module specification

CC7178 - Cyber Security Management (2017/18)

Module specification Module approved to run in 2017/18
Module title Cyber Security Management
Module level Masters (07)
Credit rating for module 20
School School of Computing and Digital Media
Total study hours 200
 
152 hours Guided independent study
48 hours Scheduled learning & teaching activities
Assessment components
Type Weighting Qualifying mark Description
Coursework 50%   Research-based technical report (about 2500 words)
Unseen Examination 50%   Two-hour unseen written examination
Running in 2017/18

(Please note that module timeslots are subject to change)
Period Campus Day Time Module Leader
Spring semester North Tuesday Morning

Module summary

This module focuses on various aspects of Cybersecurity Management and deals mainly with the protection of information assets over the cyber space by concerted measures.

Module aims

This module aims to provide students with an appreciation of the benefits Cybersecurity Management provides within a business environment and over cyber space. This includes the choice and application of appropriate risk assessment and risk control techniques, the understanding of security standards & procedures, coupled with the application of cybersecurity technology & security measures in a business setting.

Syllabus

• Cybersecurity overview: assessing why cybersecurity is required, for example: threats from cyber space and necessities for protection ofcompany assets from threats, etc;
• Security risk assessment: an overview of security risk assessment techniques, assessing, selecting and implementing security risk assessment techniques, development of a prioritised list of information security threats;
• Security risk management: assessing, selecting and implementing controls for particular security threats;
• Cybersecurity technologies and security mechanisms;
• Cybersecurity audit;
• Legal, ethical, and professional Issues;
• Security standards and procedures: reviewing relevant standards and procedures for information/cybersecurity.

Learning and teaching

The coursework is a research-based technical report (2500 words) - online submission, which is the culmination of good literature review work carried out through using a wide mix of sources: lecture slides, textbooks, industrial standards and guidelines, research papers, and web resources. It’s aimed at developing students’ knowledge, confidence and problem solving strategies [LO4-6].

The seminar/tutorial materials, activities and informal feedback opportunities in the class and labs will be used to support student learning and provide the impetus for tackling coursework. Formative assessment and feedback opportunities will be provided to develop student understanding of the subject.

The formative exam will be used to assess students’ deeper understanding of the concepts [LO1-3].

Learning outcomes

The student should be able to:
LO1. appreciate why cybersecurity management is essential in today’s business environment and cyber space;
LO2. understand  the complexities of cybersecurity management;
LO3. appreciate the issues related to information security standards and procedures;
LO4. have seen main stream companies attempt to solve their cybersecurity problems;
LO5. evaluate critically the suitability of security risk assessment techniques in a particular context;
LO6. evaluate critically the suitability of controls for a particular security threat in a particular context;

Assessment strategy

The assessment for this module is based on a coursework and a two-hour unseen written examination, which are described as follows:

  • Coursework (50%): a research-based technical report focused on one section of the syllabus for the module, which is predominantly linked to learning outcomes 4, 5 and 6.
  • Exam (50%): two-hour unseen written examination based on the theoretical contents delivered in lectures, semesters, and tutorials, which is mainly linked to learning outcomes 1,2 and 3

Timing of assessment:

  • The coursework component is submitted in week 13.

The exam is in week 13 or later arranged by the Assessments and Conferment Office.

Bibliography

• Mike Chapple and David Seidl, (2015) Cyberwarfare: Information Operations in a Connected World, , Jones & Bartlett Learning, ISBN: 978-284-05848-2 (Core)
• Michael Whitman, Herbert Mattord Cengage, (2008) Management of Information Security, 2/E, , ISBN 13: 978-1-4239-0130-3, ISBN 10: 1-4239-0130-4
• Michael Whitman, Herbert Mattord, (2005) Principles of Information Security, ISBN 13: 978-0-619-21625-2, ISBN 10: 0-619-21625-5
• Greene, (2006) Security Policies and Procedures: Principles and Practices, 1/e, , Prentice Hall, ISBN-10: 0131866915, ISBN-13: 9780131866911
• Egan & Mather, (2005) Executive Guide to Information Security, The Threats, Challenges, and Solutions, 1/e, , Addison-Wesley, ISBN-10: 0321304519, ISBN-13: 9780321304513
• , Patterson & Blue, (2005) Mapping Security: The Corporate Security Sourcebook for Today’s Global Economy, 1/e, Addison-Wesley, ISBN-10: 0321304527, ISBN-13: 9780321304520
• Walter Fumy (Editor), JörgSauerbrey (Editor),  (2005) Enterprise Security: IT Security Solutions: Concepts, Practical, Experiences, Technologies, Wiley, ISBN: 978-3-89578-267-1
• Module Weblearn online materials