Credits: 1.5 EC
Delivery: This course is takes place off-site during a full week at the start of the academic year.
Prerequisites: Students are expected to have completed the first year of study in cyber security. The material covered in the course Cyber Security management (CSM) is particularly relevant.
Motivation: Cyber security is a complex domain and students must understand what their contribution can be to the overall solution of a problem. New cyber security problems may appear suddenly (e.g. bash gate, heart bleed) and require urgent solutions. The solution may involve new technology, but also involve new (crisis) management processes based on the cooperation of people from various organizations (employees, customers, ISACs, NCSC, etc.).
Synopsis: During your first year of the master specialisation Cyber Security you have learned a lot of theory. Now is the time to prove that you have mastered the theory. Can you translate technical security problems and solutions into compelling cases for C-level executives? Can you convince executives of the risks and the opportunities of cyber security? Can you convince an audience that is primarily interested in the business? During this practical hands-on week, you will work in teams on your business skills and you will receive feedback by professionals who actively work in the security business world.
Aim: To give students a good understanding of the practical challenges and partoicularly the business aspects of Cyber Security.
Learning outcomes: The student will acquire:
- A good understanding of thecomplexity of cyber security, in terms of people, processes and technology.
- A good understanding of the threats, how to mitigate these risks in a structured approach like Prevent, Detect, Respond
- Experience in working as a team on the analysis and resolution of a realistic cyber security challenge.
Lecturers: Prof dr Pieter Hartel (UT+TUD), guest lecturers
Examination: Students work in small groups that change every day. Each group has to make at least one presentation per day and/or each student writes an individual reflection report at the end of the week. The final mark will be a pass/fail determined by the group and individual marks.
Contents: Cyberspace as 5th domain and its socio-technical (physical, digital and social) aspects, critical infrastructures, examples of high impact incidents, impact and risk identification & assessment, cascading effects, cyber risk mitigation methodologies, checklists & standards, responsibilities for cyber security, legal issues, rules & regulations, ethical issues, Internet governance.
Date and time: off-site during the first week of term in Q1, i.e from 9 am on Monday 4 Sep 2017 until 4 pm on Friday 8 Sep 2017.
Sample case: You are the new security officer of an organisation that has never had a cyber security officer before. Your task will be to professionalise the cyber security of the organisation.
Format: In five days a fictional case will be presented and studied from a number of angles. Students work in groups on specific problems, presenting the results to other groups and also plenary. Each day the groups and the perspective change. The first day focuses on understanding the organisation and the case. The remaining days focus on prevention, detection, response and crisis management. All aspects of cyber security will play a role, ranging from compliance to crypto and from pen testing to politics. During the evenings, extra challenges may be provided, such as lock picking and red-blue teaming.
Preparation: Students must have studied the cases before arriving at the off-site.