Admission requirements
- Only students of the MSc Crisis and Security Management, enrolled for the specialisation ‘Cybersecurity Governance’, can take this course.
Description
No organization can achieve completely assured cybersecurity. In the rapidly evolving digital landscape, organizations face increasing threats from cyber-attacks that can disrupt operations, compromise sensitive information, and damage reputations. Effective cyber crisis management is critical to mitigating the impacts of these attacks and ensuring organizational resilience.
This course explores conceptual and theoretical approaches to cyber crisis management at the organizational level. It combines the study of academic perspectives on effective crisis management with the practice of developing readiness, response, and recovery capabilities within organizations.
Students will develop the research skill of analysis necessary to understand real-world cyber crisis cases and establish connections between various ideas and elements derived from these cases, thereby preparing them for the job market. The skill of analysis will be developed in two ways. First, students will learn to identify and construct scientific frameworks for analysis and discuss their implications for examining cases of cyber crisis management. Second, by analyzing real-world cyber crisis cases, students will identify patterns to produce policy- and practice-oriented recommendations.
Course objectives
By the end of the course, students will be able to:
Research skills:
1. Identify, construct and test scientific frameworks and discuss their implications for analyzing cases cyber crisis management.
2. Identify relevant analytical frameworks for categorizing the severity, impacts, and required responses to cyber incidents and the role of threat intelligence, and critically assess leadership decisions during cyber incident response.
3. Discuss, based on theoretical and analytical frameworks, the main challenges of organizations’ recovery and learning after different types of cyber crises
4. Employ academic knowledge to critically analyze and reconstruct real-world crisis cases to propose better future responses.
Academic skills
5. Analyze the role of the public and stakeholders during cyber crises and compare communication strategies based on evidence-based practices.
6. Employ theoretical and practical knowledge of the cyber crisis management cycle to resolve simulated cyber crises cases and critically reflect on their performance.
7. Self-evaluate and reflect after interactive in-class work and individual assignments.
Professional skills
8. Formulate strategies to effectively prepare organizations to respond to different types of cyber crises, including organizational practices, structures, and personnel training.
Timetable
On the right side of programme front page of the E-guide you will find links to the website and timetables, uSis and Brightspace.
Mode of instruction
The mode of instruction comprises of a series of interactive sessions (two sessions per week). The sessions will combine lectures and workgroups. During the lectures, students will learn the key principles of research, and the relevant concepts and methodologies, as can be applied to the field of cyber crisis management. The workgroups will consist of in-class assignments, discussions, exercises, and feature several formative (non-graded) assignments that will help the student to prepare for the summative (graded) assignments.
Attendance is not mandatory, but highly recommended in order to pass the course. Active participation during the sessions therefore is strongly recommended to pass this course.
Study load:
42 contact hours (lectures and SPOCI) and 238 hours of self-study and preparation of assessments.
In this 10 ECTS course, 4 ECTS is specifically reserved for the assignment that is going to be part of the portfolio of students, including working on their interim reflection paper as preparation for the final reflection paper. Specific information on the portfolio assignment and the intended learning outcomes that are being acquired will be published in the syllabus of this course.
Assessment method
Assessment for this course is based on three assignments:
(1) Group paper:
30% of final grade
Grade must be compensated in case of a fail (grade < 5.50)
Resit not possible
(2) Cyber crisis simulation:
30% of final grade
Grade must be compensated in case of a fail (grade < 5.50)
Resit not possible
Attendance is mandatory
(3) Final paper:
40% of final grade
Grade cannot be compensated, a 5.50 is required to pass the course
Resit possible
Resit will take the same form
The calculated overall course grade must be at least 5.50 in order to pass the course. If the calculated overall course grade is lower than 5.50, students are also permitted to resit the 40% papers.
In the case of written assessment methods, the examiner can always initiate a follow-up conversation with the student to establish whether the learning objectives have been met
Transitional arrangement
The course Digital Justice will not be offered in the academic year 2024-2025 following the restructuring of the cyber security governance specialisation. For those students who need this course to complete their programme the course Cyber Crisis Management and Resilience can be used as a substitute. Passed partial grade for Digital Justice are not valid for the course on Cyber Crisis Management and Resilience. Please note: Students who participated in Digital Justice in the academic year 2023-2024, but did not manage to pass the course can apply to the Board of Examiners to be allowed one final re-take for the course Digital Justice in the academic year 2024-2025, but only if this is the last course they need to pass in order to graduate.
Please be aware that passed partial grades obtained in academic year 2024-2025 are no longer valid during academic year 2025-2026.
Reading list
A selection of books and articles, to be announced on Brightspace.
Registration
Register yourself via MyStudymap for each course, workgroup and exam (not all courses have workgroups and/or exams). Do so on time, before the start of the course; some courses and workgroups have limited spaces. You can view your personal schedule in MyTimetable after logging in.
Registration for this course is possible from t.b.a..
Leiden University uses Brightspace as its online learning management system. After enrolment for the course in MyStudymap you will be automatically enrolled in the Brightspace environment of this course.
More information on registration via MyStudymap can be found on this page.
Contact
Dr. Cristina del Real c.del.real@fgga.leidenuniv.nl