Kurssin kuvaus

Welcome to the Cyber Security Management course! 

This course provides an in-depth exploration of cybersecurity management principles, focusing on the ISO2700x standard family and related frameworks. You will learn about essential management processes, including configuration management, management of protected targets, threat management, and risk management. 

Course Content

Introduction to Cybersecurity Management: Overview of key concepts, the CIA Triad, and the importance of cybersecurity management.

ISO27001 and ISO27002 Standards: Detailed study of ISO27001 and ISO27002, including implementation strategies and case studies.

Configuration Management and Management of Protected Targets: Best practices, tools, and techniques for managing configurations and protecting critical assets. Threat Management: Understanding different types of threats, threat assessment, and mitigation strategies. Risk Management and Auditing: Risk management frameworks, risk assessment methodologies, and cybersecurity auditing, including KATAKRI. Regulatory Compliance in Cybersecurity: Overview of GDPR, NIS2 Directive, and other relevant regulations. Advanced Cybersecurity Management Standards and Practices: ISO31000, ISO19011, SOC2, CIS Controls, FAIR framework, and organizational continuity management. Course Structure Lectures: Delivered as pre-recorded videos, released weekly according to the Peppi schedule. Assignments: Two written assignments focusing on asset management and vulnerability management. Exam: A multiple-choice exam covering the course content. Course Book: "Information Security Management Principles" (2nd Edition) by David Alexander, Amanda Finch, David Sutton, and Andy Taylor. This book provides a practical guide to delivering information assurance and is aligned with the BCS Certification in Information Security Management Principles (janet.finna -link) Additional Information For detailed information and a sample schedule, please refer to the "Timetable and Agenda" section here on Moodle.