Born in the 1990s, the thinking on cyber deterrence was nurtured by the U.S. Department of Defense in numerous war-gaming exercises. Hitting puberty in the aftermath of the distributed denial-of-service campaign against Estonia in 2007, cyber deterrence matured after Stuxnet and received peak attention from policymakers and academics from 2013 to 2016 during the golden age of ‘cyberwar’ scholarship. From 2016 onward, the interest in cyber deterrence started to fade to the extent that it is now intentionally neglected. The figure below captures this short life cycle by quantitatively visualizing the number of articles, book chapters, and research reports written on ‘cyber deterrence’ and ‘cyberdeterrence’ between January 1990 and January 2020.
Many universities are starting to include cybersecurity as a course of study. While there is a high degree of variation between the selected readings of the syllabi of cybersecurity courses across different universities, there is some thematic overlap. By reviewing the syllabi of university cybersecurity courses, the authors seek to systematically evaluate this nascent field and advance its maturity.