Cyber Security topics will be covered to give an understanding of the essential concepts of cyber security and their application. The following concepts will be introduced:
IT security models and IT risk management
Cybersecurity principles applied to services, applications, servers, network devices (and devices in general)
Legal & ethical issues in cyber security
Information security policy and scope
Standards of ISO27001 (Security Framework) and ISO27002 (IT Security)
Incident response management
Access control
Backup and disaster recovery
Data and system attacks
How to identify vulnerabilities and put in place safeguards
Concepts of Confidentiality, Integrity and Availability
Types of threat
Securing access to devices
AAA (Authentication, Authorization, and Accounting)
Implementing firewall and intrusion protection technologies
Layer 2 security features
Cryptographic systems and VPN's (Virtual Private Networks).

WRITTEN: A group-based assessment: Students will produce a technical report that addresses the design, implementation, and testing of a security solution for an IT system for an SME for use on a single site. The assessment will include identification of security risks both physical and logical documenting mitigation techniques to solve potential issues with both technology and the context within the environment of use.

This course has 65 hours taught contact time which is divided into formal lectures and practical sessions. The lectures will look at the academic aspects of cyber security and network security within commercial organisations. The underlying theory will be given in these sessions and reinforced through the use of the practical laboratory sessions. In the practical session’s students will carry out a series of scenario based and/or practical tasks to apply the taught theory.

1. Demonstrate an understanding of cyber security principles.

2. Perform a security risk assessment for a given IT system, proposing security measures and mitigation techniques for planned and installed systems.

3. Explain and critically evaluate security threats and the securing of network devices to AAA, VPN, IPS, firewalls, and cryptographic systems.

Dedicated isolated Cyber lab with access to appropriate commercial grade software and hardware systems.

Access to pertinent VMs (Virtual Machines) used to show and analyse cyber security issues and features.

Specialist networking laboratories with appropriate commercial grade equipment (Cisco, and Juniper etc).

Access to specialist Security lab with multiple virtual machines and equipped with Windows and Linux.

Swanson, C. (2020) Professional Security Management: A strategic Guide. Routledge. ISBN-10:¿0367339617, ISBN-13:¿978-0367339616

Franke, D. (2016) Cyber Security Basics, CreateSpace, ISBN: 9781522952190

Zhang, N. (2019) Cyber Security: The beginners Guide to Learning the Basics of Information Security and Modern Cyber Threats, independently published. ISBN-10 :¿1698238533, ISBN-13 :¿978-1698238531

Du, W. (2017) Computer Security: A Hands-on Approach. CreateSpace Independent Publishing Platform. ISBN-10:¿154836794X, ISBN-13 :¿978-1548367947

HM Government, The UK Cyber Security Strategy Protecting and promoting the UK in a digital world, https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/60961/uk-cyber-security-strategy-final.pd

International Organization for Standardization, ISO/IEC 27001:2013 - Information technology -- Security techniques -- Information security management systems -- Requirements". (Last reviewed 2019) Johnson, T.A., Cybersecurity: Protecting Critical Infrastructures from Cyber Attack and Cyber Warfare, 2015, ISBN-13: 978-1-48223923-2

McNab, C. (2016). Network Security Assessment: Know Your Network 3rd Edition, O¿Reilly. ISBN-10: 149191095X, ISBN-13: 978-1491910955

McMillan, T. (2018), CCNA Security Study Guide: Exam 210-260 2nd ed. Edition, Sybex. ISBN-10: 1119409934, ISBN-13: 978-1119409939Campbell, A. (2016) Practical Information Security Management: A Complete Guide to Planning & Implementation, 2016, Apress, ISBN-10:¿9781484216842, ISBN-13:¿978-1484216842

This module is designed to equip students with the fundamental knowledge and practical skills to become an entry level Cybersecurity engineer. It looks at information and infrastructure security in the commercial sector considering legal and ethical issues alongside cryptographic functions. It addresses the latest technology and work practice alongside current security standards to ensure students build an integrated perspective in all topics required in solving security related tasks and problems.