MSc Cyber Security, Risk and Resilience
01 Sep 2024 - 30 Jul 2030
| Course Leader | Mamoun Qasem |
|---|---|
| Course Team | Sharan Johnstone, Nisha Rawindaran, Muhammad Awais, Peter Eden, Rachael Medhurst |
| Awarding Body | University of South Wales |
| Teaching Institutions | University of South Wales |
| Modes of Study | Full Time, Part Time |
Document Version
| Version | 1 |
|---|---|
| Valid From | 01 Sep 2024 |
| Valid To | 30 Jul 2030 |
QAA Benchmarks
The Course's aims and Learning Outcomes support the requirements of the Quality Assurance Agency's Subject Benchmark Statement for Computing (Masters) (QAA 2022) and the course adheres to the QAA Master's Degree Characteristics Statement (QAA 2022) Characteristics Statements (qaa.ac.uk)
Educational Aim
The MSc Cyber Security, Risk and Resilience has the following generic aims which are stipulated by the British Computer Society:
a. To develop a systematic understanding of knowledge, tools and techniques at the forefront of the discipline and a critical awareness of trends and developments relevant to the field of study;
b. To develop an awareness of relevant professional practice, and related legal, social and ethical issues;
c. To enhance conceptual understanding of how research and enquiry methodologies are used to create and interpret knowledge within the discipline;
d. To develop the ability to deal with complex issues both systematically and creatively, apply understanding, develop ideas, solve problems and make sound judgements, often in the absence of complete data;
e. To develop the ability to employ reflection and clearly communicate conclusions, as well as the knowledge and rationale underpinning these, to specialist and non-specialist audiences;
f. To develop the student's ability to employ autonomy and originality in the application of the principles and practices of the discipline in producing a justified solution to a significant problem that is informed by a critical review of research, and facilitate the development of a self-directed, life-long learner.
The MSc Cyber Security, Risk and Resilience also has the following specific aims:
g. Develop and demonstrate a masterly understanding of information systems in terms of deterrence, detection, protection, and reaction to unauthorised access through evaluation.
h. Demonstrate an advanced understanding of forensic detection, its associated tools and practice;
i. Appraise tools and techniques and demonstrate an ability to apply digital forensics to a range of devices;
j. Though critical evaluation and synthesis, demonstrate knowledge of the salient legal and regulatory framework within which practitioners operate and the nature of related criminal activity in context.
Through synthesis and critical evaluation, demonstrate an understanding of research methodologies that are relevant to cyber security.
Appraise and interpret data and information for the management of an information system in terms of deterrence, detection, protection and reaction to unauthorised access;
Assess and defend decisions relating to computer systems security and network security that is informed by developments at the forefront of the field and demonstrate the practical skills necessary for their secure management;
Evaluate, manage and implement security and penetration testing at the operating system and network services level.
Learning Outcomes
| A1 | Appraise and demonstrate comprehensive knowledge of the principles and practices related to current trends and developments in risk management and resilience. |
| A2 | Exhibit a profound understanding of the fundamental principles and procedures within the realm of risk management, while assessing the suitability of diverse methodologies. |
| A3 | Appraise and demonstrate a comprehensive knowledge of the legal and regulatory framework within which Cyber Security is required to operate. |
| A4 | Apply high-level analytical skills and demonstrate autonomy and originality, to solve a range of real-world /complex problems. |
| A5 | Through critical evaluation, demonstrate a systematic understanding of a critical assessment of business continuity planning and crisis management within an organizational context. |
| B1 | Extrapolate and critically analyse information from relevant technical literature and present research outputs both orally and by written report. |
| B2 | Demonstrate innovative thinking by suggesting practical and viable solutions to risk-related issues. |
| B3 | Critically assess the tools, techniques, and frameworks available to IT Directors and Managers of large organisations. |
| B4 | Through systematic examination, differentiate between the different approaches and standards related to the implementation and management of cyber security within an organisation. |
| B5 | Critically appraise the laws and ethics of computer crime, computer espionage and computer misuse and critically evaluate concepts, principles and practices at the forefront of the area of study, demonstrating insight and innovation, and application of these skills as appropriate. |
| C1 | Acquire knowledge and skills in establishing and maintaining appropriate governance of (including processes, roles, awareness strategies, legal environment and responsibilities). |
| C2 | Demonstrate the application of risk analysis, vulnerability analysis and threat assessment principles and methods. |
| C3 | Analyse and demonstrate knowledge and application, the common technical security controls available to prevent, detect and recover from security incidents and to mitigate risk. |
| C4 | Through critical analysis, identify and apply appropriate research methods and approaches. |
