CC7178 - Cyber Security Management (2023/24)
|Module specification||Module approved to run in 2023/24|
|Module title||Cyber Security Management|
|Module level||Masters (07)|
|Credit rating for module||20|
|School||School of Computing and Digital Media|
|Total study hours||200|
|Running in 2023/24(Please note that module timeslots are subject to change)||
This module focuses on various aspects of Cybersecurity Management and deals mainly with the protection of information assets over the cyber space by concerted measures.
This module aims to provide students with an appreciation of the benefits Cybersecurity Management provides within a business environment and over cyber space. This includes the choice and application of appropriate risk assessment and risk control techniques, the understanding of security standards & procedures, coupled with the application of cybersecurity technology & security measures in a business setting.
1. Cybersecurity overview: assessing why cybersecurity is required, for example: threats from cyber space and necessities for protection of company assets from threats, etc; [LO1-LO5]
2. Security risk assessment: an overview of security risk assessment techniques, assessing, selecting and implementing security risk assessment techniques, development of a prioritised list of information security threats; [LO1-LO5]
3. Security risk management: assessing, selecting and implementing controls for particular security threats; [LO1-LO5]
4. Cybersecurity technologies and security mechanisms; [LO1-LO5]
5. Cybersecurity audit; [LO1-LO5]
6. Legal, ethical, and professional Issues; [LO1-LO5]
7. Security standards and procedures: reviewing relevant standards and procedures for information/cybersecurity. [LO1-LO5]
Balance of independent study and scheduled teaching activity
Students will develop theoretical understanding and practical skills in the subject area based on weekly lectures, tutorials and supervised workshops. The tutorials and workshops, in particular, are provided to support students in gaining practical experience in tackling a wide range of computer security related issues and problems.
Appropriate blended learning approaches and technologies, such as, the University’s VLE and online tools, will be used to facilitate and support student learning, in particular, to:
• deliver content;
• encourage active learning;
• provide formative and summative assessments, and prompt feedback;
• enhance student engagement and learning experience.
Students will be expected and encouraged to produce reflective commentaries and an action plan for personal development on the learning activities and tasks that they carry out to complete their work, e.g. in the form of an assessed section of their coursework report/essay.
The student should be able to:
LO1. appreciate the vital role of and understand the complexities of cybersecurity management in today’s business environment and cyber space;
LO2. appreciate the issues related to information security standards and procedures;
LO3. Evaluate and assess main stream companies attempts to solve their cybersecurity problems;
LO4. evaluate critically the suitability of security risk assessment techniques in a particular context;
LO5. evaluate critically the suitability of controls for a particular security threat in a particular context;
The coursework will involve developing research-based technical solutions to a wide range of computer security problems and issues using appropriate methods, techniques and tools [LO1-LO5]. Students will produce a report detailing their work based on some case study, scenario or investigation.
The final exam will further assess students’ broader understanding of the theoretical concepts of the subject [LO1 and LO5].
Students will be encouraged to complete weekly tutorial and workshop exercises as well as periodic formative diagnostic tests to enhance their learning. During tutorial and workshop sessions students will receive ongoing support and feedback on their work to promote engagement and provide the basis for tackling the summative assessments.
The assessment for this module is based on a coursework and a two-hour unseen written examination, which are described as follows:
• Coursework (50%): a research-based technical report focused on one section of the syllabus for the module, which is predominantly linked to learning outcomes 4 and 5.
• Exam (50%): two-hour unseen written examination based on the theoretical contents delivered in lectures, semesters, and tutorials, which is mainly linked to learning outcomes 1,2 and 3
Timing of assessment:
• The coursework component is submitted in week 13.
The exam is in week 13 or later arranged by the Assessments and Conferment Office.
Arrangements for formative and summative feedback
Formative and summative feedback will be provided using a variety of methods and approaches, such as learning technologies, at various points throughout the teaching period and will adhere to University policy regarding the timing of feedback.