After the course, the student recognizes the need for cybersecurity measures, and has the knowledge of the techniques and methods to bring them into place. The student understands the information assurance fundamentals (CIA + Parker + ISO); cryptography techniques; operating systems, and application security; threats, vulnerabilities, and attacks; security models; security analysis, and security design; risk management, and risk mitigation; physical security; compliance, standards, policies, and best practices; cybersecurity frameworks; and finally the main authority organizations. The student understands about the social responsibility associated with cybersecurity; the related matters as/to business, legalization, and privacy; and finally the balance between the social business benefits and cybersecurity practices. After the course, the student is able to apply cyber security practices and the mitigation techniques to avoid attacks and violations in an organization, and to use the main software tools for cyber security management. With respect of the generic skills, the stu-dent has learned organizational operation skills; interpersonal skills; problem-solving, and decision-making skills; and critical thinking skills.
1. Cyber Security Fundamentals.
2. Attacks and violation techniques.
3. Malicious code.
4. Threat / Vulnerability assessments and risk analysis.
5. Security management.
6. Security architectures and models.
7. Physical security.
8. Operations security.
9. Application Security.
10. Defense and analysis techniques.
11. Business continuity and recovery plans.
12. Law, Business, Privacy, Investigation and Ethics.
13. Standards and authorities.
14. Cases on cyber security.
1. Lecturer notes.
2. “Cyber Security Essentials”, James Graham, Richard Howard, and Ryan Olson. 2011.
3. “The CISSP Prep Guide: Gold Edition” Ronald L. Krutz, and Russell Dean Vines. 2003.
4. NIST Cyber Security Framework CSF.
5. IEC/ISO 62443.
6. IEC/ISO 27001 & 27002.
7. ISF Standard of Good Practice SoGP.
8. Selected articles on cybersecurity.
Lectures 20 h, exercises 20 h, and independent work 90 h.
The course will be given as article-based, which consists of chapters from the main references in this field. Moreover, the course will be merely based on active participation not traditional lecturing. A brief introduction will be given then tasks will be distributed among students, to work in groups, to write reports, and each group will make a presentation in their week. The course will be taught on distant learning basis.
Responsible Person: Prof. Tero Vartiainen
Teacher(s): Bahaa Eltahawy, Duong Dang
Responsible Unit: School of Technology and Innovations
Right to participate: available for all, max 60 students are accepted to the course
Additional Information: Check Moodle. The course is not organised during academic year 2019-2020