Cyber Security for Managers - MAN00039H

« Back to module search

  • Department: The York Management School
  • Module co-ordinator: Dr. Philip Garnett
  • Credit value: 20 credits
  • Credit level: H
  • Academic year of delivery: 2019-20

Module summary

The objective of this course is to provide students with an understanding of information security, and organisational cyber security. The course will enable students to understand the importance of information and systems security, ethics, and regulatory expectations around organisational cyber security.

Module will run

Occurrence Teaching cycle
A Spring Term 2019-20

Module aims

Cyber security has been recognised as a significant issue for companies, in particular their information technology and security departments. However, cyber security is also emerging as a significant management issue. The objective of this course is to provide students with an understanding of information security, and organisational cyber security. The course will enable students to understand the importance of information and systems security, ethics, and regulatory expectations around organisational cyber security. The students will also develop an understanding of the expectations from society and the media around cyber security, and how organisations respond to information leaks and cyber-attacks.

An additional aim of the module is to improve student's awareness of their own cyber security, and critically reflect on their own behaviour in cyberspace.

Module learning outcomes

  • Understand the importance of information systems and information technology to cyber security.
  • Understand the types of cyber security threat faced by modern organisations, and the origin of security threats (internal/external).
  • Students will develop an awareness of the ethical and operational issues around cyber security and systems surveillance, and be able to critically evaluate the ethical implications for individuals, organisations, and society, of cyber security strategies and policy.
  • Understand the basics of the UK and International regulatory requirements for cyber security, and the role organisations play in national security.
  • Be able to critically evaluated how organisations response to cyber-attacks, through the analysis of both successful and failed organisational responses.
  • Be able to critically evaluated organisational strategy and policy around

Students will critically evaluate their own online behaviour and their personal cyber security, by reflecting on what they learn on the course.

Module content

There are numerous managerial issues around cyber threats that students should have experience of before entering the work place. Leaks, hacking, and viruses/malware a very real threat to organisations, and society is becoming increasingly concerned with privacy, data retention, and the moral arguments around whistle-blowing. This module will address these issues and hopefully generate lively and interesting debate among students.

Managers often encounter cyber security threats after the fact, that is, once disaster has struck. Therefore, an important aspect to this module will be the critical evaluation of organisational response to cyber threats, leaks, or hacking. Students will also be assessed on their ability to prepare a suitable response to a fictional security breach at an organisation. Including a short, written, report reassuring shareholders, and a mock press conference, with a questions and answer session.

Students will also develop skills to critically evaluate cyber security policy and strategy to enable to discover problems within organisations before disaster strikes, perhaps reducing the possibility needing to respond to an attack. This knowledge can also be used to improve their own security online.

The module will be taught using a mixture of lectures, guest lectures, and seminars, and make use of documentary material and news reports as well as journals and textbooks.

Assessment

Task Length % of module mark
Essay/coursework
Critical Evaluation: Case Study & Reflective Analysis
N/A 70
Essay/coursework
Group Report : Response Report to Media & Shareholders
N/A 15
Oral presentation/seminar/exam
Presentation : Group Mock Media Statement & Q&A
N/A 15

Special assessment rules

None

Reassessment

Task Length % of module mark
Essay/coursework
Reassessment: Critical Evaluation Case Study
N/A 100

Module feedback

Module assessment reports to students are written by the module leader for all assessments (open and closed) and placed on the VLE after the Board of Examiners has received the module marks.

The timescale for the return of feedback will accord with TYMS policy

Indicative reading

Cyber Security: An Introduction for Non-Technical Managers. Swinfen Green, Gower,

Gurpreet Dhillon, Information Systems Security, Wiley, 2007.



The information on this page is indicative of the module that is currently on offer. The University is constantly exploring ways to enhance and improve its degree programmes and therefore reserves the right to make variations to the content and method of delivery of modules, and to discontinue modules, if such action is reasonably considered to be necessary by the University. Where appropriate, the University will notify and consult with affected students in advance about any changes that are required in line with the University's policy on the Approval of Modifications to Existing Taught Programmes of Study.