Image for

Cyber security management

  • Class 30
  • Practice 30
  • Independent work 60
Total 120

Course title

Cyber security management

Lecture type


Course code






Lecturers and associates

Course overview

This module is designed to support students’ transition from practitioner to a managing role.

In this module students will learn how to manage processes related to Cyber Security components and rules by which a secure and reliable information system is designed, implemented, and maintained.

Students will learn about:
• Security and Risk Management
• Asset Security
• Security Architecture and Engineering
• Communication and Network Security
• Identity and Access Management (IAM)
• Security Assessment and Testing
• Security Operations
• Software Development Security

This module is based on the knowledge and understanding required for a managing role in Cyber Security.


Essential reading:
1. Chapple, M., Stewart, J.M. and Gibson, D., (2018). (ISC) 2 CISSP Certified Information Systems Security Professional Official Study Guide. New York: John Wiley and Sons.

Recommended reading:
1. Warsinske, J., Graff, M., Henry, K., Hoover, C., Malisow, B., Murphy, S., Oakes, C.P., Pajari, G., Parker, J.T., Seidl, D. and Vasquez, M., (2019). The Official (ISC) 2 Guide to the CISSP CBK Reference. New York: John Wiley and Sons.

Download student guide

Minimal learning outcomes

  • Define and manage the concepts used in implementing and maintaining system security related to risk management
  • Define and manage the concepts of information equipment and assets security
  • Define and manage concepts related to security of architecture and software engineering
  • Define operational processes related to system security.
  • Define terms related to identity management and rights access
  • Define security assessment and system testing
  • Define terms related to communication and network security.
  • Define secure software development processes.

Preferred learning outcomes

  • Design a risk management process
  • Design information security management with consideration on regulatory requirements, and standardization
  • Design a secure information system using basic security model concepts and secure application design principles
  • Define and manage delivery and protection systems, implement detective and preventative measures to prevent system compromise while exploiting it, manage system testing and recovery processes against unwanted errors
  • Design authentication and authorization processes, right management
  • Carry out system testing at the level of security controls and data processing, and design and validate assessment, testing and audit strategies
  • Design communication and network security.
  • Design SDLCs and interpret standards and guides for secure coding.