Hasso-Plattner-InstitutSDG am HPI
Hasso-Plattner-InstitutDSG am HPI
  
Login
 

Cyber Security Management (Wintersemester 2020/2021)

Dozent: Prof. Dr. Christian Dörr (Cyber Security - Enterprise Security)

Allgemeine Information

  • Semesterwochenstunden: 4
  • ECTS: 6
  • Benotet: Ja
  • Einschreibefrist: 01.10. - 20.11.2020
  • Lehrform:
  • Belegungsart: Pflichtmodul
  • Lehrsprache: Deutsch

Studiengänge & Module

IT-Systems Engineering MA
  • ITSE-Entwurf
  • ITSE-Konstruktion
  • ISAE-Techniken und Werkzeuge
Cybersecurity MA
Digital Health MA
Data Engineering MA

Beschreibung

The goal of cybersecurity is to identify cyber risks and reduce them to an acceptable level. From a strategic view, an organization’s cybersecurity program and cyber risk management has to fulfill five core functions. There have to be processes to identify cyber risks, a deployment of safeguards and detection capabilities, as well as organizational and technical measures to respond and recover from a cyber incident.

This course covers the relevant standards, frameworks and best practices to establish a cyber risk management program from a technical, governance, and legal perspective. The lecture is accompanied by a semester-long case study, where you identify and evaluate the cyber risk for an organization, and develop a customized cybersecurity program to treat them.

Covered topics:

Identify

  • Security governance and risk management standards (i.a. ISO31000 series)
  • Threat identification, cyber threat intelligence and cyber attack analysis models
  • Information Security Management Systems (i.a. ISO27000 series)
  • Compliance standards and frameworks
  • Risk management frameworks specific to critical infrastructures and select sectors

 

Protect

  • Categorization of controls (technical and non-technical; preventive, detective and responsive controls)
  • Security standards (i.a. BSI Grundschutz)
  • Security architectures and best practices (least privileges, defense in depth, security by design)
  • Physical security, asset and identity management
  • Security awareness

 

Detect

  • Logging and monitoring systems
  • Security assessment and metrics

 

Respond

  • Vulnerability management
  • Triage and threat analysis
  • Intelligence-driven incident response

 

Recover

  • Business continuity planning and disaster recovery
  • Crisis management and communication

Literatur

Kurswebseite im Moodle https://hpi.de/friedrich/moodle/course/view.php?id=108

Lern- und Lehrformen

Vorlesung und Übung.

Veranstaltung findet in Präsenz sowie gleichzeitig per Videostream statt. Aufgrund der Corona Abstandsregeln können nur max. 30 Teilnehmer im Veranstaltungsraum sein. Alle anderen können sich online hinzuschalten. Zur Management der Kapazität buchen Sie hier bitte einen Platz für die jeweilige Vorlesung im Moodle.

Leistungserfassung

Abschlußklausur, Zulassung zur Klausur mit erfolgreicher Teilnahme an Übungen.

Zurück