Course content

• Human, Organizational, and Regulatory Aspects of Cybersecurity: risk management; law, regulation, standards; privacy.
• Attacks and Defenses: malware; adversarial behaviors; security operations; forensics.
• Systems Security: cryptography; identity management & authentication; software security. Infrastructure Security: network security; cyber physical systems security; critical infrastructure security.

Learning outcome

Knowledge

• Advanced knowledge of organizational and technological management of cybersecurity risk
• In-depth knowledge of methods and frameworks for organizational and technological management of cybersecurity risk
• Can apply the knowledge to relevant areas in own business
• Can analyze relevant academic issues based on the subject area's history, traditions, uniqueness and place in society

Skills

• Analyze and relate critically various sources of information and apply these to structure and formulate professional reasoning
• Use existing theories, methods and interpretations within organizational and technological management of digital risk and independent work with practical and theoretical problem solving
• Choose relevant methods for professional development work in an independent way.

General competence

• Analyze relevant professional and ethical issues
• Apply knowledge and skills in new areas to carry out advanced work tasks and projects
• Can convey independent work and masters the subject area's forms of expression
• Can communicate about professional issues, analyses and conclusions within the subject area, both with specialists and to the general public
• Can follow up new thinking and innovation processes.

Learning methods and activities

The course consists of a startup physical gathering, an asynchronous online part based on recorded lectures, and a final mandatory assignment. It is planned that the students will work with issues that are related to their everyday work with a focus on technological and organizational challenges related to cybersecurity. In addition to this, students will also be expected to make a digital presentation and to carry out peer reviews of their fellow students' work.

Blackboard, NTNU's digital learning platform will be used throughout.

The entire course is normally completed in 10-12 weeks. The total workload for the participants is approx. 120 hours, including own work.

Further on evaluation

By means of a final mandatory assignment, to be carried out either individually or in small groups of students. Pass/Fail evaluation.

The submission deadline for the assignment is normally 3 weeks after the last learning activity. In the case of failure, the subject must be taken again in its entirety.

Specific conditions

Recommended previous knowledge

• Completed degree in technology, economics, management or science of 180 credits.
• Minimum two years relevant work experience
• Working conditions must be documented with a certificate from the employer describing the type of job / work tasks, job percentage and duration.

If the candidate does not have a bachelor's degree or equivalent completed education of at least 180 credits, he / she can request a prior learning assessment of his / her admission basis.

Course materials

• Book: M.E. Whitman and H.J. Mattord: "Principles of Information Security", seventh edition, Cengage 2022.

Credit reductions