course-details-portlet

IMT4214

Cyber Intelligence

Choose study year
Credits 7.5
Level Second degree level
Course start Autumn 2024
Duration 1 semester
Language of instruction Norwegian
Location Gjøvik
Examination arrangement Home examination and assignment

About

About the course

Course content

This course will not be your traditional classroom course. The teaching will be centered on three workshops. The course is a part of the experience based master and will therefore aim to build on your professional background and experience. We expect you to contribute with your own experiences and to apply the theory to your own professional practice. The assignment will focus on applying cyber intelligence to a case, preferable based on your organization and/or experience.

The intelligence lifecycle (general methodology) - Planning, building a collection plan - Collection - Processing - Produce - Disseminate -Cyber Intelligence (specific methodology) -Closed-, Open- and Multi-Source Intelligence -Threat actor attribution and analysis -The diamond model -Cyber Defense Kill-Chain -Threat hunting -Information sharing (Tactics, Techniques and Procedures) -Cyber Situation Awareness (Cyber intelligence products)

Learning outcome

Knowledge:

  • The candidate possesses knowledge of the intelligence lifecycle
  • The candidate possesses thorough knowledge of cyber intelligence
  • The candidate possesses through knowledge the following steps: planning, collecting, processing, production and dissemination, related to cyber Intelligence
  • The candidate possesses thorough knowledge on how to build Cyber Situation Awareness
  • The candidate possesses knowledge on threat actor analysis
  • The candidate possesses thorough knowledge of attribution and campaign analysis, related to the cyber domain

Skills:

  • The candidate is capable of applying the intelligence lifecycle in the cyber domain
  • The candidate is able to understand the importance of and the role of cyber intelligence in the defense of critical cyber resources
  • The candidate is capable of applying each step (planning, collecting, processing, production, and dissemination) related to cyber intelligence
  • The candidate is able to create and communicate cyber situation awareness
  • The candidate is able to acquire and apply knowledge about threat actors related to his/her organization
  • The candidate is able to apply attribution and campaign analysis related to the cyber domain

General competence:

  • The candidate is capable of analyzing relevant professional and research problems in cyber intelligence
  • The candidate is capable of applying their knowledge and skills in new fields, in order to accomplish advanced task and projects in cyber intelligence
  • The candidate is capable of working independently as a cyber intelligence analyst and is familiar with terminology
  • The candidate is capable of discussing professional problems, analysis and conclusions in the field of cyber intelligence, both with professionals and with general audience
  • The candidate has the learning skills to continue acquiring new knowledge and skills in a largely self-directed manner
  • The candidate is capable of contributing to innovation and innovation processes

Learning methods and activities

- Seminars / workshops - Exercise/Case - Assignments /Project work

The course will have 3 mandatory workshops, The first two workshops lasts one day, the last workshop last two days. The workshops will not be streamed or recorded, physical attendance is required on all three workshops.

  • If less than 5 students, the teaching Methods and activities might be adjusted.
  • Number of students might be limited (max 30).

Compulsory assignments

  • Participation in seminars

Further on evaluation

Re-sit only possible the next time the course is running.

Retake can be carried out for partial assessments without all partial assessments having to be taken up again.

Specific conditions

Admission to a programme of study is required:
Information Security (MISEB)

Required previous knowledge

Passed grade in IMT4213 Cyber Tactics or IIKG6500 Cyber Tactics (EVU) is a strict requirement.

Course materials

Books/standards, conference/journal papers and web resources, to be announces at startup

Credit reductions

Course code Reduction From
IMT3761 2.5 sp Autumn 2017
IIKG6501 7.5 sp Autumn 2020
This course has academic overlap with the courses in the table above. If you take overlapping courses, you will receive a credit reduction in the course where you have the lowest grade. If the grades are the same, the reduction will be applied to the course completed most recently.

Subject areas

  • Information Security

Contact information

Examination

Examination

Examination arrangement: Home examination and assignment
Grade: Letter grades

Ordinary examination - Autumn 2024

Home examination
Weighting 4/10 Examination aids ALLE Date Release 2024-12-09
Submission 2024-12-09
Time Release 09:00
Submission 12:00
Duration 3 hours Exam system Inspera Assessment
Assignment
Weighting 6/10 Date Submission 2024-11-11 Time Submission 12:00 Exam system Inspera Assessment