|8W Teaching Period 5, 2022 Online|
|Faculty or Section :||Faculty of Business, Education, Law and Arts|
|School or Department :||School of Business|
|Student contribution band :||Band 2|
|Grading basis :||Graded|
|Version produced :||27 June 2022|
Examiner: Scott Sorley
Insider threats come from within organisational trust boundaries and as such are very different to cyber threats originating from outside the organisation. They can be difficult to detect and can cause significant risk and impact. Understanding the insider threat, and how it can be detected and mitigated is a critical objective to reduce cyber risk and a vital control for organisations. Students will learn about what insider cyber threats are, how to detect them, and how to mitigate against them. Real world examples from multiple industries are used to illustrate key principles.
The minicourse provides an understanding of threats to cyber security of an organisation that are posed from within the internal environment of the organisation. Students will learn about the range and nature of insider cyber threats that occur maliciously, as a result of negligence or through the organisation's supply chain. Students will also learn what system, tools and approaches organisations can exploit to detect or predict insider cyber threats or what defence they need to consider in their overall security strategy and approach.
Course learning outcomes
On successful completion of this course students should be able to:
- analyse information, concepts and theories related to human roles in insider threats (CIS8710 LO2)
- analyse and apply specialist knowledge related to managing human factors and behaviour to counter insider cyber threats (CIS8710 LO3, LO4)
- analyse, evaluate and apply sources of specialist human behavioural knowledge relating to cyber security knowledge, and how these can be applied towards improved cyber security controls (CIS8710 LO4).
|1.||Introduction to insider threats: This topic introduces students to the concept of insider threat within a cyber security context. It explores different types of insider threats and discusses how they occur||25.00|
|2.||Supply chain attacks: This topic gives students an understanding of a supply chain attack. It explores different types of supply chain attacks and how they occur from within the organisation’s supply chain||25.00|
|3.||Detection of insider threats: This topic discusses insider threat detection systems and approaches||25.00|
|4.||Human centric controls for managing insider threats: This topic covers a variety of controls that help deter and discourage insider attacks on an organisation||25.00|
Text and materials required to be purchased or accessed
|Weighting (%)||Course learning outcomes|