Chat with us, powered by LiveChat
Enquire now
Home / Courses / Postgraduate / Cyber Security Management

Cyber Security Management

Testimonials

Aleksandra Shcherbakova

Master of Management

“I have met some truly impressive talents and kind personalities among our lecturers."

Angelica Balajadia

Master of Management

“I have found my people here, I have networked here. I am open to doors opening and so many doors are opening already."

Wiranpatchara (Sandy) Wongchanapai

Master of International Business

"Whilst studying at ICMS, I was able to have a strong work/study life balance".

Cameron Colvin

Bachelor of Business (Marketing)

"My work experience boosted my confidence and allowed me to apply theoretical knowledge in practical settings."

Taylor McLeod

Bachelor of Business (Sports Management)

“The small, intimate environment in my lectures makes me feel like I am being heard and that I am getting the most out of my studies."

Julie Williams

Bachelor of Business (Fashion and Global Brand Management)

"I chose ICMS because they have provided me with the opportunity to kickstart my career through their many industry partners".

Keegan Du Preez

Bachelor of Business Management (Accounting)

"ICMS is realistic. They understand the realistic expectations of various markets. It’s not just textbook knowledge, especially compared to every other competitor".

Michaela Mayes

Bachelor of Business (Marketing)

"ICMS' Work Integrated Learning gave me the ability to gain real life experience before I even graduated".

Alana Williams

Bachelor of Business (Accounting)

“I worked full time whilst studying, with ICMS allowing for such a great work to study ratio and balance, where I was flexibly allowed to do both.”

Juliette Wilson

Bachelor of Business (Marketing)

"I think the biggest thing is that you get a personalised experience, and you’ll be treated like a person, not a number".

Calum McKnight

Bachelor of Business (Marketing)

“Very quickly, ICMS gave me a circle of friends who are pretty driven – but who also like to have fun – and when I see where they are now it’s pretty exciting and it drives me further.”

Ewan Metcalfe

Bachelor of Business (Sports Management)

"Through being at this college and the geographical location, it always reminded me to stay grounded, keep working hard to further improve my life and stay happy".

Prospectus 2024
Download Now

Cyber Security Management is available as a postgraduate-level subject offered by the International College of Management, Sydney (ICMS). Please click the button below to find a postgraduate course suitable for you.

BROWSE ICMS POSTGRADUATE DEGREES

 

Subject Code:

CYB701A

Subject Type:

Specialisation 

Subject Level:

700

Credit Points:

4 credit points

Subject Aim:

The number of cyber-attacks on companies has risen sharply. A successful cyber-attack has devastating effects on business operations, customer reputation, and legal affairs. The challenge of cyber security management is therefore to establish governance structures, procedural, and technical cyber security measures in such a way that companies are effectively protected from cyber-attacks. However, cyber security measures are associated with significant financial investments and require technical and human resources.

The aim of this subject is for students to engage critically with the challenges and opportunities of modern cyber security management. They will be enabled to evaluate threats in the business context. Furthermore, students will be able to identify, design and finally evaluate threat-adequate governance structures, procedural controls and technical controls in regard to regulatory demands, costs, and business operations.

This subject is divided into five key information security management topics: Fundamentals of Information Security Management, Cyber Security Risk Management, Procedural Security Controls, Technical Security Controls and Evaluation of Security Controls. Students will not only be competent with concepts and techniques but will also be able to critically analyse cyber threats, and evaluate, design and justify cybersecurity measures.

Learning Outcomes:

a) Identify and critically analyse cybersecurity threats to the business.

b) Critically evaluate the economic impact of cybersecurity threats on the business.

c) Critically assess cybersecurity governance and risk management measures in response to changing threats within an organisational context.

d) Design and justify procedural and technical cybersecurity controls to mitigate cybersecurity threats under consideration of the IT and business process landscape.

Assessment Information:

Learning outcomes for this subject are assessed using a range of assessment tasks as described in the table below.

Broad topics to be covered: 

Topic: 
Week 1:  Fundamentals of Cyber Security Management I: Cybersecurity Economics 

  • Cybersecurity incidents and their organisational impact  
  • Economic aspects of cybersecurity for organisations 
  • Types of cybersecurity incidents and related costs 
  • Organisational cybersecurity vulnerabilities 
Week 2: Fundamentals of Cyber Security Management II: Fundamental Concepts 

  • Assets, vulnerability, threat, risk, controls, policies 
  • Cryptography in security management 
  • Types of attackers (internal and external) 
  • Cybersecurity threat modelling 
  • Business impact analysis 
  • Cybersecurity (human) resource management  
  • Cybercrime and digital forensics  
Week 3: Cyber Security Risk Management I: Principals 

  • Tensions between security controls, costs, and business needs 
  • Security management as risk management 
  • Internal and external cybersecurity risks 
  • Cryptography key management 
  • Deming cycle: plan, do, check, act 
  • Enterprise Risk Management (ERM) and cyber forensics 
Week 4: Cyber Security Risk Management II: Governance, Standards and Best Practices 

  • Cybersecurity governance  
  • Cybersecurity policies and procedures 
  • Cybersecurity roles 
  • Managing security by standards: ISO/IEC2700x, SABSA, NIST 800 
  • Certifications and audits 
  • Digital forensics as part of a risk management policy in ERM 
Week 5: Procedural Security Controls I: Asset Security 

  • Information life cycle 
  • Information classification (levels and controls) 
  • Data governance and roles 
Week 6: Procedural Security Controls II: Secure Software Development 

  • Secure software development processes 
  • Change and release management  
Week 7: Procedural Security Controls III: Security Incident Response 

  • Security incident process 
  • Crises response planning 
  • Business continuity management  
  • Digital Forensics and Incident Response (DFIR) 
Week 8: Technical Security Controls I: Security Engineering 

  • System security architecture 
  • Security models 
  • System evaluation: common criteria 
Week 9: Technical Security Controls II: Security Assessment and Testing 

  • Technical auditing controls (Vulnerability Testing, Penetration Testing) 
  • Audit strategies and technical reporting 
  • The role of forensics in cybersecurity prevention 
Week 10: Evaluation of Security Controls I: Cost-based Methods 

  • Economic evaluation of cybersecurity measures: Return on Security Investment 
Week 11: Evaluation of Security Controls II: Presentation 

  • Process-oriented evaluation of cybersecurity measures  

Please note that these topics are often refined and subject to change so for up to date weekly topics and suggested reading resources, please refer to the Moodle subject page.