Checking date: 13/07/2021


Course: 2021/2022

Cyber security management and administration
(12393)
Study: Master in cybersecurity (288)
EPI


Coordinating teacher: RIBAGORDA GARNACHO, ARTURO

Department assigned to the subject: Department of Computer Science and Engineering

Type: Compulsory
ECTS Credits: 3.0 ECTS

Course:
Semester:




Requirements (Subjects that are assumed to be known)
not applicable
Objectives
BASIC COMPETENCES: Form professionals with the ability to integrate knowledge and form judgments from incomplete or inaccurate information. Form professionals with the ability to communicate thoughts and judgments and give reasons accordingly. Form professionals with the ability to study and learn autonomously. LEARNING RESULTS: 1. Develop, deploy and maintain an Information Security Management System (ISMS). 2. Know the methodologies for evaluating systems and products and their certification procedures. 3. Know the legal framework of cybersecurity. 4. Develop an information system security audit
Skills and learning outcomes
Description of contents: programme
1. Information security in the State. National cybersecurity scheme. National cybersecurity strategy. Main actors of cybersecurity in Spain and their competences: CCN / CNI; INCIBE; MCCD; CNPIC, etc. Cybercrime in Spain. 2. Standardization, evaluation, certification and accreditation. Standardization institutions. Legal framework. 3. Information security management systems. ISO / IEC standards. 27XXX series. UNE-ISO / IEC 27000: 2019, UNE-EN ISO / IEC 27001: 2017, UNE-EN ISO / IEC 27002: 2017. 4. Evaluation and certification of products and systems. 5. Legal framework of cybersecurity. 6. Security audit.
Learning activities and methodology
TRAINING ACTIVITIES Theoretical lessons. Theoretical-practical lessons. Tutoring Group work Individual work TEACHING METHODOLOGIES Class lectures with computer and audiovisual resources. Main concepts of the subject will be presented together with additional bibliography. Critical reading of recommended text: press articles, reports, tutorials and/or academic articles. They will be used for class discussions or to extent and consolidate taught concepts. Class presentations and discussions under the supervision of the teacher based on topics related to the subject, as well as case studies.
Assessment System
  • % end-of-term-examination 40
  • % of continuous assessment (assigments, laboratory, practicals...) 60
Calendar of Continuous assessment
Basic Bibliography
  • C.M. Fernández Sánchez y M. Piattini Velthuis . Modelo para el gobierno de las TIC basado en las normas ISO. AENOR. 2012
  • L. Gómez Fernández; P.P. Fernández Rivero . Como implantar un SGSI según UNE-ISI/IEC 27001:2014 y su aplicación en el ENS. AENOR.
  • UNE EN-ISO/IEC. UNE-ISO/IEC 27001:2017. UNE.
  • UNE EN-ISO/IEC. UNE EN-ISO/IEC 27000:2019. UNE.
  • UNE EN-ISO/IEC . UNE EN-ISO/IEC 27002:2017. UNE.
Recursos electrónicosElectronic Resources *
Detailed subject contents or complementary information about assessment system of B.T.
(*) Access to some electronic resources may be restricted to members of the university community and require validation through Campus Global. If you try to connect from outside of the University you will need to set up a VPN


The course syllabus and the academic weekly planning may change due academic events or other reasons.


More information: https://cosec.inf.uc3m.es/