Examination arrangement

Course content

• Introduction to socio-technical risks, threats, and vulnerabilities modeling and analysis
• Socio-technical root cause and impact analysis of crimes enabled by socio-technical changes and innovations
• Multi-level and multi-paradigmatic perspectives on socio-technical transitions in digital ecosystems
• Utilization of economic, political, regulatory, and legal instruments to address socio-technical enabled crimes at national and international levels
• Introduction to open source cyber security intelligence sources

Learning outcome

Knowledge:

• Understanding the socio-technical ICT evolution and innovation that has taken place over the last decades.
• Understanding the widening socio-technical gap in the organizations and governments and reflecting on how to tackle the vulnerabilities caused by this gap.
• Applying broad systems theory perspectives connected to practical cases so they will have the insight to implement a roadmap for information security in organizations and businesses.
• Gaining insight and understanding of crimes caused by socio-technical changes in the societies and proposing sustainable preventive recommendations for these crimes using social sciences, in particular, criminology and systems theory.
• Understanding the socio-technical risk analysis and reflecting on the use of appropriate security metrics for the analysis.
• Good knowledge of how cybersecurity laws, policies, and strategies can contribute to mitigating the risk of socio-technical enabled crimes.

Skills:

• Ability to connect social concepts to technical security problems and solutions.
• Ability to participate in strategy and policy debates about socio-technical issues at national and international levels.
• Ability to use relevant systems sciences and socio-technical theory in independent research and development in information security organization and management
• Ability to perform critical analysis of various literature sources and apply them in structuring and formulating scientific reasoning information security organization and management.
• Ability to carry out an independent limited research or development project in information security and management under supervision, following the applicable ethical rules.
• Ability to use open source cyber security threat intelligence

General competence:

• The student can analyze relevant professional and research ethical problems in information security organizations and management.
• The student can apply his/her information security knowledge and skills in new fields, to accomplish advanced tasks and projects.
• The student can use rhetorical techniques to discuss professional problems, analyses, and conclusions in the information security organization and management, both with specialists and with a general audience.
• The student can contribute to innovation and innovation processes in information security and socio-technical modeling and analysis for information security management.

Learning methods and activities

This course is only available if min 5 students will register for the course. -Hybrid lectures -Self-study / mainly reading materials -Group work -Seminar(s) -E-learning -Compulsory assignments -Project work -Reflection

Additional information: -The course will be made accessible for both campus(Gjøvik) and remote students. Every student is free to choose the pedagogic arrangement form that is best fitted for her/his own requirement. The lectures in the course will be recorded and streamed and if there is sufficient students interest will be given physically on campus (Gjøvik). All the lectures will also be available on Internet through NTNU's learning management system. During the course open online office hour will offered bi-weekly to the students for individual discussion. This individual discussion can be held on weekend and week nights to support students that have full time day activities.

Mandatory assignments:

There are two mandatory assignments the courses that can be done individual or in groups. The mandatory labs need to be completed before the term paper.

Compulsory assignments

• Lab assignments

Further on evaluation

Examination Form

There are two mandatory assignments in the course that are graded pass/fail. The labs can be done individually or in groups. The labs have to be completed before the student can had in the term paper.

There are no exams in the course only a term paper. The term paper is a socio-technical root cause analysis of a cyber crime incident or phenomenon. The term paper should be a maximum of 5000 words and should use academic principles for citations and references.

Specific conditions

Recommended previous knowledge

This is a 3rd semester course in a 4 semster master program

Required previous knowledge

This is a 3rd semester course in a master program .

Course materials

There is a minimal reading list give at the begin of the coure. All other reading materials (both mandatory and supplementary) will be uploaded in blackboard during the semester.

Current Minimal Reading list beginning of the course

• Kowalski, Stewart.(1994) IT Insecurity : A Multi-disciplinary Inquiry , Department of Computer and Systems Science , Stockholm University ISSN1101-8526 . Chapter 1, Chapter 5, Chapter 12 https://libris.kb.se/bib/7610934
• Nyblom, Philip Johannes Brugmans; Wangen, Gaute; Kianpour, Mazaher; Østby, Grethe. (2020) The Root Causes of Compromised Accounts at the University. SciTePress, Academic chapter/article/Conference paper
• Cassano-Piché, A., Vicente, K. J., & Jamieson, G. A. (2006). A Sociotechnical Systems Analysis of the Bse Epidemic in the Uk Through Case Study. Proceedings of the Human Factors and Ergonomics Society Annual Meeting, 50(3), 386-390. https://doi.org/10.1177/154193120605000337
• Huang, W. & Wang, S. K. (2009). Emerging Cybercrime Variants in the Socio-Technical Space. In B. Whitworth & A. de Moor (Eds.), Handbook of Research on Socio-Technical Design and Social Networking Systems (pp. 195-208). IGI Global. https://doi.org/10.4018/978-1-60566-264-
• Fineberg, V. (2014). BECO: Behavioral Economics of Cyberspace Operations. Games People Play. Behav. Secur, 2, 20.
• Adams, K. M., Hester, P. T., Bradley, J. M., Meyers, T. J., & Keating, C. B. (2014). Systems theory as the foundation for understanding systems. Systems Engineering, 17(1), 112-123.
• Funtowicz, S., & Ravetz, J. (2020). Post-Normal Science: How Does It Resonate With the World of Today?. In Science for policy handbook (pp. 14-18). Elsevier.
• 4 x Past Students Papers

Credit reductions