BSc (Hons) Cyber Security Management

Course details On this course you will usually be taught by a range of staff with relevant expertise and knowledge appropriate to the content of the unit. This will include senior academic staff, qualified professional practitioners, demonstrators, technicians and research students. You will also benefit from regular guest lectures from industry. Year 1 Core units Cyber Security Management Fundamentals: This introductory unit will outline the increasingly challenging and pervasive field of cyber security & the relevant terminology and basic concepts of the cyber security domain. The unit will overview of the main topics of cyber security as defined in ISACA’s Cyber Security Nexus (CSX) programme. The knowledge obtained in this unit will support the further development and specialisation in the subsequent and advanced units on managing cyber security. Cyber Psychology: Group discussions and activities will encourage you to critically reflect on the role of psychology factors in the instigation, prevention and mitigation of cyber security incidents and management. You will learn to evaluate the different methodologies needed to undertake research into internet-enabled human behaviour. We will examine the psychological effects of the internet on individuals, groups, commercial organisations and society. The unit tackles topics such as social computing, cyber-bullying, website trust, and consumer attitudes to security. Principles of Programming: You will learn the fundamental skills and understanding of utilising software scripts in a modern scripting language. You will develop competencies to implement security related tasks in a single scripting language, concentrating on Programming Fundamentals, System and Network Log Analysis, and the Security related issues of programming Digital Forensics Fundamentals: The role of this unit is to provide fundamental skills in understanding the techniques and technologies of forensics, e-discovery, digital investigations and security as they apply in the digital (computer-based) environment. You will learn to construct appropriate security plans, and select and execute relevant forensic techniques as they apply in distributed and non-distributed environments. The focus for practical work will be file forensics. Computer Security: You will learn to understand how integrating security mechanisms and defence-in-depth protection will better manage information services and their processes, storage and transit of data and why this has become an important science and architecture within computing. You will conduct risk mitigation of exposing software systems to intrusion and tampering, developing architectural patterns and security principles to create composite security pattern taxonomy. Business Systems Analysis: This unit provides underpinning for final year units which look in more detail at defining business strategies to mitigate vulnerabilities and provide a secure operating environment in the context of the current threat landscape. Year 2 Core units Cyber Security Management: This unit covers the concepts of managing information protection in organisations, how issues of compliance and awareness are dealt with a view to attaining assured systems. Emphasis is given on existing standards and practices, ethics and the development of security policies, change, configuration and patch. Case studies will demonstrate real world issues, and you will be asked to reflect on all aspects of case studies and draw lessons for future reference. Economics of Information Security: Using case-study examples, you will look at the range of factors firms must consider when setting their information security strategy. Incentives, externalities and vulnerabilities influence executive choices on enterprise investment in security products. You will learn to understand the methodologies used to estimate the economic costs of cybercrime and the role regulations play in better aligning incentives for organisations with information security. Enterprise Security and Privacy: This unit provides a detailed picture of the security and privacy issues surrounding an enterprise, i.e. an entity that incorporates business, information and technology and where its value is greater than the sum of its parts. We will cover a number of services found in a modern organisation and an emphasis will be given to services outsourced in a cloud environment. This emphasis is motivated by the fact that cloud security has been ranked as the greatest challenge of business engagement with cloud service provision. Business Continuity Management: On completion of this unit you will develop a competent plan for implementing an ICT Readiness for Business Continuity (IRBC) management system based on business requirements as defined by its management of business risk, contingency planning and disaster recovery. During the unit you will cover the wider topic of resilience, which is the ability of an organisation to keep functioning during and after an attack, incident or natural disaster. Forensic Law & Practice: You will gain a thorough understanding of the laws relating to cybercrime, and the ethical and professional issues demanded by industry, consumer watchdogs, Government and relevant professional body standards. There will be comprehensive coverage of the entire criminal process from police investigation through the trial process to appeals and rectifications of miscarriages