- Class 30
- Practice 30
- Independent work 60
Cyber security management
Lecturers and associates
This module is designed to support students’ transition from practitioner to a managing role.
In this module students will learn how to manage processes related to Cyber Security components and rules by which a secure and reliable information system is designed, implemented, and maintained.
Students will learn about:
• Security and Risk Management
• Asset Security
• Security Architecture and Engineering
• Communication and Network Security
• Identity and Access Management (IAM)
• Security Assessment and Testing
• Security Operations
• Software Development Security
This module is based on the knowledge and understanding required for a managing role in Cyber Security.
1. Chapple, M., Stewart, J.M. and Gibson, D., (2018). (ISC) 2 CISSP Certified Information Systems Security Professional Official Study Guide. New York: John Wiley and Sons.
1. Warsinske, J., Graff, M., Henry, K., Hoover, C., Malisow, B., Murphy, S., Oakes, C.P., Pajari, G., Parker, J.T., Seidl, D. and Vasquez, M., (2019). The Official (ISC) 2 Guide to the CISSP CBK Reference. New York: John Wiley and Sons.
Minimal learning outcomes
- Define and manage the concepts used in implementing and maintaining system security related to risk management
- Define and manage the concepts of information equipment and assets security
- Define and manage concepts related to security of architecture and software engineering
- Define operational processes related to system security.
- Define terms related to identity management and rights access
- Define security assessment and system testing
- Define terms related to communication and network security.
- Define secure software development processes.
Preferred learning outcomes
- Design a risk management process
- Design information security management with consideration on regulatory requirements, and standardization
- Design a secure information system using basic security model concepts and secure application design principles
- Define and manage delivery and protection systems, implement detective and preventative measures to prevent system compromise while exploiting it, manage system testing and recovery processes against unwanted errors
- Design authentication and authorization processes, right management
- Carry out system testing at the level of security controls and data processing, and design and validate assessment, testing and audit strategies
- Design communication and network security.
- Design SDLCs and interpret standards and guides for secure coding.