Admission requirements
We expect (but not demand) that the students have prior knowledge about basics of ICT security and IT systems. To support students without this background, additional readings will be provided.
Description
If you ask the modern CIO what keeps him awake at night, You expect that next to profit and innovation, ICT security will invariably be in his top-3 of worries.
This course is NOT a technical course (of all 6 course blocks, only one block is “technical”).
It aims at providing the student in a future role of CIO or ICT consultant with enough knowledge to:
Understand the full scope of ICT security;
Find links to, and explanation of associated existing ICT security guidelines and frameworks;
Set up a proper, comprehensive security function within a company (what, why, who);
Know how attacks can occur, and how to prevent (pro-active) and manage (re-active) them;
How to deal with the “human factor” within ICT security.
In order to do so, this course will be conducted by several lecturers, all of which have extensive hands-on knowledge AND experience in dealing with the set-up of ICT security, and the handling of incidents.
The course is intended to be highly interactive.
Course objectives
The aim of this course is:
To provide broad, managerial insight on how to set up and manage an ICT security function within a (large) company;
To provide enough knowledge to be a credible sparring partner for ICT security specialists;
To provide insight in “the human factor as the weakest link” within ICT security;
To learn from hands-on ICT security specialist how attacks take place, and how to defend against them – pro-actively but also re-actively;
To learn about career paths in cyber security.
Timetable
The schedule can be found on the Leiden University student website
Detailed table of contents can be found in Brightspace.
Check MyTimetable (manual) and use your ULCN account to login.
Mode of instruction
Presentations by hands-on ICT security specialists;
Presentations by lecturers specialized in the latest cyber security topics;
Discussions with these expert lecturers.
“Learn from each other”: mini-lectures from student to student on assigned security-related subjects.
This is very much a “listen to, learn from and discuss with the experts” kind of course; not so much a “study the books” one.
So skipping lectures is NOT recommended, as catching up through reading will be largely impossible.
Course load
6 lecture blocks (12 hours) including:
1 general overview block;
1 technical block (e.g., on encryption and network security);
3 blocks by experts on, e.g., attack methods, associated defenses, security organization and management, data protection, risk management;
1 block with “learn from each other” 10-minute student-to-student presentations on assigned ICT security subjects.
The invited lecture topics will be confirmed right before the course starts.
Individual and group work (72 hours) on assignments.
Assessment method
There is no exam. The final grade consists of the following components:
Presence/participation: 20%
“Learn from each other” student-to-student presentations: 30%. These presentations will be co-judged by both the students themselves (50% weight) and the lecturer (50% weight).
Written assignment (paper): 50%. In this assignment, an actual successful attack on a company needs to be analyzed, with the student taking on the role of a security consultant that advises the attacked company.
The teacher will inform the students how the inspection of and follow-up discussion of the exams will take place.
Reading list
Will be provided throughout the course on Brighspace.
Registration
You have to sign up for classes and examinations (including resits) in uSis. Check this link for more information and activity codes.
There is only limited capacity for external students. Please contact the programme Co-ordinator
Contact
Programme Co-ordinator: ms. Esme Caubo
Brightspace
Register for the course in Brightspace. Important information about the course is posted here.