Module Descriptors
EMERGING ISSUES IN SECURITY, PRIVACY AND FORENSICS
COMP63058
Key Facts
Digital, Technology, Innovation and Business
Level 6
30 credits
Contact
Leader: Ange Aly
Email: ange.aly@staffs.ac.uk
Hours of Study
Scheduled Learning and Teaching Activities: 60
Independent Study Hours: 240
Total Learning Hours: 300
Assessment
- PRACTICAL - PORTFOLIO 1000 WORDS weighted at 40% - Learning outcome(s) assessed: 2
- RESEARCH REPORT - 3000 WORDS weighted at 60% - Learning outcome(s) assessed: 1,3,4
Module Details
INDICATIVE CONTENT
This module addresses the following topics:
Emerging Threat Landscape and Advanced Persistent Threats:
Contemporary threat intelligence: nation-state actors, organised cybercrime, hacktivism
Advanced Persistent Threats (APTs): tactics, techniques, and procedures (TTPs)
Supply chain attacks and third-party risk management
AI-powered attacks and defensive applications of machine learning
Zero-day vulnerabilities and responsible disclosure frameworks
Privacy in the Digital Age:
Evolution of privacy legislation: GDPR, UK Data Protection Act 2018, international frameworks
Privacy by Design and Privacy Impact Assessments
Surveillance technologies and civil liberties considerations
Anonymisation, pseudonymisation, and re-identification risks
Privacy-enhancing technologies (PETs): differential privacy, secure computation
Digital Forensics: Advanced Concepts and Emerging Challenges:
Forensic readiness and incident response planning
Advanced disk forensics: file system analysis, data carving, timeline analysis
Memory forensics: volatile data acquisition, malware analysis, process investigation
Network forensics: traffic analysis, intrusion reconstruction, protocol analysis
Mobile device forensics: acquisition methods, application analysis, deleted data recovery
Cloud forensics: challenges, legal considerations, and emerging methodologies
Emerging Forensic Challenges:
Encryption and its impact on forensic investigations
Anti-forensic techniques: detection and countermeasures
IoT forensics: smart devices, wearables, and connected vehicles
Cryptocurrency and blockchain forensics
Deepfakes and digital evidence authentication
Cross-border investigations and mutual legal assistance
Legal and Regulatory Frameworks:
UK legal framework: Computer Misuse Act, Investigatory Powers Act, RIPA
International cyber law and jurisdictional challenges
Evidence admissibility: expert witness requirements, forensic soundness
Chain of custody and documentation standards
eDiscovery and civil litigation requirements
Security Operations and Incident Response:
Security Operations Centre (SOC) architecture and operations
SIEM implementation and log correlation
Incident response frameworks: NIST, SANS, ISO 27035
Digital forensics integration with incident response
Post-incident analysis and lessons learned
BCS / TechSkills elements:
Use of industry tools and methodology in examining system vulnerability within a legal context.
Evaluation of incidents to establish severity and potential remedy available.
Legal, social, ethical and professional issues in relation to security frameworks and application.
Emerging Threat Landscape and Advanced Persistent Threats:
Contemporary threat intelligence: nation-state actors, organised cybercrime, hacktivism
Advanced Persistent Threats (APTs): tactics, techniques, and procedures (TTPs)
Supply chain attacks and third-party risk management
AI-powered attacks and defensive applications of machine learning
Zero-day vulnerabilities and responsible disclosure frameworks
Privacy in the Digital Age:
Evolution of privacy legislation: GDPR, UK Data Protection Act 2018, international frameworks
Privacy by Design and Privacy Impact Assessments
Surveillance technologies and civil liberties considerations
Anonymisation, pseudonymisation, and re-identification risks
Privacy-enhancing technologies (PETs): differential privacy, secure computation
Digital Forensics: Advanced Concepts and Emerging Challenges:
Forensic readiness and incident response planning
Advanced disk forensics: file system analysis, data carving, timeline analysis
Memory forensics: volatile data acquisition, malware analysis, process investigation
Network forensics: traffic analysis, intrusion reconstruction, protocol analysis
Mobile device forensics: acquisition methods, application analysis, deleted data recovery
Cloud forensics: challenges, legal considerations, and emerging methodologies
Emerging Forensic Challenges:
Encryption and its impact on forensic investigations
Anti-forensic techniques: detection and countermeasures
IoT forensics: smart devices, wearables, and connected vehicles
Cryptocurrency and blockchain forensics
Deepfakes and digital evidence authentication
Cross-border investigations and mutual legal assistance
Legal and Regulatory Frameworks:
UK legal framework: Computer Misuse Act, Investigatory Powers Act, RIPA
International cyber law and jurisdictional challenges
Evidence admissibility: expert witness requirements, forensic soundness
Chain of custody and documentation standards
eDiscovery and civil litigation requirements
Security Operations and Incident Response:
Security Operations Centre (SOC) architecture and operations
SIEM implementation and log correlation
Incident response frameworks: NIST, SANS, ISO 27035
Digital forensics integration with incident response
Post-incident analysis and lessons learned
BCS / TechSkills elements:
Use of industry tools and methodology in examining system vulnerability within a legal context.
Evaluation of incidents to establish severity and potential remedy available.
Legal, social, ethical and professional issues in relation to security frameworks and application.
ADDITIONAL ASSESSMENT DETAILS
PRACTICAL - Portfolio (40%)
You will conduct a digital forensic investigation of a realistic case scenario involving multiple evidence sources (disk images, memory captures, network traffic, mobile device data). The portfolio will document the forensic process: evidence acquisition and preservation, analysis methodology, timeline reconstruction, findings presentation, and expert witness-style reporting.