of justice. Security Information and Event Management (SIEM): This unit builds upon a number of previous units such as Programming for Digital Forensics Fundamentals, Programming for Security, Computer Security, and Enterprise Security and Privacy. Having established that the security of a system will eventually fail, the “correct” response to a security incident is of critical importance for the sustainability of an organisation. The unit will be delivered through a combination of lecturer-led sessions and practical lab exercises. Year 3 You'll complete a minimum 30-week industrial work placement which can be carried out anywhere in the world. The placement year offers a chance to gain experience and make contacts for the future. Year 4 Core units Cybercrime: External speakers will contribute to sessions where the focus for consideration of the criminal threats to the cyber security of organisations. The underlying ethos is that the resolution of many is the important issues lies beyond the technologies: it resides in a combination of the use of appropriate technologies and tools, in sound management processes and in the psychology and sociology of the stakeholders. The unit will be delivered through a mix of lecturer-led and learner-led sessions, typically based around case studies or journal articles. Cyber Security Assurance: Cyber Security is a UK National Tier-1 Threat and our capability to mitigate this risk is strategically led by the Cabinet Office and its Office of Cyber Security & Information Assurance with the support of The Home Office, GCHQ, Centre for Protection of the National Infrastructure, National Crime Agency and other government agencies. Internationally the UK works with DHS, FBI, ENISA, EUROPOL, INTERPOL, as well the United Nations and with numerous law enforcement and defence agencies to combat the cyber, criminal and state threat, negating the actors & malware agents and reduce cyberspace vulnerabilities. Cyber Security Assurance (CSA) is a global multi-agency, multi-sectorial, multi-disciplinary subject and within this unit the students will become aware of the complexity and risk to assure Global Security. Cyber Situation Awareness: Cyber security managers should be capable of constructing and understanding the threat landscape in their organisations. Cyber situational awareness is an interdisciplinary, evolving complex topic requiring co-ordinated synergy between technical capabilities and human competencies. The aim of this unit is to provide the learner with the necessary skills and knowledge to manage cyber situational awareness as a main component in the development of a Security Operations Centre. Individual Project: To conclude the course, you will pursue a topic of your choice, and demonstrate your ability to study independently. The project is a significant piece of work, and will provide invaluable transferable skills. You will identify and systematically study a problem and select, evaluate and implement an appropriate approach towards a solution. You will appraise your own work throughout, and present coherently the relevance of your project to the security agenda. Scheduled learning and teaching activities Contact hours The hours below give an indication of how you can expect to spend your time during each year of this course. You will learn through a combination of lectures, seminars, tutorials, workshops and practical sessions. Your independent learning could include reading books and journal articles, working on group projects, preparing presentations, conducting library research and writing your assignments. Year 1 – 26% of your time will be spent in timetabled learning & teaching activities Learning and teaching: 408 hours (estimated) Independent learning: 792 hours (estimated) Year 2 – 32% of your time will be spent in timetabled learning & teaching activities Learning and teaching: 384 hours (estimated) Independent learning: 816 hours (estimated) Year 3 - Optional placement Final year - 14% of your time will be spent in timetabled learning & teaching activities Learning and teaching: 168 hours (estimated) Independent learning: 1032 hours (estimated) 46% of the course is assessed by coursework Year 1: 60% Year 2: 38% Year 3: 0% Final year: 87% Throughout the course you will be assessed by coursework culminating in your final year research project, but you will also undertake group work and written exams. Programme specification Programme specifications provide definitive records of the University's taught degrees in line with Quality Assurance Agency requirements. Every taught course leading to a BU Award has a programme specification which describes its aims, structure, content and learning outcomes, plus the teaching, learning and assessment methods used. Download the programme specification for BSc (Hons) Cyber Security Management. Whilst every effort is made to ensure the accuracy of the programme specification, the information is liable to change to take advantage of exciting new approaches to teaching and learning as well as developments in industry. If you have been unable to locate the programme specification for the course you are interested in, it will be available as soon as the latest version is ready. Alternatively please contact us for assistance. All statistics shown are taken from Unistats, Destination of Leavers from Higher Education (DLHE), BU institutional data and Ipsos MORI (National Student Survey) unless otherwise stated.