MAN 5166 Cyber Security for Leaders

MAN 5166 Cyber Security for Leaders

Course code: 
MAN 5166
Department: 
Strategy and Entrepreneurship
Credits: 
15
Program of study: 
Executive Master of Management - med spesialisering i sikkerhetsledelse og kulturforståelse
Course coordinator: 
Thomas Hoholm
Product category: 
Executive
Portfolio: 
EMM - Security management and Cultural understanding, Specialisation
Semester: 
2020 Spring
Active status: 
Active
Teaching language: 
Norwegian/English
Course type: 
One semester
Introduction

This Master of Management course (15 ECTS), is designed to be a part in a 90 ESCTS Executive Master of Management degree specializing in Security management and Cultural Understanding.

Digitalization is among the highest political priorities in many countries. In Norway digitalization is seen as part of the strategy to overcome the challenges of the wide geographic distribution of the population, and enable equal services throughout the country. The political push towards digitalization for citizens, businesses and public services must be accompanied with precautions and strategies to create resilience against threats and attacks in cyberspace. Resilience means to protect your system, detect malware at the earliest possible occasion, and respond to incidents so that normal operation can be continued as soon as possible after a breach. In short, follow the principle “Protect, Detect and Respond”.

A high degree of resilience can be achieved via aware decision makers, deep and sound risk analysis, and teams which can balance the trade-off between vulnerability and overprotection. Moreover, the professional management and implementation of organizational and technical innovations in the context of cyber security involves managing across multiple stakeholders and networks. In short, cyber security leaders need to support such strategies and balancing processes, while consulting society and decision makers as part of the endeavor.

Learning outcomes - Knowledge

The student;

  • has thorough knowledge of the complex issues of management of cyber security, technology and  networks
  • knows how to expand influence and awareness of cyber security in own organization
  • knows how to improve social networking among concerned decision-makers
  • has specialized knowledge of risk, cyber security and incident management
  • has advanced knowledge of high-reliability organizations, including practice, culture, and structure elements
Learning outcomes - Skills

Students are able to: 

  • systematically analyze and critically challenge cyber risks and cyber incidents
  • carry out analysis of, and evaluate, cyber incidents
  • utilize relevant methods to develop and evaluate business continuity, disaster recovery and incident response plans
  • communicate effectively with management and stakeholders in IT as well as people from other disciplines and contexts
General Competence

Participants will through this course develop their ability along the following dimensions:

  • Advanced communication and discussion about independent work in speech and writing to different audiences in national and international contexts
  • Can apply his/her knowledge and skills to make independent decisions and contribute to major decision-making processes that have a strong focus on security issues.
  • Can apply his/her knowledge and skills to establish ethical responsibility, and supervise other people in an independent and reflective way
  • Can critically analyze opportunities and constraints regarding knowledge about the surroundings and alternative courses of action
Course content

Module 1: Setting the Scene for a Secure Digitalized World

  • Standards, Frameworks and Regulations
  • Introduction to Networks
  • Digitalization and secure Digitalization
  • Execution, Control and Top Management Interaction
  • Cases Studies and recent examples
     

Module 2: Risk Management and Audit

  • Vulnerabilities, Threats, and Business Impact
  • Risk Management and Audit
  • Cyber Insurances
     

Module 3: Mastering Digital Incidents and Crises

  • Incident Response and Readiness
  • Investigations and Digital Forensic Readiness
  • Business Continuity Management and Disaster Recovery Planning
  • The Value of Trust Networks: CERT, Information Sharing Communities, Exchange with National Services and Supportive Function
  • Collaboration with authorities
Teaching and learning activities

Nine teaching days in three 3-day modules, amounting to 72 hours. The students must expect to use at least 400 study hours, which is the norm for 15 ECTS.

Lectures will consist of a combination of lectures, group work and discussions, where theory and the wide set of experience among students will form a valuable basis for interactions.

Between sessions, students are expected to work actively in groups with a change project related to their own organization, or perhaps in the relationships between organizations. This will be documented and discussed in relation to the curriculum, in a final report (project paper).

The students are evaluated through a term paper, counting 60% of the total grade and a 48 hours individual home exam counting 40%. The term paper may be written individually or in groups of maximum three persons.. We recommend starting the work on the term paper early to supplement classroom learning. The term paper should be 15-20 pages 

Software tools
Software defined under the section "Teaching and learning activities".
Qualifications

Bachelor degree, corresponding to 180 credits from an accredited university, university college or similar educational institution. The applicant must be at least 25 years of age. At least four years of work experience. For applicants who have already completed a master’s degree, three years of work experience are required. (two years of work experience are required for applicants employed at The Norwegian Armed Forces)

Exam categoryWeightInvigilationDurationGroupingComment exam
Exam category:
Submission
Form of assessment:
Written submission
Exam code:
MAN 51661
Grading scale:
ECTS
Grading rules:
Internal and external examiner
Resit:
Examination when next scheduled course
60No1 Semester(s)Group/Individual (1 - 3) Term paper, counting 60% of the total grade.
Exam category:
Submission
Form of assessment:
Written submission
Exam code:
MAN 51662
Grading scale:
ECTS
Grading rules:
Internal and external examiner
Resit:
Examination when next scheduled course
40No48 Hour(s)Individual Individual 48 hours home exam, counting 40% of the total grade.
Exams:
Exam category:Submission
Form of assessment:Written submission
Weight:60
Invigilation:No
Grouping (size):Group/Individual (1-3)
Duration:1 Semester(s)
Comment: Term paper, counting 60% of the total grade.
Exam code: MAN 51661
Grading scale:ECTS
Resit:Examination when next scheduled course
Exam category:Submission
Form of assessment:Written submission
Weight:40
Invigilation:No
Grouping (size):Individual
Duration:48 Hour(s)
Comment: Individual 48 hours home exam, counting 40% of the total grade.
Exam code:MAN 51662
Grading scale:ECTS
Resit:Examination when next scheduled course
Type of Assessment: 
Ordinary examination
Total weight: 
100
Sum workload: 
0

A course of 1 ECTS credit corresponds to a workload of 26-30 hours. Therefore a course of 15 ECTS credit corresponds to a workload of at least 400 hours.