Cyber Security Management (Wintersemester 2020/2021)
Lecturer:
Prof. Dr. Christian Dörr
(Cyber Security - Enterprise Security)
General Information
- Weekly Hours: 4
- Credits: 6
- Graded:
yes
- Enrolment Deadline: 01.10. - 20.11.2020
- Teaching Form:
- Enrolment Type: Compulsory Module
- Course Language: German
Programs, Module Groups & Modules
- IT-Systems Engineering
- IT-Systems Engineering
- ISAE: Internet, Security & Algorithm Engineering
- HPI-ISAE-T Techniken und Werkzeuge
- Cybersecurity
- HPI-CS-T Security Technologies
- HDAS: Health Data Security
- HPI-HDAS-C Concepts and Methods
- HDAS: Health Data Security
- HPI-HDAS-T Technologies and Methods
- HDAS: Health Data Security
- HPI-HDAS-S Specialization
- DSEC: Data Security
- DSEC-Konzepte und Methoden
- DSEC: Data Security
- DSEC-Techniken und Werkzeuge
- DSEC: Data Security
Description
The goal of cybersecurity is to identify cyber risks and reduce them to an acceptable level. From a strategic view, an organization’s cybersecurity program and cyber risk management has to fulfill five core functions. There have to be processes to identify cyber risks, a deployment of safeguards and detection capabilities, as well as organizational and technical measures to respond and recover from a cyber incident. This course covers the relevant standards, frameworks and best practices to establish a cyber risk management program from a technical, governance, and legal perspective. The lecture is accompanied by a semester-long case study, where you identify and evaluate the cyber risk for an organization, and develop a customized cybersecurity program to treat them. | |
Covered topics:
Identify
- Security governance and risk management standards (i.a. ISO31000 series)
- Threat identification, cyber threat intelligence and cyber attack analysis models
- Information Security Management Systems (i.a. ISO27000 series)
- Compliance standards and frameworks
- Risk management frameworks specific to critical infrastructures and select sectors
Protect
- Categorization of controls (technical and non-technical; preventive, detective and responsive controls)
- Security standards (i.a. BSI Grundschutz)
- Security architectures and best practices (least privileges, defense in depth, security by design)
- Physical security, asset and identity management
- Security awareness
Detect
- Logging and monitoring systems
- Security assessment and metrics
Respond
- Vulnerability management
- Triage and threat analysis
- Intelligence-driven incident response
Recover
- Business continuity planning and disaster recovery
- Crisis management and communication
Literature
Kurswebseite im Moodle https://hpi.de/friedrich/moodle/course/view.php?id=108
Learning
Vorlesung und Übung.
Veranstaltung findet in Präsenz sowie gleichzeitig per Videostream statt. Aufgrund der Corona Abstandsregeln können nur max. 30 Teilnehmer im Veranstaltungsraum sein. Alle anderen können sich online hinzuschalten. Zur Management der Kapazität buchen Sie hier bitte einen Platz für die jeweilige Vorlesung im Moodle.
Examination
Abschlußklausur, Zulassung zur Klausur mit erfolgreicher Teilnahme an Übungen.
Zurück