English   Danish

2024/2025  KAN-CDSCV2402U  Cybersecurity Foundations, Threats, and Compliance

English Title
Cybersecurity Foundations, Threats, and Compliance

Course information
Language English
Course ECTS 7.5 ECTS
Type Elective
Level Full Degree Master
Duration One Semester
Start time of the course Autumn
Timetable Course schedule will be posted at calendar.cbs.dk
Max. participants 80
Study board
Master of Science (MSc) in Business Administration and Data Science
Course coordinator
  • Raghava Rao Mukkamala - Department of Digitalisation (DIGI)
Main academic disciplines
  • Information technology
  • Statistics and quantitative methods
Teaching methods
  • Blended learning
Last updated on 12-11-2024

Relevant links
Learning objectives
To achieve the grade of 12, students should meet the following learning objectives only with no or minor mistakes or errors. By the end of the course the students will be able to:
  • Summarize different fundamental concepts and methods for network security, cyber threats, cyber-attacks and cybersecurity analytics.
  • Demonstrate an in-depth understanding of various techniques to identify cyber threats, vulnerabilities, and attacks in an organizational or societal context.
  • Critically assess the usage of various techniques to identify malicious behaviour and intrusion detection in the organizational context.
  • Recognize and outline the need for cybersecurity and cybersecurity analytics in an organizational context and identify suitable techniques to achieve cybersecurity goals for the potential benefits of the organizations.
  • Characterize the linkages between cybersecurity threats/attacks and the need to protect organizational assets and formulate cybersecurity strategies and policies for the business.
  • Exhibit more profound knowledge and understanding of the topics as part of the project. The report should reflect on critical awareness of the methodological choices with written skills to accepted academic standards.
Course prerequisites
Even though this course has no prerequisites, it requires an interest in and commitment to learning and acquiring the necessary skills to understand cybersecurity concepts and hands-on exercises. However, no prior cybersecurity knowledge is needed.
Prerequisites for registering for the exam (activities during the teaching period)
Number of compulsory activities which must be approved (see section 13 of the Programme Regulations): 2
Compulsory home assignments
The students have get 2 out of 3 quizzes approved to qualify for the exam.
The quizzes are individual will be conducted at diffident stages of the course to test the student's understanding of core concepts of the course.

There will not be any extra attempts provided to the students before the ordinary exam. If a student cannot participate in the activities due to documented illness, or if a student does not get the activity approved despite making a real attempt, then the student will be given an extra attempt before the re exam: one home assignment (max. 10 pages) which will make up for two mandatory activities.
Examination
Cybersecurity Foundations, Threats and Compliance:
Exam ECTS 7,5
Examination form Oral exam based on written product

In order to participate in the oral exam, the written product must be handed in before the oral exam; by the set deadline. The grade is based on an overall assessment of the written product and the individual oral performance, see also the rules about examination forms in the programme regulations.
Individual or group exam Individual oral exam based on written group product
Number of people in the group 2-4
Size of written product Max. 15 pages
Students are encouraged to form a group of 2-4 for the written product. However, a student can also choose to write the written product individually. The size of the individual written product is a maximum of 15 pages.
Assignment type Project
Release of assignment An assigned subject is released in class
Duration
Written product to be submitted on specified date and time.
20 min. per student, including examiners' discussion of grade, and informing plus explaining the grade
Grading scale 7-point grading scale
Examiner(s) Internal examiner and second internal examiner
Exam period Winter
Make-up exam/re-exam
Same examination form as the ordinary exam
Description of the exam procedure

To participate in the oral exam, the written product must be handed in before the oral exam; by the set deadline. The grade is based on an overall assessment of the written product and also the individual oral exam performance, covering the topics of the course.
Course content, structure and pedagogical approach

In an era where cybersecurity challenges are escalating globally, understanding the foundational aspects of cybersecurity is crucial. This course is designed to provide comprehensive knowledge about cybersecurity, focusing on its importance at both a technical and business level. The course is relevant to the evolving cybersecurity landscape in the Danish and EU contexts, acknowledging that cybersecurity is no longer just a computer science issue but a widespread business concern.

 

The course begins with the fundamentals of computer networking, introducing networking devices, security issues, and the overarching concept of cybersecurity. This foundational knowledge sets the stage for a deeper exploration of the cybersecurity threats landscape.

Students will learn about various cyber threats, including malware, ransomware, spyware, and other types of viruses, gaining insights into the nature of these threats and their impact. The course emphasizes understanding the different types of cyber-attacks and the strategies for their prevention.

 

As the course progresses, students will engage with real-world scenarios that highlight network security issues and explore potential cybersecurity solutions. These practical case studies will help students understand the complexities of cybersecurity in a business context.

 

Key topics covered in the course include:

  • Basics of computer networks, network design, and IP addressing.
  • Detailed analysis of cyber-attacks and preventive measures.
  • In-depth study of the cybersecurity threats landscape, focusing on Advance Persistent Threats, Crime actors and their malware and their Modus Operandi.
  • Practical aspects of device security, including password threats, email security, cookies, and firewalls.
  • Basic practical exercises in finding vulnerabilities in computer systems and Internet of Things (IoT) using open-source tools and discussing how to mitigate the threats from a cooperative perspective.
  • Wireless network security, techniques like sniffing, safer browsing practices, and the use of Virtual Private Networks (VPNs).
  • Cybersecurity Corporate Governance Models, focusing on how businesses can incorporate cybersecurity strategies into their governance frameworks.

 

 

Throughout the course, students will develop not only a theoretical understanding but also practical analytical skills. They will learn to present concrete security solutions tailored to business organizations. This course equips students with a solid foundation in cybersecurity, coupled with the analytical skills necessary to navigate the complex world of cyber threats and compliance. The course will also use various international standards like ISO and guidelines like EU-wide legislation on cybersecurity, such as the NIS2 (Network and Information Security Directive), to provide students with best practices and real-world case studies. Students will gain hands-on experience using industry-specific and open-source security tools, preparing them for the challenges they will face in the field of cybersecurity.

 
Description of the teaching methods
This course is a blended-learning course and contains the following teaching materials.

Lecture slides
Readings
Pre-recorded Videos
Scientific articles
Handouts
Feedback during the teaching period
Quizzes will be used systematically to test student's understanding of the course content at various stages of the course. Oral feedback is given collectively at the lectures based on student answers in quizzes. Additionally, feedback in the forms of question / answers and discussions during the class will be provided.
Student workload
Lectures 20 hours
Hands-on Exercises 20 hours
Preparation to classes 80 hours
Project work and report 76 hours
Preparation for exam 10 hours
Total 206 hours
Expected literature

The literature can be changed before the semester starts. Students are advised to find the final literature on Canvas before they buy any material.

 

Main textbook(s):

 

  1. Easttom, W,. 2019. Computer Security Fundamentals. Pearson IT Cybersecurity Curriculum. 4th Edition, ISBN-13:978-0135774779

 

Research articles and lecture notes will be supplied during the course.
Last updated on 12-11-2024