Availabilities:
| Location | Domestic | International |
|---|
| Gold Coast | | |
| Melbourne | N/A | |
| Online | | N/A |
| Papua New Guinea - IBSU Port Moresby | N/A | |
| Perth | N/A | |
| Sydney | N/A | |
Unit description
Gives students an in-depth understanding of cybersecurity from a management perspective including strategy (people), operations (process) and tactical (technology) pillars. Students will learn the knowledge and skills to manage cyber risks, recommend appropriate controls and contribute to developments of cyber security policies, standards and guidelines in SME.
Unit content
Topic 1: Cybersecurity management frameworks
Topic 2: Cybersecurity executive management
Topic 3: Cybersecurity intelligence
Topic 4: Cyber risk management
Topic 5: Cybersecurity assessment and testing
Topic 6: Secure systems
Topic 7: Secure network
Topic 8: Secure applications
Topic 9: Contemporary issues in cybersecurity
Learning outcomes
Unit Learning Outcomes express learning achievement in terms of what a student should know, understand and be able to do on completion of a unit. These outcomes are aligned with the graduate attributes. The unit learning outcomes and graduate attributes are also the basis of evaluating prior learning.
| On completion of this unit, students should be able to: |
|---|
| 1 | Assess cyber security risks to a small-to-medium enterprise (SME) and define, document and publish the directions the required cybersecurity program will adopt to address the risk |
| 2 | Develop and review cybersecurity policies, operational standards, processes, procedures and other collateral for ensuring security of a business information system |
| 3 | Propose required cybersecurity controls to advanced, persistent threats and create recovery procedures and business continuity plans for use after any successful penetration of an information system |
| 4 | Assess the effectiveness of cybersecurity controls used by an organisation and communicate the evidence to management |
| 5 | Conduct research and provide advice and guidance on recent trends and development in cybersecurity management. |
On completion of this unit, students should be able to:
- Assess cyber security risks to a small-to-medium enterprise (SME) and define, document and publish the directions the required cybersecurity program will adopt to address the risk
- Develop and review cybersecurity policies, operational standards, processes, procedures and other collateral for ensuring security of a business information system
- Propose required cybersecurity controls to advanced, persistent threats and create recovery procedures and business continuity plans for use after any successful penetration of an information system
- Assess the effectiveness of cybersecurity controls used by an organisation and communicate the evidence to management
- Conduct research and provide advice and guidance on recent trends and development in cybersecurity management.
Prescribed texts
- Free e-book available from https://www.nist.gov/cyberframework: NIST, Cybersecurity Framework.
- Free e-book: Harris, S & Maymi, F, 2016, CISSP All-in-One Exam Guide, 7th edn. ISBN: B01G2RY8H0.
- Required for project: Free resource available from https://www.owasp.org/images/1/19/OTGv4.pdf: OWASP, Testing Guide 4.0.
Prescribed texts may change in future teaching periods.