STRATEGIC CYBER SECURITY

SHE Level 5
SCQF Credit Points 15.00
ECTS Credit Points 7.50
Module Code MMN226312
Module Leader Constantinos Choromides
School GCU London
Subject GCU London
Trimesters
  • A (September start)-B (January start)
  • A (September start)
  • B (January start)
  • B (January start)-C (May start)
  • C (May start)

Summary of Content

This work-based module will provide students with a theoretical and strategic overview of cyber security implementation and management. Students will explore cutting edge systems and have a critical understanding of the changing cyber security landscape, threats, controls and the attack methodology, the early recognition of the threats and vulnerabilities to an infrastructure, computer and information assets, and how to respond appropriately to mitigate attacks and ensure business continuity. Students will be provided with a technical knowledge to secure a machine, network and infrastructure, and develop a greater understanding of their personal and corporate role in reducing a cyber security attack on an organisation. They will be able to identify the fundamentals of information security in its core constituents of confidentiality, integrity and availability of key data. As the global business environment is becoming more complex and interconnected Information Security Strategies are essential. Through use of a risk assessment processes, students will demonstrate an understanding of the key components of an Information's Security Management Programme, including incident response, media & investigative strategy, compliance, audit, governance, integrated security and digital footprint. This incremental programme focuses on people, processes and technologies and commences with a broad initial understanding of cyber and digital threat vectors to protect an organisation.

Syllabus

-360b7 Current cyber threats, vulnerabilities, impacts and mitigations in ICT systems and the enterprise environment b7 Strategic cyber security management b7 Business continuity b7 Overarching computer security concepts and foundations b7 Cyber security systems b7 Secure machine, network and application infrastructures b7 Confidentiality, integrity and availability of key data b7 Computer Intrusion detection, incident investigation and management, and digital forensics b7 Cyber risk assessments processes linked to the business function -360b7 Principal cyber security governance and cyber security strategies. Industry models b7 Information's Security Management Programme; incident response, media and investigative strategy, compliance, audit, governance, integrated security and digital footprint

Learning Outcomes

Upon successful completion of this module the student should be able to:1. Critically appraise the characteristics of cyber security threats and vulnerabilities to infrastructure and assets, interpreting information to provide innovative solutions to mitigate risks. 2. Critically evaluate technical information relating to the key components within a basic computer infrastructure and architecture to secure a machine, network and infrastructure to enable assessment of the corporate and personal capability to mitigate a cyber- security attack.3. From a business leadership perspective critically examine the fundamentals of information security in its core constituents of confidentiality, integrity and availability of key data. 4. Critically evaluate qualitative and quantitative information from risk assessment processes to analyse a range of key components of an Information's Security Management Programme.

Teaching / Learning Strategy

This work-based module adopts a blended approach to learning which combines face to face contact and online learning via GCU's virtual learning environment, GCU Learn. The teaching and learning strategy encourage an active and self-directed approach to learning. In the context of a work-based ethos, teaching and learning methods use real world and real work scenarios to promote inquiry and problem-based learning in a collaborative learning environment (Educational principles that underpin the module). Students will be expected to take a critical stance as they evaluate and synthesise academic theories and techniques in order to frame, analyse and solve actual work-based problems. The module utilises interactive lectures and seminars to introduce and explore key concepts and principles. Case studies and applied research will be used to illustrate the threat from insider activities, vulnerabilities and how this can be mitigated against. Input from guest speakers with expertise in a variety of security related disciplines will enhance the authenticity, credibility and application of education and learning to the workplace. Learners will be supported during the module by the module team including module tutors, workplace mentors and Academic Development Tutors (ADT's). Module tutors act as facilitators of learning and assessment and determine the level and accuracy of knowledge acquisition at key points in the delivery. Workplace mentors facilitate students learning and assessment in the workplace. They act as enablers to support students to identify relevant work activity that can operate as a source for work-integrated learning and assessment. ADTs provide support for academic writing and the development of study techniques. Both formative and summative assessment strategies will be adopted during the module. Formative assessment is used as a foundation upon which students can build towards their summative work. Formative opportunities will be used to provide developmental feedback to enhance students' learning and academic writing. The summative assessment will enable students to demonstrate their learning in relation to the module learning outcomes in a work-based context. Students will have access to ongoing academic support from the module leader and ADT's to help maximise potential in relation to academic writing, referencing and the development of effective study techniques. The pass mark for the module is 50%. Feedback on coursework is provided within 3 working weeks of submission.

