nl en

Cyber Security Management


Admission requirements

We expect (but not demand) that the students have prior knowledge about basics of ICT security and IT systems. To support students without this background, additional readings will be provided.


If you ask the modern CIO what keeps him awake at night, You expect that next to profit and innovation, ICT security will invariably be in his top-3 of worries.
This course is NOT a technical course (of all 6 course blocks, only one block is “technical”).
It aims at providing the student in a future role of CIO or ICT consultant with enough knowledge to:

  • Understand the full scope of ICT security;

  • Find links to, and explanation of associated existing ICT security guidelines and frameworks;

  • Set up a proper, comprehensive security function within a company (what, why, who);

  • Know how attacks can occur, and how to prevent (pro-active) and manage (re-active) them;

  • How to deal with the “human factor” within ICT security.
    In order to do so, this course will be conducted by several lecturers, all of which have extensive hands-on knowledge AND experience in dealing with the set-up of ICT security, and the handling of incidents.
    The course is intended to be highly interactive.

Course objectives

The aim of this course is:

  • To provide broad, managerial insight on how to set up and manage an ICT security function within a (large) company;

  • To provide enough knowledge to be a credible sparring partner for ICT security specialists;

  • To provide insight in “the human factor as the weakest link” within ICT security;

  • To learn from hands-on ICT security specialist how attacks take place, and how to defend against them – pro-actively but also re-actively;

  • To learn about career paths in cyber security.


You will find the timetables for all courses and degree programmes of Leiden University in the tool MyTimetable (login). Any teaching activities that you have sucessfully registered for in MyStudyMap will automatically be displayed in MyTimeTable. Any timetables that you add manually, will be saved and automatically displayed the next time you sign in.

MyTimetable allows you to integrate your timetable with your calendar apps such as Outlook, Google Calendar, Apple Calendar and other calendar apps on your smartphone. Any timetable changes will be automatically synced with your calendar. If you wish, you can also receive an email notification of the change. You can turn notifications on in ‘Settings’ (after login).

For more information, watch the video or go the the 'help-page' in MyTimetable. Please note: Joint Degree students Leiden/Delft have to merge their two different timetables into one. This video explains how to do this.

Mode of instruction

  • Presentations by hands-on ICT security specialists;

  • Presentations by lecturers specialized in the latest cyber security topics;

  • Discussions with these expert lecturers.

  • “Learn from each other”: mini-lectures from student to student on assigned security-related subjects.

This is very much a “listen to, learn from and discuss with the experts” kind of course; not so much a “study the books” one.
So skipping lectures is NOT recommended, as catching up through reading will be largely impossible.

Course load

6 lecture blocks (12 hours) including:

  • 1 general overview block;

  • 1 technical block (e.g., on encryption and network security);

  • 3 blocks by experts on, e.g., attack methods, associated defenses, security organization and management, data protection, risk management;

  • 1 block with “learn from each other” 10-minute student-to-student presentations on assigned ICT security subjects.

The invited lecture topics will be confirmed right before the course starts.

Individual and group work (72 hours) on assignments.

Assessment method

There is no exam. The final grade consists of the following components:

  • Presence/participation: 20%

  • “Learn from each other” student-to-student presentations: 30%. These presentations will be co-judged by both the students themselves (50% weight) and the lecturer (50% weight).

  • Written assignment (paper): 50%. In this assignment, an actual successful attack on a company needs to be analyzed, with the student taking on the role of a security consultant that advises the attacked company.

The teacher will inform the students how the inspection of and follow-up discussion of the exams will take place.

Reading list

Will be provided throughout the course on Brighspace.


Every student has to register for courses with the new enrollment tool MyStudyMap. There are two registration periods per year: registration for the fall semester opens in June and registration for the spring semester opens in December. Please see this page for more information.

Please note that it is compulsory to both preregister and confirm your participation for every exam and retake. Not being registered for a course means that you are not allowed to participate in the final exam of the course. Confirming your exam participation is possible until ten days before the exam.

Extensive FAQ's on MyStudymap can be found here.


Programme Co-ordinator: ms. Esme Caubo


There is only limited capacity for external students. Please contact the programme Co-ordinator