IY4S731 - Security Management and Incident Response 01 Sep 2023 - 30 Aug 2030 | Version 2

Associated Module Information

Module Code: IY4S731
Module Title: Security Management and Incident Response
Faculty: Faculty of Computing, Engineering and Science
Faculty Group: FCES Faculty
Faculty Sub Group: Cyber Security
Module Leader: Muhammad Awais
Module Team: Sharan Johnstone, Rachael Medhurst, Mamoun Qasem, Andrew Bellamy, Christopher Manley, Madhu Khurana, Emma Derbi, Joshua Richards, Peter Eden, Richard Ward, Beth Jenkins, Arun Kumar, Nisha Rawindaran, Chelsea Cooper, Muhammad Awais
First Intended Intake: SEP 2024 Final Year of Intake: 2029
Date Closed:
Credit Value: 20 Credit Level: 7
Language: English
Percentage of Module Taught in Welsh: 0
Equivalent Module:
HECOS codes: 100376 - computer and information security 100385 - computer forensics 100962 - research skills 101040 - risk management
HECOS Code Weighting: 40 10 25 25

Document Version Information

Version 2
Valid From 01 Sep 2023
Valid To 30 Aug 2030

Module Aims

To develop advanced skills and critical understanding of complex issues surrounding security management, operations, and incident response.

Content Summary

ISMS compliance monitoring and security monitoring

Principles and Practice of Security Operations Management

Threat management and Risk Analysis

The role and function of a SIEM

Machine learning and data correlation

Incident Management?methodology and frameworks

Forensic Preparedness

ISO 27035

Business Continuity Planning

Learning and Teaching Methods

Activity Type Hours
Lecture 24
Practical classes and workshops 24
Independent Study 78
Directed Study (including online independent learning) 48
Formative Assessment - Scheduled 2
Interdisciplinary work 12
Problem / challenge based learning 12
Total Hours Selected 200

Learning Outcomes

# Learning Outcome
LO1 To make critical judgements on complex factors involved in defending the security of an organisation at an operational, tactical and strategic level, and to reflect and evaluate on lessons learned.
LO2 To demonstrate at a higher level, the professional, analytical, problem solving and critical decision-making skills attributes and knowledge to respond to a security incident and to ensure continuity of business

Module Requisites

N/A

Assessment Criteria

Assessment Category Assessment Type Description Duration Word Count Weight (%) Best of? Pass Mark
Synchronous Onsite Practical Assessment Simulation (Onsite) 1 Incident Evaluation and Response 0 4000 100 No 40

Assessment Matrix

Assessment Type Learning Outcomes
LO1 LO2
Simulation (Onsite) 1

Reading List

https://rl.talis.com/3/southwales/lists/45F7C20E-285B-47E7-7BD0-4F7E0B369CF4.html?lang=en&login=1??  

 

Essential:  

 

  • Hubbard, D.W. and Seiersen, R., (2023). How to measure anything in cybersecurity risk. John Wiley & Sons. 

  • Karim Vellani, (2021), Strategic Security Management A Risk Assessment Guide for Decision Makers, Second Edition ISBN 9780367776510, 300 Pages, Published by CRC Press. 

  • Heyerdahl, Anne., (2023), From prescriptive rules to responsible organisations–making sense of risk in protective security management–a study from Norway. European Security 32, no. 1  

Recommended:  

 

  • Soldatos, John, James Philpot, and Gabriele Giunta, (2020). Cyber-Physical Threat Intelligence for Critical Infrastructures Security: A Guide to Integrated Cyber-Physical Protection of Modern Critical Infrastructures. Now Publishers. 

  • Seaman, Jim, and Michael Gioia (2023). Security Risk Management-The Driving Force for Operational Resilience: The Firefighting Paradox. CRC Press. 

  • Siegel, Carol A., and Mark Sweeney. (2020) CyberState: risk-driven security and resiliency. CRC Press,