Cybersecurity is one of the major challenges for organisations today. An effective security programme must employ appropriate physical and technological means to secure the organisation’s infrastructure. In addition, any effective programme must take into account the influence of people’s behaviour on security. Thus, organisational methods for securing the organisation are also needed. Furthermore, any security programme must be prepared to deal with failures of security. Attacks must be detected and mitigated in an appropriate way, ensuring the organisation is secure and that negative impact is minimised. The module draws on the research within the school to teach students the skills necessary to deploy secure systems, detect intrusions, and mitigate their impact on the organisation. 

Note: The module focusses on secure operations. Development of secure systems is taught in the accompanying module “Developing Secure Systems and Applications”. 

1. Justify the selection of and implement technical and organisational security measures. 
    

2. Identify and analyse legal constraints and obligations in security operations. 
    

3. Demonstrate knowledge of intrusion-detection and intrusion-prevention systems. 
    

4. Reflect on the interplay between people and technology in securing organisations. 
    

5. Articulate the importance and requirements of situational awareness. 
    

6. Articulate the purpose and operation of a Security Operations Centre (SOC). 
    

7. Analyse and evaluate the current and evolving threat landscape. 
    

8. Articulate and analyse techniques and strategies used by Advanced Persistent Threats (APTs) and how they can be detected and mitigated. 
    

9. Perform satisfactory peer review. 

The module will be delivered through a combination of lectures, supervised lab sessions and tutorials as appropriate. You will be expected to attend all timetabled sessions and engage with online material. You will be guided through learning activities appropriate to your module, which may include: 

on-line resources that you work through at your own pace (e.g. videos, web resources, e-books, quizzes), 

on-line interactive sessions to work with other students and staff (e.g. discussions, live streaming of presentations, live-coding, team meetings) 

face to face small group sessions (e.g. help classes, feedback sessions) 

Understanding of attackers’ thinking 

Understanding of attackers’ goals and methods (Tactics, Techniques, and Procedures) 

Identification of challenges and trade-offs in security operations 

Making informed decisions for security technology 

Deploying and using technology for security operations 

Transferable Skills (Communication, Time Management, Literature Research, Reflective Thinking and Learning, Report Writing, Teamwork, Time budgeting) 

A portfolio case study 

Students will be provided with reassessment opportunities in line with University regulations. 

Adversarial thinking 

Security challenges in cyber-human systems 

Technology for building secure systems 

Intrusion- Detection Systems and Intrusion-Prevention Systems 

Technologies, methodologies, and legal aspects of incident response 

Trade-offs between security and other attributes 

Impact assessment 

Security Operation Centres 

Emerging trends and challenges in Security Operations: UEBA, Machine-Learning, 

AI, Containers, etc.