Governance and Management of Cyber Security

Cyber security management principles. Information security and cyber security risk management, incident management. Software security architecture and secure software development. Most used techniques and frameworks, their implementation.

Moodle: https://moodle.taltech.ee/course/view.php?id=30021

NB! This course will take place in spring semester 2024/2025 which starts on 3rd of February and ends on 16th of June (you can find that information under Start date section). The real course start and end dates will be announced at the beginning of February at the latest.

Learning outcomes:

• cybersecurity governance: student has knowledge to develop enterprise cybersecurity program;
• cybersecurity risk analysis: student performs enterprise cyber security risk analysis;
• cybersecurity incident management: student has knowledge to develop enterprise cybersecurity incident management policy;
• business continuity: student has knowledge to develop enterprise business continuity management plan;
• cybersecurity strategy: student has knowledge to develop enterprise cyber security strategy.

Final assessment can consist of one test/assignment or several smaller assignments completed during the whole course. After declaring a course the student can re-sit the exam/assessment once. Assessment can be graded or non-graded. For specific information about the assessment process please get in touch with the contact person of this course. For specific information about grade transfer please contact your home university

Basic knowledge of IT and cyber security is recommended but not mandatory.

• - ISO/IEC 27000:2014, Information technology - Security techniques -Information security management systems _ Overview and vocabulary;
• - ISO/IEC 27001:2013, Information technology - Security techniques - Information security management systems _ Requirements;
• - ISO/IEC 27002:2013, Information technology - Security techniques - Code of practice for information security management;
• - Dan Shoemaker, Cybersecurity: The Essential Body Of Knowledge, ISBN-13: 978-1435481695;
• - Michael E. Whitman, Principles of Incident Response and Disaster Recovery, ISBN-13: 978-1111138059;
• - Michael E. Whitman, Management of Information Security, ISBN-13: 978-1435488847;
• - Krag Brotby, Information Security Governance: A Practical Development and Implementation Approach, ISBN-13: 978-0470131183.

lectures, practices