Availabilities:
2020 unit offering information will be available in September 2019
Unit aim
Gives students an in-depth understanding of cybersecurity from a management perspective including strategy (people), operations (process) and tactical (technology) pillars. Students will learn the knowledge and skills to manage cyber risks, recommend appropriate controls and contribute to developments of cyber security policies, standards and guidelines in SME.
Unit content
Topic 1: Cybersecurity management frameworks
Topic 2: Cybersecurity executive management
Topic 3: Cybersecurity intelligence
Topic 4: Cyber risk management
Topic 5: Cybersecurity assessment and testing
Topic 6: Secure systems
Topic 7: Secure network
Topic 8: Secure applications
Topic 9: Contemporary issues in cybersecurity
Learning outcomes
Unit Learning Outcomes express learning achievement in terms of what a student should know, understand and be able to do on completion of a unit. These outcomes are aligned with the graduate attributes. The unit learning outcomes and graduate attributes are also the basis of evaluating prior learning.
Learning outcomes and graduate attributes
GA1: Intellectual rigour,
GA2: Creativity,
GA3: Ethical practice,
GA4: Knowledge of a discipline,
GA5: Lifelong learning,
GA6: Communication and social skills,
GA7: Cultural competence| On completion of this unit, students should be able to: | GA1 | GA2 | GA3 | GA4 | GA5 | GA6 | GA7 |
|---|
| 1 | Assess cyber security risks to a small-to-medium enterprise (SME) and define, document and publish the directions the required cybersecurity program will adopt to address the risk | | | | Knowledge of a discipline | | | |
| 2 | Develop and review cybersecurity policies, operational standards, processes, procedures and other collateral for ensuring security of a business information system | | | Ethical practice | Knowledge of a discipline | | | |
| 3 | Propose required cybersecurity controls to advanced, persistent threats and create recovery procedures and business continuity plans for use after any successful penetration of an information system | | | | Knowledge of a discipline | | | |
| 4 | Assess the effectiveness of cybersecurity controls used by an organisation and communicate the evidence to management | | | Ethical practice | Knowledge of a discipline | | | |
| 5 | Conduct research and provide advice and guidance on recent trends and development in cybersecurity management. | | | | Knowledge of a discipline | Lifelong learning | | |
On completion of this unit, students should be able to:
- Assess cyber security risks to a small-to-medium enterprise (SME) and define, document and publish the directions the required cybersecurity program will adopt to address the risk
- GA4:
Knowledge of a discipline
- Develop and review cybersecurity policies, operational standards, processes, procedures and other collateral for ensuring security of a business information system
- GA3:
Ethical practice
- GA4:
Knowledge of a discipline
- Propose required cybersecurity controls to advanced, persistent threats and create recovery procedures and business continuity plans for use after any successful penetration of an information system
- GA4:
Knowledge of a discipline
- Assess the effectiveness of cybersecurity controls used by an organisation and communicate the evidence to management
- GA3:
Ethical practice
- GA4:
Knowledge of a discipline
- Conduct research and provide advice and guidance on recent trends and development in cybersecurity management.
- GA4:
Knowledge of a discipline
- GA5:
Lifelong learning
Prescribed texts
Session 1
- Free e-book available from https://www.nist.gov/cyberframework: NIST, Cybersecurity Framework.
- Free e-book: Harris, S & Maymi, F, 2016, CISSP All-in-One Exam Guide, 7th edn. ISBN: B01G2RY8H0.
- Required for project: Free resource available from https://www.owasp.org/images/1/19/OTGv4.pdf: OWASP, Testing Guide 4.0.
Session 3
- Prescribed text information is not currently available.
Prescribed texts may change in future study periods.