Mandatory

Threat and Risk: Expecting the Unexpected

In this unit the learner will be look at various case studies in recent cyber-attacks on business organisations, public sector agencies and individual victims. They will then conduct analysis will then into the motivations of malicious hackers. This analysis will include basic geopolitical learning, as it relates to the cyber domain, as well as identifying how and why different industry sectors (including Banking and Finance) are particularly vulnerable. 

Towards the end of the unit the learner will look at the types of hacking undertaken: White Hat hacking, Grey Hat hacking and Black Hat Hacking. Learners will be introduced to concepts such as ‘Threat’, ‘’Risk’, ‘Security Engineering’, ‘Cyber Threat Intelligence’ and ‘Cyber Resilience’.

Network Architecture, Communications and Protocols

In this unit the learner will look at IT networks and the various components and architecture as they relate to the topic of ‘cyber security’. This unit will break down the processes involved in IT networkbased communications and protocols and introduce and explain the OSI Model of computer communication and interoperability. One dedicated lesson will address: ‘How does the internet work?’ The learner will develop an understanding of the more popular and destructive methods used to carry out attacks including case studies in Botnets, Trojans and other Malware. Key information security principles – including the ‘CIA Triad’ and ‘Access Controls’ – are introduced and explained within  a business organisational context. 

This unit prepares learners to participate in the often-technical aspects of change management and configuration management committees and task groups that might be responsible for aspects of organisational cyber security. A range of industry case studies will be used throughout this unit in order to upskill the learner and provide an ‘helicopter’ view of network architecture, communications and underpinning protocols. 

Mobile Device and Data Risks 

Mobile devices pose a significant threat to an organisation’s state of cyber security. The number of smartphone users is around 2.5 billion at time of writing. On any single day, hundreds of millions of employees travel and commute and are mobile-enabled in terms of conducting their business and exposing valuable data to enhanced risk. 

In this unit the learner will learn how mobile devices become attached to radio and telecommunications networks. How are they connected to the internet and what types of tool can be utilised by malicious attackers to harm individuals and business organisations? 

The second half of this unit will introduce and explain significant favoured ways by the cyber security and mobile device industry used to protect mobile devices and data. Key approaches and tools such as data encryption, storage back-up, and other security measures will be investigated and recommended. 

Moreover, Cisco estimates that 50 billion items will be connected to the internet by 2020. The Internet of Things (IoT) are cyber-enabled gadgets and devices – often used for leisure or household purposes – that unintentionally expose our home or business networks to additional risk because they become attached to the very same communications channels and signals. In response, malicious hackers are developing customised malware to attack such devices. What are the IoT vulnerabilities and how can they be patched or remediated, if at all? Analysis or consideration of the IoT will therefore form an important part of this unit.