Course content

• Human, Organizational, and Regulatory Aspects of Cybersecurity: risk management; law, regulation, standards; privacy.
• Attacks and Defenses: malware; adversarial behaviors; security operations; forensics.
• Systems Security: cryptography; identity management & authentication; software security. Infrastructure Security: network security; cyber physical systems security; critical infrastructure security.

Learning outcome

Knowledge

• Broad knowledge of organizational and technological management of cybersecurity risk
• Is familiar with methods and frameworks for organizational and technological management of cybersecurity risk
• Can update own knowledge to relevant areas in own business
• Knowledge about relevant academic issues based on the subject area's history, traditions, uniqueness and place in society

Skills

• Can apply various sources of information and apply these to structure and formulate professional reasoning
• Can reflect upon existing theories, methods and interpretations within organizational and technological management of digital risk and independent work with practical and theoretical problem solving
• Can find, evaluate and refer to relevant methods for professional development work in an independent way

General competence

• Insight into relevant professional and ethical issues
• Can plan and carry out varied work tasks and projects
• Can communicate important academic subjects and masters the subject area's forms of expression
• Can exchange opinions and experiences with others with a background in the field, thereby contributing to development of good practice
• Is familiar with new thinking and innovation processes

Learning methods and activities

The course consists of a startup physical gathering, an asynchronous online part based on recorded lectures, and a final mandatory assignment. It is planned that the students will work with issues that are related to their everyday work with a focus on technological and organizational challenges related to cybersecurity. In addition to this, students will also be expected to make a digital presentation and to carry out peer reviews of their fellow students' work.

Blackboard, NTNU's digital learning platform will be used throughout.

The entire course is normally completed in 10-12 weeks. The total workload for the participants is approx. 120 hours, including own work.

Further on evaluation

By means of a final mandatory assignment, to be carried out either individually or in small groups of students. Pass/Fail evaluation.

The submission deadline for the assignment is normally 3 weeks after the last learning activity. In the case of failure, the subject must be taken again in its entirety.

Specific conditions

Required previous knowledge

• Completed upper secondary school / general higher education entrance requirement "generell studiekompetanse"
• Minimum two years relevant work experience
• Working conditions must be documented with a certificate from the employer describing the type of job / work tasks, job percentage and duration.

Course materials

• Book: M.E. Whitman and H.J. Mattord: "Principles of Information Security", seventh edition, Cengage 2022.

Credit reductions