Checking date: 20/05/2022


Course: 2022/2023

Cybersecurity and Data Protection
(17666)
Study: Bachelor in Management and Technology (351)


Coordinating teacher: GONZALEZ-TABLAS FERRERES, ANA ISABEL

Department assigned to the subject: Computer Science and Engineering Department

Type: Compulsory
ECTS Credits: 6.0 ECTS

Course:
Semester:




Objectives
Students should understand the needs of advanced information systems, as well as the main technological tools applicable in companies and in business, regarding security, information protection and cryptography.
Skills and learning outcomes
Description of contents: programme
1. Introduction to Cybersecurity a. Principles of cybersecurity b. Threats, Attacks and Vulnerabilities c. Security Services and Mechanisms 2. Principles of Protection of Information a. Encryption of information. Encryption types. b. Symmetric and asymmetric cryptography c. Digital signature and certificates d. Cryptocurrency. Bitcoin, blockchain, etc. 3. Security in the transmission of information. a. Secure communications protocols. HTTPS and virtual private networks (VPN) b. Secure Email 4. Management and Administration of Cibersecurity. a. Information Systems Security Management. ISO / IEC 27000 family b. Risk Analysis and Management c. Business Continuity Plans 5. Legal Aspects of Data Protection. a. The General Data Protection Regulation (GDPR). b. Supervisory authority c. Data Protection Officer (DPO).
Learning activities and methodology
AF1. THEORETICAL-PRACTICAL CLASSES. They will present the knowledge that students should acquire. They will receive the class notes and will have basic reference documents to facilitate the follow-up of the classes and the development of the subsequent work. Exercises and problems that students may have, will be solved and workshops and evaluation tests will be carried out to develope the necessary skills. AF2. TUTORIALS. Individualized (individual tutorials) or group (collective tutorials) assistance to students will be provided by the teacher. AF3. INDIVIDUAL OR GROUP STUDENT WORK. MD1 THEORETICAL CLASSES. The teacher will present the main concepts of the subject supported by audiovisual media. Also, materials and bibliography are provided to complement the students' learning. MD2. PRACTICAL CLASSES. Resolution of practical cases, problems, etc. raised by the teacher individually or in groups. MD3. TUTORIALS. For subjects of 6 credits, 4 hours will be dedicated with 100% of attendance.
Assessment System
  • % end-of-term-examination 40
  • % of continuous assessment (assigments, laboratory, practicals...) 60
Calendar of Continuous assessment
Basic Bibliography
  • Comisión EU. Reglamento General de Protección de Datos (RGPD), 2018. Comisión EU.
  • EU Commission. General Data Protection Regulation (GDPR) 2018. EU Commission.
  • ISO organization. ISO/IEC 27001 Information security management. ISO.
  • Peltier, T. R.. Information security risk analysis. Auerbach publications.. 2010
  • Stallings, W. . Cryptography and network security: principles and practice (4th edition). Prentice Hall.. 2005

The course syllabus may change due academic events or other reasons.