| C5 | Identify, manage and respond to all aspects of cyber security, including reacting to new threats and vulnerabilities, secure operational and service delivery consistent with security polices, standards and procedures, and handling security incidents of all types according to common principles and practices, consistent with legal constraints and obligations, as well as capable of managing or investigating an information security incident at all levels. |
Course Structure
Level 7 Modules
| Module Code | Module Id | Module Title | Module Status | Credit Value | Module Type |
|---|---|---|---|---|---|
| IY4S737 | MOD013502 | Networking Technologies | Running | 20 | specified |
| IY4S736 | MOD013515 | Leadership and Transformational Changes in a Digital Era | Running | 20 | specified |
| IY4S740 | MOD013519 | Crisis and Operational Resilience | Running | 20 | specified |
| IY4S741 | MOD013520 | Protecting Critical National Infrastructure | Running | 20 | specified |
| IY4S731 | MOD012528 | Security Management and Incident Response | Running | 20 | specified |
| IY4S730 | MOD012527 | Legislation, Risk and Governance in Cyber Security | Running | 20 | specified |
| IY4T705 | MOD012533 | MSc Project | Running | 60 | core |
Teaching and Assessment
Learning and Teaching Methods
Employer Engagement
Visiting Speakers: Visits by employers will be organised at module or course level. Students are invited to a fortnightly industry guest speaker seminars arranged throughout the academic year and focusing on specialist areas related to Cyber Security. The aim of these seminars is to create employment opportunities and for students maintain market currency in their knowledge.
Fieldtrips: Visits to local employers or external bodies may be organised as appropriate.
Work Placements: Students are able to apply for placements via our Careers and Employability teams and directly to employers.
Employer Forums: The University’s career service delivers several events throughout the academic year; fairs and forums, that bring together potential employers, current students, and recent graduates to meet, either online or in-person, to discuss opportunities and seek guidance on their future careers.
In 2022, the career service partnered with top employers across the country to create an exclusive All Wales Virtual Careers fair for students to access online and was very well received by our students.
Other: Most modules use case studies, scenarios, and examples from the cyber security industry to illustrate concepts and their importance. Opportunities for work-related learning activities continue as students engage in and contribute in a positive manner to the solution of world of work tasks and problems.
Means of Assessment
All modules on the course are Level 7 in taxonomy. University policy directs that taught Master’s modules are delivered in consecutive eight-week blocks. On the MSc Cyber Security, Risk and Resilience, the six taught modules are divided into three blocks.
Block One
Students will undertake Networking Technologies, alongside Leadership and Transformational Change in a Digital Era, offering a well-rounded blend of technical, practical, and theoretical knowledge. Students will attain an understanding of organisational structures and architectures, introductory-level insights into operating systems' roles and functions, and awareness of network technologies. Also, this block will delve into crucial topics such as Strategic Leadership, Risk and Change in IT, Digital Transformation, and the critical evaluation of Cyberlaw, Digital Legislation, and Regulatory Responsibilities.
Block Two
Students will undertake Crisis and Operational Resilience and Protecting Critical National Infrastructure in Block B and learn about risk management, crisis management, and resilience in the realm of industrial security concerns and operational risks. Additionally, these modules will explore vital subjects including the contextualization of Critical National Infrastructure (CNI) within both public and private sectors, risk mitigation and resilience strategies pertinent to CNI, and the examination of IoT devices, IoT security, and associated mitigation techniques.
Block Three
Students will undertake, Legislation, Risk and Governance in Cyber Security and Security Management and Incident Response, which provide a balance of technical, practical, and theoretical content. Students will gain a very high level of understanding through critical discussion and analysis of the issues associated with Security Management and Incident Response management and demonstrate and evaluate a systematic understanding of the surrounding principles and practices and use simulation to put this into practice.
All students complete their studies with a 60-credit individual dissertation project. This provides the opportunity for students to demonstrate independent thinking in the application of their computing and research skills to a complex problem. Typically, a full-time student would undertake all six taught modules in one academic year, and then work on the individual project during the summer: 180 credits within a 12 month study period.
A part-time student would normally study three modules in one academic year and the final three in their second academic year, including the individual project during the summer of the second academic year.
Learning Support
Induction: During the first week of attendance the course team will plan and deliver a range of induction activities which are pre published to students via the USW Event Map system. Inductions are designed to welcome students to the course and the university and introduce them to the course team and university systems they will be using, or may need to interact with, such as student services, DDS etc.
