Managing IT Security and Risk

On successful completion of this module a student will be able to:
1 Critically evaluate the importance of compliance to international standards and frameworks, and their role in supporting ISMS implementation to solve key information security problems for business environments.
2 Critically appraise the importance of information security threats, risks, relevant controls, corporate policies, law, regulation, compliance, auditing, business continuity management and people, in improving the overall security posture of an organisation.
3 Formulate critically evaluated proposals that implement real-world cyber security policies and cyber security management, using risk control strategies which are based on international standards and frameworks.

Nature of Management: Leadership styles, management decision making.
Security: Issues, threats, threat analysis and classification based on platform and system type, their impact on a business environment and business operations. Teams that deal with threats and incidents, continuous monitoring, SOC, identifying and using CVEs, looking at key information such as RFCs (e.g. RFC 2196 Site Security),SIEM tool discussion.
Security: Incidents. Internal/external, cloud or IoT. based Types of incidents, probabilities and avoidance techniques, incident response awareness and training.
Risk Management: Identification and analysis techniques as well as control strategies.
Business Continuity: Contingency and disaster recovery planning, policies and procedures for IT forensics investigation preparation.
Compliance with cyber security recognised international standards and frameworks such as NIST, CIS, GDPR, PCI DSS and ISO/IEC 27000-series, the law/regulatory frameworks. Coverage of CIS controls and mapping of PCI DSS requirements.
Information Security Policy: ISO/IEC 27000-series, Computer Misuse legislation (UK, USA).
Professional and ethical codes of conduct: ISACA, ACM, etc.

Concepts will be introduced during lecture sessions and will be supported by individual work involving problem solving exercises and discussions. Each week there will be a two hour lecture and a one hour tutorial or lab (session dependant). In the lecture students will be introduced to the concepts and issues that security threats raise for business and what control and management strategies and techniques are available to mitigate risk. Learning activities have been designed to foster the development of the Greenwich Graduate.

Attributes such as independent learning supported by various journals, articles, case studies solutions to a variety of real life articles and scenarios. There will be extra structured learning materials available on the intranet for self-study to encourage and promote proactive learning.

Individual Report – 100%
LO – All
Pass mark – 50%
3000 words.
Specify a case study, perform IT Security Risk Analysis and Mitigation exercise on that case.

Nature of FORMATIVE assessment supporting student learning:
Formative feedback in the lectures, tutorials, exercises and group discussions.

• MSc Computer Forensics & Cyber Security

  The MSc Computer Forensics & Cyber Security, awarded by the University of Greenwich, is structured to provide a viable option to graduates of:

  • An honours degree 2:2 or above in computing or computing science or a suitable numerate subject (e.g. mathematics, physics, engineering, information systems or multimedia) that includes software development experience.
  • University of Greenwich's BSc (Hons) Computing and Information System with Upper Second Class Honours or above 
  • Mature applicants who demonstrate academic potential and work experience can also be assessed for eligibility.
  • Applicants with a similar level qualification may also be eligible for more information or email us at [email protected]

  Students on the MSc Computer Forensics & Cyber Security will learn a wide range of practical and theoretical skills which will develop a sound knowledge of cyber security and its application in real life situations.

  Our Computer Forensics and Cyber Security course allows students to familiarise themselves with the most recent technologies, scientific innovations and best practice in protecting digital infrastructures, from enterprise networks to Internet of Things environments. Students are also trained on modern tools and methodologies for conducting digital forensics investigations, spanning the whole range from the collection of evidence to analysis and acting as expert witnesses.

  This course is suitable for both newcomers to computer security and computer forensics and practitioners who wish to further their skills. It covers practical skills for network security, penetration testing and digital forensics, as well as the theory and scientific basis that underpins everyday practice. It also ensures that students have a basic understanding of the legal and regulatory requirements and the standards pertaining to computer security.

  Enrol by December 16, 2024, to receive a 10% discount.

  SBCS GLI alumni(degree graduates) will receive a 5% discount.
  Students paying in full will receive a 5% discount.
   

  Highlights at a glance

  • This programme is offered blended/online - part-time and comprises four (4) semesters
  • Total duration - 2 years (Part Time)
  • All material provided digitally
  • Blended approach to learning with a combination of self study, online sessions and workshops

  Programme Content at a glance

  • Modern methods and techniques for cyber security, including penetration testing and IT auditing.
  • Throughout this course you will study cyber security and digital forensics, system administration and security.
  • You will learn how to apply police and forensic methods to detecting cyber crime, using related software and hardware technologies.
  • This course includes hands-on training in current forensic tools as used by the police. Students can therefore contribute quickly to the well-being of corporate IT and informational assets.
  • University of Greenwich is an academic partner with The Council for Registered Ethical Security Testers (CREST) and with the Chartered Institute of Information Security (CIISec).
  • The degree is provisionally certified by the National Cyber Security Centre (NCSC), a part of GCHQ.

   

  At SBCS we focus on

  • Producing graduates who are capable of thinking critically, creatively and ethically.
  • Graduates that can contribute to emerging industries and societal development.
  • Read what some of our graduates have to say.