COP4467 Wissen Academi- Cybersecurity & Information Systems SecurityBahçeşehir UniversityDegree Programs ENERGY SYSTEMS ENGINEERINGGeneral Information For StudentsDiploma SupplementErasmus Policy StatementNational QualificationsBologna Commission
ENERGY SYSTEMS ENGINEERING
Bachelor TR-NQF-HE: Level 6 QF-EHEA: First Cycle EQF-LLL: Level 6

Course Introduction and Application Information

Course Code Course Name Semester Theoretical Practical Credit ECTS
COP4467 Wissen Academi- Cybersecurity & Information Systems Security Fall 3 0 3 6
This catalog is for information purposes. Course status is determined by the relevant department at the beginning of semester.

Basic information

Language of instruction: English
Type of course: Non-Departmental Elective
Course Level: Bachelor’s Degree (First Cycle)
Mode of Delivery: Face to face
Course Coordinator : MEHMET ŞÜKRÜ KURAN
Course Lecturer(s): Dr. Öğr. Üyesi CEMAL OKAN ŞAKAR
Course Objectives: As our lives increasingly depend on digital services, the need to protect our information from being maliciously disrupted or misused is really important. Threats to information security are global, persistent, and increasingly sophisticated. As the number of mobile users, digital applications and data networks increase, so do the opportunities for exploitation. Effective information security at the enterprise level requires participation, planning, and practice. It is an ongoing effort that requires management and staff to work together. The Cybersecurity and Information Systems Security Course will provide learners with principles of data and technology that frame and define cybersecurity along with the knowledge and skills to design a secure network infrastructure. Learners will gain insight into the importance of cybersecurity and the integral role of cybersecurity professionals. Topics include assembling the design team, modeling threats, and analyzing security risks in order to meet business requirements for securing computers in a networked environment. The course encourages decision-making skills through real-life scenarios that the target audience may encounter. You are given the task of collecting the information and sorting through the details to resolve the given security requirement. These topics also include plans and policies, enterprise roles, security metrics, risk management, standards and regulations, physical security, and business continuity.

Learning Outcomes

The students who have succeeded in this course;
1) Explain the core information assurance (IA) principles
2) Understand Cybersecurity Concepts and Information Systems Security Subjects
3) Identify the key components of cybersecurity network architecture
4) Distinguish system and application security threats and vulnerabilities
5) Evaluate the principles of risk and conduct a notional risk management exercise
6) Compare and contrast logical and physical security

Course Content

The Cybersecurity and Information Systems Security Course will provide learners with principles of data and technology that frame and define cybersecurity along with the knowledge and skills to design a secure network infrastructure. In the content of this course, information systems security concepts, security threats in information systems, actions to prevent attack types, principles of risk management in cyber security and logical/physical security concepts will be covered.

Weekly Detailed Course Contents

Week Subject Related Preparation
1) "The Security Environment • Threats, vulnerabilities, and consequences • Advanced persistent threats • The state of security today • Why security matters Principles of Cybersecurity • The interrelated components of the computing environment "
2) "Principles of Cybersecurity (cont.) • Cybersecurity models (the CIA triad, the star model, the Parkerian hexad) • Computer security, information security, and information assurance Cybersecurity Management Concepts & Access Control • Security governance • Management models, roles, and functions "
3) "Enterprise Roles and Structures & Security Operations and Administration • Information security roles and positions • Alternative enterprise structures and interfaces "
4) "Strategy and Strategic Planning • Strategy • Risk Identification, Monitoring and Analysis • Strategic planning and security strategy • The information security lifecycle • Architecting the enterprise "
5) Security Plans and Policies • Levels of planning • Incident Response and Recovery • Planning misalignment • The System Security Plan (SSP) • Policy development and implementation Laws and Regulatory Requirements
6) Security Standards and Controls • Security standards and controls Certification and accreditation (C&A)
7) Risk Management • Principles of risk • Types of risk • Risk strategies The Risk Management Framework (RMF)
8) Security Metrics and Key Performance Indicators (KPIs) • The challenge of security metrics • What makes a good metric? • Approaches to security metrics Metrics and FISMA
9) Physical Security and Environmental Events • Physical and environmental threats • Physical and environmental controls
10) Contingency Planning • Developing a contingency plan • Understanding the different types of contingency plan Responding to events
11) Security Education, Training, and Awareness • Human factors in security • Developing and implementing a security training plan Cross-domain training (IT and other security domains)
12) "Managing information security • The purpose of certification and accreditation • Trends in certification and accreditation • Cryptography "
13) "Incident Response • Incident categories • Incident response Incident recovery The future of cybersecurity • Key future uncertainties • Possible future scenarios How to apply what you’ve learned"
14) General Review

Sources

Course Notes / Textbooks: SSCP Systems Security Certified Practitioner All-in-One - Darril Gibson - ISBN: 978-0071771566
References:

Evaluation System

Semester Requirements Number of Activities Level of Contribution
Attendance 10 % 10
Homework Assignments 1 % 20
Midterms 1 % 30
Final 1 % 40
Total % 100
PERCENTAGE OF SEMESTER WORK % 60
PERCENTAGE OF FINAL WORK % 40
Total % 100

Contribution of Learning Outcomes to Programme Outcomes

No Effect 1 Lowest 2 Low 3 Average 4 High 5 Highest
           
Program Outcomes Level of Contribution
1) Build up a body of knowledge in mathematics, science and Energy Systems Engineering subjects; use theoretical and applied information in these areas to model and solve complex engineering problems.
2) Ability to identify, formulate, and solve complex Energy Systems Engineering problems; select and apply proper modeling and analysis methods for this purpose.
3) Ability to design complex Energy systems, processes, devices or products under realistic constraints and conditions, in such a way as to meet the desired result; apply modern design methods for this purpose.
4) Ability to devise, select, and use modern techniques and tools needed for solving complex problems in Energy Systems Engineering practice; employ information technologies effectively.
5) Ability to design and conduct numerical or pysical experiments, collect data, analyze and interpret results for investigating the complex problems specific to Energy Systems Engineering.
6) Ability to cooperate efficiently in intra-disciplinary and multi-disciplinary teams; and show self-reliance when working on Energy Systems-related problems
7) Ability to communicate effectively in English and Turkish (if he/she is a Turkish citizen), both orally and in writing. Write and understand reports, prepare design and production reports, deliver effective presentations, give and receive clear and understandable instructions.
8) Recognize the need for life-long learning; show ability to access information, to follow developments in science and technology, and to continuously educate oneself.
9) Develop an awareness of professional and ethical responsibility, and behave accordingly. Be informed about the standards used in Energy Systems Engineering applications.
10) Learn about business life practices such as project management, risk management, and change management; develop an awareness of entrepreneurship, innovation, and sustainable development.
11) Acquire knowledge about the effects of practices of Energys Systems Engineering on health, environment, security in universal and social scope, and the contemporary problems of Energys Systems engineering; is aware of the legal consequences of Energys Systems engineering solutions.