MEDICINE
Bachelor	TR-NQF-HE: Level 6	QF-EHEA: First Cycle	EQF-LLL: Level 6

Course Introduction and Application Information

Course Code	Course Name	Semester	Theoretical	Practical	Credit	ECTS
COP4467	Wissen Academi- Cybersecurity & Information Systems Security	Spring	3	0	3	6

This catalog is for information purposes. Course status is determined by the relevant department at the beginning of semester.

Basic information

Language of instruction:	English
Type of course:	Non-Departmental Elective
Course Level:	Bachelor’s Degree (First Cycle)
Mode of Delivery:	Face to face
Course Coordinator :	MEHMET ŞÜKRÜ KURAN
Course Lecturer(s):	Dr. Öğr. Üyesi CEMAL OKAN ŞAKAR
Course Objectives:	As our lives increasingly depend on digital services, the need to protect our information from being maliciously disrupted or misused is really important. Threats to information security are global, persistent, and increasingly sophisticated. As the number of mobile users, digital applications and data networks increase, so do the opportunities for exploitation. Effective information security at the enterprise level requires participation, planning, and practice. It is an ongoing effort that requires management and staff to work together. The Cybersecurity and Information Systems Security Course will provide learners with principles of data and technology that frame and define cybersecurity along with the knowledge and skills to design a secure network infrastructure. Learners will gain insight into the importance of cybersecurity and the integral role of cybersecurity professionals. Topics include assembling the design team, modeling threats, and analyzing security risks in order to meet business requirements for securing computers in a networked environment. The course encourages decision-making skills through real-life scenarios that the target audience may encounter. You are given the task of collecting the information and sorting through the details to resolve the given security requirement. These topics also include plans and policies, enterprise roles, security metrics, risk management, standards and regulations, physical security, and business continuity.

Learning Outcomes

The students who have succeeded in this course;
1) Explain the core information assurance (IA) principles
2) Understand Cybersecurity Concepts and Information Systems Security Subjects
3) Identify the key components of cybersecurity network architecture
4) Distinguish system and application security threats and vulnerabilities
5) Evaluate the principles of risk and conduct a notional risk management exercise
6) Compare and contrast logical and physical security

Course Content

The Cybersecurity and Information Systems Security Course will provide learners with principles of data and technology that frame and define cybersecurity along with the knowledge and skills to design a secure network infrastructure. In the content of this course, information systems security concepts, security threats in information systems, actions to prevent attack types, principles of risk management in cyber security and logical/physical security concepts will be covered.

Weekly Detailed Course Contents

Week	Subject	Related Preparation
1)	"The Security Environment • Threats, vulnerabilities, and consequences • Advanced persistent threats • The state of security today • Why security matters Principles of Cybersecurity • The interrelated components of the computing environment "
2)	"Principles of Cybersecurity (cont.) • Cybersecurity models (the CIA triad, the star model, the Parkerian hexad) • Computer security, information security, and information assurance Cybersecurity Management Concepts & Access Control • Security governance • Management models, roles, and functions "
3)	"Enterprise Roles and Structures & Security Operations and Administration • Information security roles and positions • Alternative enterprise structures and interfaces "
4)	"Strategy and Strategic Planning • Strategy • Risk Identification, Monitoring and Analysis • Strategic planning and security strategy • The information security lifecycle • Architecting the enterprise "
5)	Security Plans and Policies • Levels of planning • Incident Response and Recovery • Planning misalignment • The System Security Plan (SSP) • Policy development and implementation Laws and Regulatory Requirements
6)	Security Standards and Controls • Security standards and controls Certification and accreditation (C&A)
7)	Risk Management • Principles of risk • Types of risk • Risk strategies The Risk Management Framework (RMF)
8)	Security Metrics and Key Performance Indicators (KPIs) • The challenge of security metrics • What makes a good metric? • Approaches to security metrics Metrics and FISMA
9)	Physical Security and Environmental Events • Physical and environmental threats • Physical and environmental controls
10)	Contingency Planning • Developing a contingency plan • Understanding the different types of contingency plan Responding to events
11)	Security Education, Training, and Awareness • Human factors in security • Developing and implementing a security training plan Cross-domain training (IT and other security domains)
12)	"Managing information security • The purpose of certification and accreditation • Trends in certification and accreditation • Cryptography "
13)	"Incident Response • Incident categories • Incident response Incident recovery The future of cybersecurity • Key future uncertainties • Possible future scenarios How to apply what you’ve learned"
14)	General Review

