TU Delft
Year
NEDERLANDSENGLISH
Organization
Education Type
Education print this page print this page     
2016/2017 Technology, Policy and Management Master Complex Systems Engineering and Management
SPM5442
Cyber Risk Management
ECTS: 5
Module Manager
Name E-mail
Dr.ir. W. Pieters    W.Pieters@tudelft.nl
Instructor
Name E-mail
Prof.dr.ir. J. van den Berg    J.vandenBerg@tudelft.nl
Dr.ir. W. Pieters    W.Pieters@tudelft.nl
Responsible for assignments
Name E-mail
Dr.ir. W. Pieters    W.Pieters@tudelft.nl
Co-responsible for assignments
Name E-mail
Prof.dr.ir. J. van den Berg    J.vandenBerg@tudelft.nl
Contact Hours / Week x/x/x/x
4/0/0/0
Education Period
1
Start Education
1
Exam Period
1
2
Course Language
English
Course Contents

MOTIVATION:
The challenge of selecting the optimal technical, organisational, legal, and other preventive and repressive measures to reduce cyber risks to acceptable levels can only be understood in the context of the application of Cyber Risk Management. Risk Management is about analysing the relationships between threats, incidents and risks (here in the complex world of cyberspace), based on which an adequate set of countermeasures can be designed.

SYNOPSIS:
Risk (= the potential lo loosing something of value) can manifest itself in cyberspace in all kinds of ways: values at stake are financial wealth, health, physical condition (of people, materials, goods, infrastruc-tures, etc.), well-being, reputation, privacy, trust, etc.
Based on a conceptualisation of cyberspace and its various sub-domains (discussed in the project week of year 1), we introduce risk assessment approaches, both of qualitative and quantitative manner, illustrated with case studies, a.o., related to a set of well-known real-world cyber security incidents. In addition, technical and non-technical cyber risk mitigation strategies are being introduced and discussed.

CONTENT:
Cyberspace and its various sub-domains and layers; dependencies on IT and related risks; diginotar, Stuxnet, KPN-hack, and other big cyber incidents; bowtie model, vulnerabilities, barriers; cyber threats; fault and attack trees; APTs; cyber incidents; impact scenarios and cascading effects; cyber risks of all kinds expressed in the loss of various values; risk metrics; prioritization of risks; security-by-design principles; principles of technical preventative measures (IAA principles, mechanisms & tools; software quality; architectural decomposition; redundancy; firewalls, scanning tools; predictive analytics) and non-technical preventative measures (risk policies, organisation-wise, awareness training); fundamentals of technical repressive measures (monitoring & analytics, data & information sharing tools, IDS; SOCs) and non-technical repressive measures (disaster recovery and crisis management); cyber security as societal problem, nationally and internationally (institutional arrangements); cyber security standards (and their current shortcomings).
Study Goals

To get knowledge, understanding and skills with respect to
Cyber risk assessment methods of (complex, multi-step) cyber incidents, possibly with cascading effects
Preventive measures that help to prevent the occurrence of cyber incidents
The fundamentals of repressive measures (detecting incidents in-time and reducing their impact)
Balancing the various human values at stake, including the balance between privacy and security, primarily from a governmental (macro-level) perspective
Education Method
LECTURES and ASSIGNMENTS.

LEARNING OUTCOMES: Students will acquire:
A sound understanding of the theoretical principles of cyber risk management
An understanding of the weaknesses and strengths of current risk management standards
Skills in applying state of the art cyber risk management methods
Insights into the cause and effects of high profile incidents
Ability to justify investments in cyber security

LANGUAGE: The course is taught in English.

LECTURERS: Prof Dr Ir Jan van den Berg (TUD/EWI&TPM) and Dr Ir Wolter Pieters (TUD/TPM)
Assessment
Grading will be based on
a) the grade for a mid-term written examination (50%)
b) the quality of delivered assignments, including a presentation and a paper (50%)