Prospectus

nl en

Crisis and Risk Management in Cybersecurity

Course
2026-2027

Admission requirements

This course is part of the minor “Crisis, Risk and Disaster Management”. The course is taught at TU Delft by lecturers from TU Delft. The course can only be taken within the framework of participation in the minor. This minor is a consistent package of courses designed to help you build your knowledge in a logical and connected way. It is not possible to follow single courses.

Description

In today's interconnected digital landscape, the impact of cybersecurity events extends far beyond their initial occurrence. The course "Crisis and Risk Management in Cybersecurity" is designed to build on knowledge gained during minor studies by analyzing cyber incidents, and forecasting the consequences stemming from them.

Throughout this course, students will explore cybersecurity events, crises caused by them, and predict their cascading effects on individuals, organizations, and society as a whole. By examining real-world cases, they will gain a comprehensive understanding of the multifaceted nature of cybersecurity incidents and how exploited vulnerabilities can trigger chain reactions of disruption across various sectors.

As part of the coursework, students will collaborate on a group report analyzing the root causes of a cybersecurity incident.

Course objectives

By the end of the course, the student should be able to:
1. Understand the differences between risk\, incident\, and crisis
2. Analyze real cybersecurity incidents and identify their causes
3. Forecast potential cascading effects of real cybersecurity incidents on individuals\, organizations\, societies and ecosystems
4. Work and communicate effectively with students with other disciplinary backgrounds
5. Produce a group report with the results of the analyses in a specified format

Timetable

The course schedule can be found at the TU Delft timetable: https://mytimetable.tudelft.nl/schedule. You can find the course schedule via ‘add timetable’ after logging in with your TU Delft credentials.

Mode of instruction

  • Lectures

  • Group meetings

  • Office hours

Participation in lectures and an active work in groups is required in order to obtain a grade. Group assignment is compulsory – if it is not provided, the student will not receive their final grade.

The course "Crisis and Risk Management in Cybersecurity" is worth 5 ECTS, equating to a total workload of 140 hours. The course includes the following study methods:

  • Lectures (10 hours)

  • Practical lectures (4 hours)

  • Workshops (4 hours)

  • Office hours (2 hours)

  • Self-study (120 hours)

  • Individual assignments within group work

  • Small group assignments

  • Group work

The lectures will not be recorded, and you, as students, are also not allowed to make any video or audio recordings during the lectures.

Assessment method

  1. A group report with the analysis of the causes of a cybersecurity incident in a specified format (summative assessment)

  • 60% of the total grade

  • Grade must be 5.5 or higher

  • Resit is possible:

  • Only if the first report was a fail

  • The maximum possible grade during the resit is 6.0

  1. Providing the feedback for another group report

  • 5% of the total grade

  • Pass/fail

  • Resit is not possible

  1. Feedback quality

  • 15% of the total grade

  • Group evaluates the quality of the provided feedback

  • Resit is not possible

  1. Peer evaluation of group work

  • 20% of the total grade

  • Peers anonymously evaluate the contribution of each member of the group besides themselves

  • Resit is not possible

Grading and passing the course
In order to pass the course, the combined grade has to be at least 6.0 out of 10. For all courses of the minor “Crisis, Risk and Disaster Management”, final grades are rounded off to the nearest half point, except between 5 and 6. For grades between 5.0 and 6.0, a 5.5 and higher will be rounded up to a 6.0, and grades below 5.5 will be rounded down to 5.0. No final grades between 5.0 and 6.0 will be given. Maximum grade is 10.

If the final score is a passing grade, students are not allowed to retake to obtain a higher grade, unless given explicit permission by the Board of Examiners of the Institute of Security and Global Affairs (Leiden University).

This course is part of the minor “Crisis, Risk and Disaster Management”. This minor needs to be completed in one academic year. It is not possible to retake courses that you have not passed during the following academic year. If you think an exception to this rule applies to you, please contact the Board of Examiners of the Institute of Security and Global Affairs (Leiden University).

No matter what academic institution a student comes from, the minor falls under the course and examinations regulation of the bachelor Security Studies of Leiden University. These course rules are further expanded on in the rules and regulations of the Board of Examiners of the Institute of Security and Global Affairs (Leiden University). This Board of Examiners is also the relevant body for disputes.

Reading list

The reading list will be made available via Brightspace.

Registration

More information available with TU Delft.

Contact

Dr. Y. Zhauniarovich
Faculty of Technology, Policy and Management
E-mail: Y.Zhauniarovich@tudelft.nl
Room: B2.190 (building 31 TU Delft, Jaffalaan 5, 2628 BX Delft)

Dr. Karolien van Nunen
Faculty of Technology, Policy and Management
E-mail: K.L.L.vanNunen@tudelft.nl
Room: C1.130 (building 31 TU Delft, Jaffalaan 5, 2628 BX Delft)

Remarks