This subject is available under ICMS undergraduate degrees, please click the button below to find an undergraduate course for you.
CYB301A
Specialisation
3 credit points
CYB201A Network Security, and
Course level pre-requisite a total of 24 credit points (15 credit points, including ICT101A, ICT102A, ICT103A, DAT101A from level 100 and 9 credit points from level 200 core subjects) prior enrolling into level 300 core and specialisation subjects.
300
Cybersecurity operations (SecOps) management is an essential component of a modern enterprise’s overarching IT governance system. Organisations need IT professionals with a sound understanding of the critical requirements in cyber operations to design, develop, and promote security policies and procedures for information assurance at an organisational level. Developing the necessary capabilities in cybersecurity operations management is vital to monitor, detect, analyse, and respond to cybersecurity incidents and continuously improve the organisation’s security posture.
This subject introduces students to the broad topic of cybersecurity operations, concentrating on the fundamental concepts, frameworks, standards, and methods applied in IT operations management (ITOM) from an information security perspective. Students will explore security information and event management principles and practices, developing the essential knowledge of security-oriented operational governance for common IT functional areas.
Students will learn the activities, technologies, and techniques related to cybersecurity incident management and response, event management, and emergency response planning. They will discover the use of cyber threat intelligence in countering cyberattacks and enhancing incident response. The constituents, applications, and responsibilities of a modern security operation centre (SOC), including its role and trends in optimising organisational cyber resilience will also be examined.
a) Apply the fundamental concepts and principles underlying cybersecurity operations management within a business context.
b) Critically analyse organisational IT security operations, evaluate gaps and opportunities, and model improvements accordingly using relevant industry standards and frameworks.
c) Evaluate the functions and applications of cyber threat intelligence and Security Operation Centre (SOC) in support of security information and event management in the cyber environment.
d) Investigate cybersecurity incidents and events, and formulate response strategies and plans, applying SecOps tools and techniques.
e) Explore the latest trends and technical advancements in cybersecurity operations management, including their role and applications in enhancing organisational cyber resilience.
No | Assessment Task | Weighting | Learning Outcomes |
1 | Case Study – Incident Management | 30% | a, b, e |
2 | Emergency Response Plan | 40% | a, b, d, e |
3 | Case Study – Incident Management | 30% | c, d, e |
Broad Topics to be Covered:
Topic: |
Week 1: Fundamentals of IT Operations Management
|
Week 2: IT Operations Management Standards and Frameworks
|
Week 3: Principles of Network Monitoring
|
Week 4: Principles of Incident Management
|
Week 5: Introduction to Security Operations
|
Week 6: Security Incident and Event Management
|
Week 7: Security Incident and Event Management Tools and Techniques
|
Week 8: Emergency Response Planning (ERP)
|
Week 9: Cyber Threat Intelligence
|
Week 10: Security Operation Centre (SOC) Fundamentals and Operations
|
Week 11: Automation and AI in Security Operations Management
|