Sources

Course Notes / Textbooks:	SSCP Systems Security Certified Practitioner All-in-One - Darril Gibson - ISBN: 978-0071771566
References:

Evaluation System

Semester Requirements	Number of Activities	Level of Contribution
Attendance	10	% 10
Homework Assignments	1	% 20
Midterms	1	% 30
Final	1	% 40
Total		% 100
PERCENTAGE OF SEMESTER WORK		% 60
PERCENTAGE OF FINAL WORK		% 40
Total		% 100

Contribution of Learning Outcomes to Programme Outcomes

No Effect	1 Lowest	2 Low	3 Average	4 High	5 Highest

	Program Outcomes	Level of Contribution
1)	Integrates the knowledge, skills and attitudes acquired from basic and clinical medical sciences, behavioral sciences and social sciences, and uses them in health service delivery.
2)	In patient management, shows a biopsychosocial approach that takes into account the socio-demographic and sociocultural background of the individual, regardless of language, religion, race and gender.
3)	In the provision of health services, prioritizes the protection and development of the health of individuals and society.
4)	Taking into account the individual, societal, social and environmental factors affecting health; does the necessary work to maintain and improve the state of health.
5)	By recognizing the characteristics, needs and expectations of the target audience, provides health education to healthy/sick individuals and their relatives and other healthcare professionals.
6)	Shows a safe, rational and effective approach in health service delivery, prevention, diagnosis, treatment, follow-up and rehabilitation processes.
7)	Performs invasive and/or non-invasive procedures in diagnosis, treatment, follow-up and rehabilitation processes in a safe and effective way for the patient.
8)	Provides health services by considering patient and employee health and safety.
9)	In the provision of health services, takes into account the changes in the physical and socioeconomic environment on a regional and global scale, as well as the changes in the individual characteristics and behaviors of the people who apply to it.
10)	Takes good medical practice into account while carrying out his/her profession.
11)	Fulfills its duties and obligations within the framework of ethical principles, rights and legal responsibilities required by its profession.
12)	Demonstrates decisive behavior in providing high-quality health care, taking into account the integrity of the patient.
13)	Evaluates his/her performance in his/her professional practice by considering his/her emotions and cognitive characteristics.
14)	Advocates improving the provision of health services by considering the concepts of social reliability and social responsibility for the protection and development of public health.
15)	Can plan and carry out service delivery, training and consultancy processes related to individual and community health in cooperation with all components for the protection and development of health.
16)	Evaluates the impact of health policies and practices on individual and community health indicators and advocates increasing the quality of health services.
17)	The physician attaches importance to the protection of his/her own physical, mental and social health, and does what is necessary for this
18)	Shows exemplary behavior and leads the healthcare team during service delivery.
19)	Uses resources cost-effectively, for the benefit of society and in accordance with the legislation, in the planning, implementation and evaluation processes of health services in the health institution he/she is the manager of.
20)	Establishes positive communication within the health team it serves and assumes different team roles when necessary.
21)	Is aware of the duties and responsibilities of the health workers in the health team and acts accordingly.
22)	In the professional practices, works in harmony and effectively with the colleagues and other professional groups.
23)	Communicates effectively with patients, their relatives, healthcare professionals, other professional groups, institutions and organizations.
24)	Communicates effectively with individuals and groups that require a special approach and have different socio-cultural characteristics.
25)	In the diagnosis, treatment, follow-up and rehabilitation processes, shows a patient-centered approach that associates the patient with the decision-making mechanisms.
26)	Plans and implements scientific research, when necessary, for the population it serves, and uses the results and/or the results of other research for the benefit of the society.
27)	Reaches and critically evaluates current literature knowledge about his/her profession.
28)	Applies the principles of evidence-based medicine in clinical decision making.
29)	Uses information technologies to increase the effectiveness of its work on health care, research and education.
30)	Effectively manages individual work processes and career development.
31)	Demonstrates skills in acquiring and evaluating new knowledge, integrating it with existing knowledge, applying it to professional situations and adapting to changing conditions throughout professional life.
32)	Selects the right learning resources to improve the quality of the health service it offers, organizes its own learning process