Personal Academic Coach: As there is no formal Personal Academic Coaching embedded into the programme, the Course Leader will direct the student to the designated support point, but carries out regular drop in sessions for pastoral and course support.
Learner Analytics: Learner Analytics such as engagement and progression data can be obtained using a variety of tools such as Course Evaluation within UniLearn (Blackboard) and Study Goal. The data is used to monitor course engagement and students not engaging are contacted initially by the Course Leader to determine the reason for absence and offer pastoral support and may result in a referral to the USW progression and engagement team.
Office hours: Staff are generally available when they are not teaching both in person and remotely using other methods such as Microsoft Teams. Office hours are 9-5 and are published, along with staff contact details on each module, within the VLE. As with the undergraduate course, published drop-in sessions with the Course Leader will be made available.
Tutorials: Every module has at least one hour of tutorial or lab practical where students are able to apply and practice what they are learning and receive individual support. Tutorials help to clarify and reflect on lecture content and frequently use problem solving scenarios and case studies.
Seminars: Students are invited to a fortnightly industry guest speaker seminars arranged throughout the academic year and focusses on specialist areas related to Cyber Security. The aim of these seminars is to create employment opportunities and for students maintain market currency in their knowledge.
Formative Assessment: Lectures and tutorials contain formative exercises to encourage students to experiment and gain practical experience. Staff provide cohort feedback to aid development.
Progress Meetings: Students undertaking their MSc project are assigned a project supervisor who also undertakes the role of pastoral course tutor. Regular meetings are arranged throughout the duration of the project.
Research Supervision: Students undertaking their MSc project are assigned a project supervisor. Regular meetings are arranged throughout the duration of the project.
Online Resources: Teaching and coursework assessment materials are made available on-line through the University’s virtual learning environment (UniLearn). Modern computing laboratories provide access to specialist resources and students can gain remote access to software if working from home. Each student has an academic e-mail account that is particularly useful when requesting support from teaching and tutorial staff.
Advice Zone: USW students have access to the Advice Zone. Typically, this falls under the purview of Student Services. Students can use the USW Advice Zone for any problems they may have and will deal with the USW Advice Zone for guidance on applying for Extenuating Circumstances, Appeals etc.
Course Exit Points
| Award | Criteria | Final |
|---|---|---|
| Postgraduate Certificate | 60 credits with at least 40 at level 7 and no more than 20 at Level 6 | Exit |
| Postgraduate Diploma | 120 credits of which at least 90 must be at Level 7 and no more than 30 at Level 6 | Exit |
| Master of Science | 180 credits of which at least 150 must be at Level 7 and no more than 30 at Level 6 | Final |
Progression Route
Entry Requirements
Admission to the course is typically through the following qualifications:
The MSc Cyber Security, Risk and Resilience is designed for graduates with a minimum 2:2 Honours degree or equivalent in a connected subject. Typically, entrants will have graduated in a technical degree – such as Applied Cyber Security, Computer Security, Computer Science, Information Technology – and need to further develop their skills within Cyber Security. However applications are welcomed from those stemming from other non technical backgrounds who wish to upskill into cyber.
Candidates applying to the course with non-standard qualifications will be judged on an individual basis using Recognition of Prior Learning procedures as defined in the University’s Regulations. For example, the University may admit students based on their prior experiential learning, provided that it is identifiable, relevant to the programme of study for which they are applying and provides sufficient evidence of their ability.
The subject area seeks actively to promote University policies on equal opportunities and widening access and will seek to recruit as wide a range of students as the current mode of attendance and admission requirements permit. The procedures, criteria, and regulations for admission, including promotion of wider access and equal opportunities will follow those established for the existing post-graduate provision offered by the Subject area of Computing and Mathematics. Normally, evidence will be sought of successful completion of an under-graduate Honours degree and, where appropriate, a minimum average IELTS (International English Language Testing System) score of 6.5.
Inclusive Curriculum Statement
The University of South Wales operates a policy of inclusive learning, teaching and assessment to ensure that all students have an equal opportunity to fulfil their educational potential. Course teams will have considered ways of designing out any potentially disadvantageous element of courses during the course design process. However some specific needs may remain, details about how to apply to have your needs assessed can be found at: http://unilife.southwales.ac.uk/pages/3040-disability-and-dyslexia-service/
Addendum for Delivery at a Partner Institution
N/A
Methods Of Quality Standards
N/A
Quality Of Standards Indicators
N/A