Indicative Reading

Indicative Reading AHMAD, A., HADGKISS, J. & RUIGHAVER, A.B., 2012. Incident response teams - Challenges in supporting the organisational security function. Computers & Security [online]. 31 (5), pp.643-652. Available from: 10.1016/j.cose.2012.04.001. AHMAD, A., MAYNARD, S.B. & SHANKS, G., 2015. A case analysis of information systems and security incident responses . International Journal of Information Management [online]. 35 (6), pp.717-723. Available from: 10.1016/j.ijinfomgt.2015.08.001. BARTNES, M., MOE, N.B. & HEEGAARD, P.E., 2016. The future of information security incident management training: A case study of electrical power companies. Computers & Security [online]. 61 , pp.32-45. Available from: 10.1016/j.cose.2016.05.004. BRITISH STANDARDS INSTITUTION, 2016. BS ISO/IEC 27035-1:2016. Information technology. Security techniques. Information security incident management. Principles of incident management. London: The British Standards Institution. Available from: <https://bsol-bsigroup-com.gcu.idm.oclc.org/Bibliographic/BibliographicInfoData/000000000030267675> BRITISH STANDARDS INSTITUTION, 2016. BS ISO/IEC 27035-2:2016. Information technology. Security techniques. Information security incident management. Guidelines to plan and prepare for incident response. London: The British Standards Institution. Available from: <https://bsol-bsigroup.com.cu.idm.oclc.org/Bibliographic/BibliographicInfoData/000000000030268878> CARRIER, B. 2003. Defining Digital Forensic Examination and Analysis Tools Using Abstraction Layers. International Journal of Digital Evidence [online]. 1 (4), pp.1-12. Available from: <http://digital-evidence.org/papers/ijde_define.pdf> CASEY, E. 2011 . Digital evidence and computer crime: forensic science, computers and the Internet. Waltham, MA: Academic Press. CICHONSKI P., MILLAR T., GRANCE T. & SCARFONE K., 2012. Computer Security Incident Handling Guide: Recommendations of the National Institute of Standards and Technology [online]. National Institute of Standards and Technology: Gaithersburg, MD. Available from: <https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-61r2.pdf> HAUFE, K., COLOMO-PALACIOS, R., DZOMBETA, S., BRANDIS, K. & STANTCHEV, V., 2016. Security Management Standards: A Mapping. Procedia Computer Science [online]. 100, pp.755-761. Available from: 10.1016/j.procs.2016.09.221. JAATUN, M., 2018. Software Security Activities that Support Incident Management in Secure DevOps. In: Proceedings of the 13th International Conference on Availability, Reliability and Security, [online]. Hamburg, Germany, 27th - 30th August 2018. New York, NY: ACM, pp.1-6. Available from: 10.1145/3230833.3233275 KIM, D. & SOLOMON, M.G. 2017. Fundamentals of information systems security. 3rd ed. Burlington, MA: Jones & Bartlett Publishers, Inc. SACHOWSKI, J. 2016. Implementing digital forensic readiness: from reactive to proactive process. Cambridge, MA: Syngress. SOLMS, S.H., 2009. Information Security Governance. Boston, MA: Springer. SUSANTO, H., ALMUNAWAR, M.N. AND TUAN, Y.C., 2011. Information security management system standards: A comparative study of the big five. International Journal of Electrical Computer Sciences [online], 11 (5), pp.23-29. Available from: <https://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.673.9909&rep=rep1&type=pdf> THOMPSON, E.C., 2018. Cybersecurity Incident Response: How to Contain, Eradicate, and Recover from Incidents. Lisle, IL: Apress. WHITMAN, M.E. & MATTORD, H., 2018. Management of information security . 6th ed. Boston, MA: Cengage. Government Publications CREST, 2013. Cyber Security Incident Response [online]. Slough: CREST. Available from: <https://www.crest-approved.org/wp-content/uploads/2014/11/CSIR-Procurement-Guide.pdf> NATIONAL CYBER SECURITY CENTRE, 2019. Cyber Essentials [online]. National Cyber Security Centre. Available from: <https://www.cyberessentials.ncsc.gov.uk> NATIONAL CYBER SECURITY CENTRE, 2018. 10 steps to cyber security [online]. National Cyber Security Centre. Available from: <https://www.ncsc.gov.uk/guidance/10-steps-executive-summary> NATIONAL CYBER SECURITY CENTRE, 2018. Fundamentals of Risk [online]. National Cyber Security Centre. Available from: <https://www.ncsc.gov.uk/guidance/fundamentals-risk> US DEPARTMENT OF HOMELAND SECURITY, 2016. National Cyber Incident Response Plan [online]. Washington DC: US Department of Homeland Security. Available from: <https://www.us-cert.gov/sites/default/files/ncirp/National_Cyber_Incident_Response_Plan.pdf> Websites -360 1. Open Web Application Security Project <https://www.owasp.org/index.php> 2. CERT www.cert.org <http://www.cert.org> 3. Centre for Internet Security - Controls <https://www.cisecurity.org/controls> 4. Information Technology Infrastructure Library <http://www.itlibrary.org> 5. COBIT- ISACA 2018 <https://www.isaca.org/COBIT/Documents/An-Introduction.pdf>

Transferrable Skills

-360b7 Self-manage learning and work in a self-directed manner. -360b7 Critical thinking, problem solving and decision making. -360b7 Project management and planning. b7 Risk assessment. -360b7 Stakeholder engagement and communication. b7 Retrieval and analysis of information. b7 Develop academic writing techniques and ICT skills to underpin effective learning at master's level.

Module Structure

Activity Total Hours
Lectures (PT) 12.00
Independent Learning (PT) 108.00
Assessment (PT) 30.00

Assessment Methods

Component Duration Weighting Threshold Description
Course Work 01 n/a 100.00 50% Develop a 4000 word overarching cyber security strategy for your business / organisation with a global perspective defining the threats and vulnerabilities