REPORT – Research Report (60%)
You will produce an individual 3,000-word research-based critical analysis report examining an emerging issue at the intersection of cyber security, privacy, and digital forensics. Topics will be drawn from contemporary challenges such as: AI-driven threat detection and its privacy implications; encryption debates and lawful access; cloud forensics challenges; IoT security and privacy; deepfakes and digital evidence integrity; or ransomware evolution and incident response.
The report must critically appraise current academic literature and industry research, critical evaluation from multiple perspectives, and the formulation of evidence-based conclusions and recommendations.
You will conduct a digital forensic investigation of a realistic case scenario involving multiple evidence sources (disk images, memory captures, network traffic, mobile device data). The portfolio will document the forensic process: evidence acquisition and preservation, analysis methodology, timeline reconstruction, findings presentation, and expert witness-style reporting.
REPORT – Research Report (60%)
You will produce an individual 3,000-word research-based critical analysis report examining an emerging issue at the intersection of cyber security, privacy, and digital forensics. Topics will be drawn from contemporary challenges such as: AI-driven threat detection and its privacy implications; encryption debates and lawful access; cloud forensics challenges; IoT security and privacy; deepfakes and digital evidence integrity; or ransomware evolution and incident response.
The report must critically appraise current academic literature and industry research, critical evaluation from multiple perspectives, and the formulation of evidence-based conclusions and recommendations.
LEARNING STRATEGIES
This module combines advanced theoretical content with practical forensic investigation work to develop the research, analytical, and professional skills expected of final-year cyber security students. Throughout there will be lectures, practical workshops, technical resources provided, and scenarios for you to explore. Combined with teaching there will be multiple opportunities to gain formative feedback, in particular to stages of planning and carrying out a forensic investigation.
LEARNING OUTCOMES
1. Critically analyse research on emerging threats, vulnerabilities, and defensive technologies in cyber security.
Knowledge and Understanding
Reflection
2. Conduct independent digital forensic investigations applying industry-standard methodologies and tools observing professional practice.
Application and Problem-Solving
Critical Reasoning and Collaboration
3. Critically evaluate the complex interplay between security requirements, privacy rights, and forensic capabilities.
Critical Reasoning and Collaboration
4. Communicate security, privacy, and forensic findings effectively through professional documentation.
Communication
Reflection
Knowledge and Understanding
Reflection
2. Conduct independent digital forensic investigations applying industry-standard methodologies and tools observing professional practice.
Application and Problem-Solving
Critical Reasoning and Collaboration
3. Critically evaluate the complex interplay between security requirements, privacy rights, and forensic capabilities.
Critical Reasoning and Collaboration
4. Communicate security, privacy, and forensic findings effectively through professional documentation.
Communication
Reflection
RESOURCES
Dedicated Cyber Security Laboratory with isolated forensic workstations
Forensics tools such as Autopsy, FTK
Forensics tools such as Autopsy, FTK
TEXTS
Casey, E. (2024), Digital Evidence and Computer Crime: Forensic Science, Computers and the Internet, 4th Edition, Academic Press.
Johansen, G. (2024), Digital Forensics and Incident Response: Incident Response Tools and Techniques for Effective Cyber Threat Response, 4th Edition, Packt Publishing.
Kizza, J.M. (2024), Guide to Computer Network Security, 6th Edition, Springer.
Solove, D.J. and Schwartz, P.M. (2023), Information Privacy Law, 7th Edition, Wolters Kluwer.
NIST (2025), "Computer Security Incident Handling Guide (SP 800-61)" [Online] Available at: https://csrc.nist.gov/publications/detail/sp/800-61/rev-2/final (Accessed: 01/01/2026).
Johansen, G. (2024), Digital Forensics and Incident Response: Incident Response Tools and Techniques for Effective Cyber Threat Response, 4th Edition, Packt Publishing.
Kizza, J.M. (2024), Guide to Computer Network Security, 6th Edition, Springer.
Solove, D.J. and Schwartz, P.M. (2023), Information Privacy Law, 7th Edition, Wolters Kluwer.
NIST (2025), "Computer Security Incident Handling Guide (SP 800-61)" [Online] Available at: https://csrc.nist.gov/publications/detail/sp/800-61/rev-2/final (Accessed: 01/01/2026).
WEB DESCRIPTOR
In this advanced module, you will explore the cutting-edge challenges facing cyber security professionals at the intersection of security, privacy, and digital forensics. You will critically examine emerging threats, from AI-powered attacks to supply chain compromises, whilst investigating the complex privacy implications of modern security technologies.
Through hands-on forensic investigations, you will develop advanced skills in digital evidence acquisition, analysis, and presentation using industry-standard tools including EnCase, FTK, and Volatility. You will tackle contemporary challenges including cloud forensics, encrypted device analysis, and mobile device investigation.
Beyond technical skills, you will critically evaluate the legal, ethical, and societal dimensions of security and forensics work. You will examine how privacy legislation shapes organisational security practices, analyse the tensions between security requirements and civil liberties, and develop the professional communication skills needed to present findings to technical, legal, and executive audiences.
Through hands-on forensic investigations, you will develop advanced skills in digital evidence acquisition, analysis, and presentation using industry-standard tools including EnCase, FTK, and Volatility. You will tackle contemporary challenges including cloud forensics, encrypted device analysis, and mobile device investigation.
Beyond technical skills, you will critically evaluate the legal, ethical, and societal dimensions of security and forensics work. You will examine how privacy legislation shapes organisational security practices, analyse the tensions between security requirements and civil liberties, and develop the professional communication skills needed to present findings to technical, legal, and executive audiences.