ITI42220 Cybersecurity Risk Management and Incident Response (Spring 2024)

The course is connected to the following study programs

Mandatory course in the master programme in applied computer science with specialisation in cyber security, full-time and part-time.

Recommended requirements

Fundamentals of cyber security.

Lecture Semester

Second semester (spring) in the full-time and part-time programme.

The student's learning outcomes after completing the course

Knowledge

The student

• understands the differences between security concerns in information technology and operational technology settings

• has a good overview of industry best practices and guidelines for managing cybersecurity risks

• can apply approaches and methods to identify, analyse and evaluate cybersecurity threats

• has a general knowledge of how cyber events are detected and responded to in an realistic operational environment

Skills

The student is able to

• apply industry guidelines for managing cybersecurity risk in industrial settings

• perform security risk analysis on realistic systems

• gain awareness on how various cyber incidents are handled

General competence

The student gets hands-on experience in assessing and managing cybersecurity risks, and gains knowledge on cyber event detection and response in a realistic operational setting.

Content

• Introduction to Information Technology and Operational Technology systems security

• Threat and vulnerability assessment

• Operational cyber event detection and response

Forms of teaching and learning

Teaching will be based on blended learning approaches. There will be lectures and lab exercises on the topics of the course in a weekly or bi-weekly basis. Lab exercises will be performed in collaboration with the Institute for Energy Technology’s Cybersecurity Centre.

Workload

Approx. 280 hours.

Coursework requirements - conditions for taking the exam

The student must deliver a report on the case study

Coursework requirements must be accepted to qualify for the exam.

Examination

Individual oral exam and a report on case study.

The exam is divided into two parts:

Individual oral exam (50%) is based on the course curriculum. Duration approximately 30 min. No supporting materials allowed.

Report on a selected case study (50%). The case study is chosen by the course responsible. The case study will be performed and reported in groups of three-four students. The students will get an individual grade.

Grading scale A - F in both parts. Both parts of the exam must be passed to pass the course. The student will get an individual joint grade for the entire course.

Examiners

External and internal examiner, or two internal examiners.

Conditions for resit/rescheduled exams

Upon re-examination, each part of the examination can be retaken.

Course evaluation

This course is evaluated by a:

• Mid-term evaluation (compulsory)

The responsible for the course compiles a report based on the feedback from the students and his/her own experience with the course. The report is discussed by the study quality committee at the Department of Computer Science and Communication.

Literature

The current reading list for 2024 Spring can be found in Leganto