Postgraduate Course: Work-based Professional Practice in Cyber Security (INFR11191)
Course Outline
| School | School of Informatics |
College | College of Science and Engineering |
| Credit level (Normal year taken) | SCQF Level 11 (Postgraduate) |
Availability | Not available to visiting students |
| SCQF Credits | 20 |
ECTS Credits | 10 |
| Summary | This course is work-based and is focused on the real-world application of cyber security in a workplace environment. It includes experiencing how information and risk, threats and attacks, cyber security architecture and operations, secure systems hardening and usability and cyber security management are applied to provide resilience in a workplace organisational environment. Students who do this course will obtain practical experience in the design, implementation, and evaluation of cyber security approaches. |
| Course description |
This course provides graduate apprenticeship students with a holistic approach to cyber security, privacy and trust. It is a key stage in the learning and development strategy of the graduate apprenticeship programme in cyber security. It is project based, introduced in the university and facilitated in the workplace around work-based projects.
This is a work-based learning course worth 20-credits. Students undertake work-based application throughout the GA programme and are expected to spend around 200 hours in total on this course. The University Student-Led Individually Created Course (SLICC) approach will be planned to cover the graduate apprenticeship students working with their specific employers and the work will directly link to their own contexts in the workplace.
The main topics are: the application of cyber security re-search techniques, developing an understanding of the application of cyber security operations to business environments. In addition, this course covers the meta-skills required to operate in a professional environment including graduate attributes for: lifelong learning, aspiration and personal development, outlook and engagement, research and enquiry, personal and intellectual autonomy, personal effectiveness and communication in both university and the workplace.
The year 1 courses in cyber security are applied to real world cyber security problems and projects.
Students will be directed in their learning using the SLICC approach. They will plan, propose, carry out, reflect on and evaluate a cyber security study from their own work context in cyber security. The SLICC framework requires that students use the generic learning outcomes to articulate their learning in their own defined project, reflect frequently using a blog, and collect and curate evidence of their learning in an e-portfolio. They receive relevant formative feedback on the Reflective Report, which forms the summative assessment. All this is with the guidance of a professional practice academic tutor.
The course will encourage appraisal of students' own practical experiences in cyber security and allow them to reflect on their learning in the context of cyber security.
Note: this course is not a stand-alone introduction to applied cyber security and can only be delivered as part of the Graduate Apprenticeship in cyber security.
Syllabus:
* Information and risk: including confidentiality, integrity and availability (CIA); concepts such as probability, consequence, harm, risk identification, assessment and mitigation; and the relationship between information and system risk.
* Threats and attacks: threats, how they materialise, typical attacks and how those attacks exploit vulnerabilities.
* Cyber security architecture and operations: physical and process controls that can be implemented across an organisation to reduce information and systems risk, identify and mitigate vulnerability, and ensure organisational compliance.
* Secure systems hardening and usability: the concepts of systems hardening and usability to ensure robust, resilient systems that are fit for purpose.
* Cyber security management: understanding the personal, organisational and legal/regulatory context in which information systems could be used, the risks of such use and the constraints (such as time, finance and people) that may affect how cyber security is implemented.
* Personal & professional: the ability to communicate, problem solve and work with and lead teams.
|
Entry Requirements (not applicable to Visiting Students)
| Pre-requisites |
Students MUST have passed:
Research Methods in Security, Privacy, and Trust (INFR11188)
|
Co-requisites | |
| Prohibited Combinations | |
Other requirements | This course is not a stand-alone introduction to applied cyber security and can only be delivered as part of the Graduate Apprenticeship in Cyber Security. Graduate apprenticeship students must have completed all year 1 courses of the Graduate Apprenticeship in Cyber Security, core courses including: Research Methods in Security, Privacy Trust (INFR11188).
|
Course Delivery Information
| Not being delivered |
Learning Outcomes
On completion of this course, the student will be able to:
- Demonstrate an understanding of the cross-disciplinary nature of cyber security, and the complexities, challenges and wider implications of the contexts in which cyber security problems occur in the workplace.
- Draw on and apply relevant cyber security approaches, tools and frameworks for cyber security enquiry to different settings in real world situations.
- Review, develop and apply skills and attributes (academic, professional and/or personal) in graduate attributes, including lifelong learning, aspiration and personal development, outlook and engagement, research and enquiry, personal and intellectual autonomy, personal effectiveness and communication in both university and the workplace.
- Frame and address cyber security business problems, questions and issues as a cyber security project, being aware of the environment and context in which the problem exists.
- Review, evaluate and reflect upon knowledge, skills and practices in cyber security.
|
Reading List
Bolton, G. 2010. Reflective Practice: Writing and Professional Development. 3rd Ed. London: Sage
Boud, D., Keogh, R. and Walker, D. 2005. Reflection: Turning Experience into Learning.
Oxon: Routledge Falmer Fook, J. and Gardner, F. 2007. Practising critical reflection : a resource handbook Maidenhead: Open University Press
Kolb D.A. 1984.Experiential learning : experience as the source of learning and development New Jersey: Prentice Hall
Moon, J.A. (2006). Learning journals: a handbook for reflective practice and professional development (2nd edition). Abingdon: Routledge.
Mumford, J. and Roodhouse, S. (eds.) (2012). Understanding work based learning. Farnham: Gower.
Tarrant, P. (2013). Reflective practice and professional development. London: SAGE
Williams, K., Woolliams, M. and Spiro, J. 2012. Reflective writing Basingstoke: Palgrave Macmillan
|
Additional Information
| Graduate Attributes and Skills |
Development of graduate attributes are a key component of a graduate apprenticeship. In this course there is specific reference to the development and application of skills and attributes (academic, professional and/or personal), including and lifelong learning, aspiration and personal development, outlook and engagement, research and enquiry, personal and intellectual autonomy, personal effectiveness and communication in both university and the workplace. |
| Special Arrangements |
This course is not a stand-alone introduction to applied cyber security and can only be delivered as part of the Graduate Apprenticeship in Cyber Security. |
| Keywords | Cyber Security,Graduate Apprenticeship |
Contacts
| Course organiser | Dr Heather Yorston
Tel:
Email: |
Course secretary | Ms Lindsay Seal
Tel: (0131 6)50 2701
Email: |
|
|
University Homepage