nl en

Cyber Threats and Risk Management


Admission requirements

Mandatory course for students enrolled in the bachelor’s programme Security Studies.


The course is aimed at providing methods and tools related to the management of risks in, and of, cyberspace, collectively called ‘cyber risks’.

The course will first conceptualise the context of cyber risks by analysing cyberspace in modern society: how does the Internet work, what changes have taken place in a digitalised network society, what is the (changing) role of IT in society, how is cyberspace governed, and what is the role of law and regulation in shaping behaviour in cyberspace? The course shows that cyber risks appear at various levels (local, national and international) and demand responses from governments, but also private companies, collectives and individuals.
Next, the course will focus on different key subfields in relation to cyber risk and cover the main actors that play a role in relation to these subfields. The following subfields will be discussed:

  • cybercrime

  • cyberwarfare

  • cyberespionage

  • critical infrastructure protection

  • fake news and misinformation

Since cyber risks are often intentionally or inadvertently caused by humans, the course will show place emphasis on the role of human behaviour, critically assessing the ofte heard claim that “human beings the weakest link” in the defence. Focus will be given on the motives of actors working in ‘the defence’.

The course will involve a specific focus on risk evaluation and management, exploring perceptions concerning the definition of ‘acceptable risk levels’ and possible security countermeasure strategies & tools at various levels (societal, organisational and individual level). The course will present counterstrategies and tools providing technical, socio-economic and governance perspectives.

Course objectives

  • The student will acquire basic knowledge and understanding of what cyberspace entails, the interwoven nature of the virtual and real worlds, and the resulting cyber security challenges

  • The student will acquire basic knowledge of the governance of the Internet

  • The student will be able to identify actors and their behaviour in cyberspace

  • The student will acquire basic knowledge and understanding of risk management models and tools, with particular reference to technical aspects (risk identification, assessment & mitigation)

  • The student will be able to identify intentional and unintentional cyber threats, which will possibly result in cyber incidents, and the related impact of these incidents.

  • The student will be able to identify preventive and repressive strategies, methods & tools to reduce cyber risk to acceptable levels.


On the right side of programme front page of the E-guide you will find links to the website and timetables, uSis and Blackboard.

Mode of instruction

14 plenary lectures
4 course labs in smaller groups (attendance is mandatory)

Course Load

Total study load of 280 hours

  • Contact hours: 54

  • Self-study hours: 220

  • Examination: 6

Assessment method

  • Mid-term exam: 40%

  • Final exam (written exam): 60%

More information will be available on the Blackboard page.

Each sub grade has to be at least 5.50 to pass the course. The calculated grade has to be at least 5.50 to pass the course.

Students will be permitted to resit an examination if they have a grade lower than 5.5 or with permission of the Board of Examiners.

Resits will take the same form.


Course page will be available one week in advance

Reading list

Information on readings will be announced on Blackboard


To be announced by OSC staff.


Course coordinator t.b.a.