If you ask the modern CIO what keeps him awake at night, You expect that next to profit and innovation, ICT security will invariably be in his top-3 of worries.
This course is NOT a technical course (of all 6 course blocks, only one block is “technical”).
It aims at providing the student in a future role of CIO or ICT consultant with enough knowledge to:
Understand the full scope of ICT security;
Find links to, and explanation of associated existing ICT security guidelines and frameworks;
Set up a proper, comprehensive security function within a company (what, why, who);
Know how attacks can occur, and how to prevent (pro-active) and manage (re-active) them;
How to deal with the “human factor” within ICT security.
In order to do so, this course will be conducted by several lecturers, all of which have extensive hands-on knowledge AND experience in dealing with the set-up of ICT security, and the handling of incidents.
The course is intended to be highly interactive.
The aim of this course is:
To provide broad, managerial insight on how to set up and manage an ICT security function within a (large) company;
To provide enough knowledge to be a credible sparring partner for ICT security specialists;
To provide insight in “the human factor as the weakest link” within ICT security;
To learn from hands-on ICT security specialist how attacks take place, and how to defend against them – pro-actively but also re-actively.
The schedule can be found on the LIACS website
Detailed table of contents can be found in blackboard.
Mode of instruction
Presentations by hands-on, still operational ICT security specialists;
Presentations by lecturers specialized in the latest encryption technology;
Discussions with these expert lecturers.
“Learn from each other”: mini-lectures from student to student on assigned security-related subjects.
This is very much a “listen to, learn from and discuss with the experts” kind of course; not so much a “study the books” one.
So skipping lectures is NOT recommended, as catching up through reading will be largely impossible.
6 blocks of 2,5 hours:
1 general overview block;
1 encryption technologies block;
1 security-in-the-cloud block;
2 blocks by experts on attack methods, associated defenses, security organization and management;
1 block with “learn from each other” 10-minute student-to-student presentations on assigned ICT security subjects.
“Learn from each other” student-to-student presentations: 30%. These presentations will be co-judged by both the students themselves (50% weight) and the lecturer (50% weight).
Written assignment (paper): 50%. In this assignment, an actual successful attack on a company needs to be analyzed, with the student taking on the role of a security consultant that advises the attacked company.
The paper needs to cover:
= problem analyses: what happened, in detail;
= impact description: what havoc did it cause, both technical as well as financial, reputational;
= short-term measures: DRP-like: what to do immediately, short-term;
= long-term measures: BCP-like: what to improve on the long term, both technical as well as organizational/managerial;
= recap: management summary with recommendations.
The net text length (without cover- and indexpage) needs to be between 10 and 15 pages.
The paper will (also) be judged on its SMART characteristics:
= Specific: case-related, not too generic;
= Measurable: expected impact and/or costs of proposed measures;
= Attainable: realistic in terms of e.g. cost, expertise;
= Relevant: solving the actual problems encountered;
= Timely: timescales provided on all proposed measures.-
Will be provided throughout the course.
You have to sign up for classes and examinations (including resits) in uSis. Check this [link]( https://www.student.universiteitleiden.nl/en/administrative-matters/registration--de-registration/course-and-exam-enrolment/course-and-exam-enrolment/science/ict-in-business-and-the-public-sector-msc?cf=science&cd=ict-in-business-and-the-public-sector-msc#classnumbers msc 1718) for more information and activity codes.
There is only limited capacity for external students. Please contact the programme Co-ordinator
Programme Co-ordinator: ms. Esme Caubo
All other information.