligence terms—is as old as modern intelligence agencies. The rise of disinformation was linked to the ideological clashes that defined the 20th century, and the entire Cold War. As the Soviet Union went down, the internet went up. And after a short hiatus, disinformation was back with a vengeance. This class explores the history, evolution, and metamorphosis of disinformation over the past century.  Note: No technical background is required.

Global Cyber Threats

Who are the hackers that dominate headlines? This course will answer that question not just with broad terms like “Russia” and “China” but with more focused and nuanced analysis. We will focus on known hacking groups, their methods, motivations, and relationship to greater geopolitical developments. The course will focus primarily on state-affiliated threats, though it will touch other realms of the cyberthreat ecosystem as well. Students completing this course will have a foundational knowledge of what nations are doing in cyberspace, an important step towards subject matter expertise. No background in computer science is necessary for this class, though you should be willing to push yourself out of your technical comfort zone and be persistent in learning new skills. We will examine many case studies of historic and contemporary adversary behavior. Students will gain strategic perspective by examining reporting that will include tactical, operational, and strategic insights. Many of these examples are available in the open source literature, but additional context will be provided in class discussion.

Intelligence and Cyberspace

On a practical level, state-nexus cyberspace (“cyber”) operations have become a ubiquitous element of contemporary intelligence activities. To that end, this course presents cyber operations through a traditional intelligence tradecraft lens. This includes the specific role and function of cyber operations when they are employed to support intelligence collection, counterintelligence, covert action, and operational enablement activities. Students will also be exposed to how unique elements of cyber activity (such as cybercrime tactics) can and have been leveraged in an intelligence context, the ethics of cyber operations as an intelligence activity, and case studies regarding how different countries approach the conduct of such activities. Students who complete this course will be prepared to interpret state-nexus cyber operations in the context of traditional intelligence contests between states.

Threat Intelligence for Information Operations

This class is intended to give students experience in conducting and writing analysis of online information operations and disinformation campaigns, conveying practical skills for those seeking professional threat intelligence analysis or other similar roles. Throughout the semester, students will develop and conduct their own open source investigation of their choosing, culminating at the end of the semester in the completion of a polished threat intelligence report. While open source intelligence (OSINT) investigative techniques will be employed by students throughout the course, it is not intended to be an OSINT techniques course per se. Rather, focus will be placed on producing coherent, concise, accurate and insightful analysis. As part of this, heavy emphasis will be placed on analytic writing, and students will also be exposed to—and conduct—some basic quantitative data analytics. No prior exposure to information operations or disinformation campaigns is expected, as students will learn relevant concepts and lingo as the course progresses.