Fundamentals of Cybersecurity (5 cr)
Code: MS00CR13-3002
General information
- Enrollment
-
02.12.2024 - 26.01.2025
Registration for the implementation has ended.
- Timing
-
01.01.2025 - 31.07.2025
Implementation is running.
- Number of ECTS credits allocated
- 5 cr
- Local portion
- 5 cr
- Mode of delivery
- Contact learning
- Unit
- ICT
- Campus
- Kupittaa Campus
- Teaching languages
- Finnish
- Seats
- 10 - 36
- Degree programmes
- Master of Business Administration, Cyber Security
- Master of Engineering, Cyber Security
- Teachers
- Pia Satopää
- Course
- MS00CR13
Realization has 4 reservations. Total duration of reservations is 13 h 0 min.
| Time | Topic | Location |
|---|---|---|
|
Mon 27.01.2025 time 13:00 - 16:15 (3 h 15 min) |
Kyberturvallisuuden perusteet MS00CR13-3002 |
EDU_3029
Lovisa muunto byod
|
|
Tue 28.01.2025 time 13:00 - 16:15 (3 h 15 min) |
Kyberturvallisuuden perusteet MS00CR13-3002 |
EDU_3029
Lovisa muunto byod
|
|
Mon 24.02.2025 time 13:00 - 16:15 (3 h 15 min) |
Kyberturvallisuuden perusteet MS00CR13-3002 |
EDU_3029
Lovisa muunto byod
|
|
Tue 25.02.2025 time 13:00 - 16:15 (3 h 15 min) |
Kyberturvallisuuden perusteet MS00CR13-3002 |
EDU_3029
Lovisa muunto byod
|
Evaluation scale
H-5
Content scheduling
TOPICS
• Operational environment and threats
• Impact and influence
• Competence and awareness
• Information security culture
• Information security policy, guidelines, models, frameworks
• Information classification
• Risk management and controls
• Auditing
LEARNING OBJECTIVES
The student will
• Understand the administrative and technical basics of information and cybersecurity
• Recognize the operational environment and threats, and be able to assess the impact of information and cybersecurity on organizational operations
• Understand the significance of a security culture for information and cybersecurity
• Be capable of planning, drafting, and implementing an information security policy for the organization
• Recognize the importance of information classification for safeguarding organizational information and be able to classify information and information systems
• Grasp the importance of competence and awareness in achieving information and cybersecurity
• Be able to assess the organization's level of cybersecurity competence (maturity) and plan and implement an organizational cybersecurity awareness program/training (awareness)
• Identify the importance of risk management in achieving information and cybersecurity
• Understand the significance of assessments and audits for continuous improvement
SUMMARY
Upon completing the course, the student will possess a comprehensive understanding of information and cybersecurity concepts, as well as practical skills to assess and enhance the level of information and cybersecurity competence within an organization. The student will be capable of contributing to the planning and implementation of effective administrative controls, trainings, and policies related to information and cybersecurity. They will have the capability to assess the security situation and plan development measures.
Objective
The student will
• Understand the administrative and technical basics of information and cybersecurity
• Recognize the operational environment and threats, and be able to assess the impact of information and cybersecurity on organizational operations
• Understand the significance of a security culture for information and cybersecurity
• Be capable of planning, drafting, and implementing an information security policy for the organization
• Recognize the importance of information classification for safeguarding organizational information and be able to classify information and information systems
• Grasp the importance of competence and awareness in achieving information and cybersecurity
• Be able to assess the organization's level of cybersecurity competence (maturity) and plan and implement an organizational cybersecurity awareness program/training (awareness)
• Identify the importance of risk management in achieving information and cybersecurity
• Understand the significance of assessments and audits for continuous improvement
Content
• Operational environment and threats
• Impact and influence
• Competence and awareness
• Information security culture
• Information security policy, guidelines, models, frameworks
• Information classification
• Risk management and controls
• Auditing
SUMMARY
Upon completing the course, the student will possess a comprehensive understanding of information and cybersecurity concepts, as well as practical skills to assess and enhance the level of information and cybersecurity competence within an organization. The student will be capable of contributing to the planning and implementation of effective administrative controls, trainings, and policies related to information and cybersecurity. They will have the capability to assess the security situation and plan development measures.
Materials
The learning environment used is the It’s Learning platform provided by Turku University of Applied Sciences. All course materials and remote assignments are distributed through the platform. Any peer assessments will also be conducted within the system.
Pedagogic approaches and sustainable development
The pedagogical models and practices include applied problem-based learning, collaborative learning, and collaboration with work life. Peer learning during on-site days, through experience sharing and discussions, is an essential part of the content of these sessions.
Student workload
The course includes both group and individual assignments. As a rule, all assignments must be submitted.
Evaluation methods and criteria
The course performance is assessed through individual and group assignments completed between on-site sessions. The assignments are essay-based and may include peer assessment. The key focus of the assignments is to critically reflect on the organization's current state and evaluate potential areas for improvement.
Failed (0)
The student has not participated in on-site teaching or group work. The required written assignments are incomplete, and/or the student's skills are seriously lacking.
Assessment criteria, satisfactory (1-2)
The student has participated poorly in on-site teaching and group assignments. Based on the assessed written outputs, the student has difficulty understanding the fundamentals of information and cybersecurity.
Assessment criteria, good (3-4)
The student has actively participated in on-site teaching, group assignments, and discussions. The student is able to apply their learning to their own job role or work environment. They are capable of comprehensively and critically evaluating what they have learned through the assignments from the perspective of business and their own organization.
Assessment criteria, excellent (5)
The student's thinking is independent and comprehensive. They demonstrate a broad understanding of information and cybersecurity as part of business operations. The student has produced excellent written outputs, showcasing their ability to apply their learning to the needs of different organizations. They exhibit versatile and creative thinking as well as a holistic understanding of the importance of information and cybersecurity for organizational operations.
Further information
The It’s Learning platform used by Turku University of Applied Sciences serves as the communication channel for the course.