THE UNIVERSITY of EDINBURGH

DEGREE REGULATIONS & PROGRAMMES OF STUDY 2019/2020

University Homepage
DRPS Homepage
DRPS Search
DRPS Contact
DRPS : Course Catalogue : School of Informatics : Informatics

Postgraduate Course: Work-based Professional Practice in Cyber Security (INFR11191)

Course Outline
SchoolSchool of Informatics CollegeCollege of Science and Engineering
Credit level (Normal year taken)SCQF Level 11 (Postgraduate) AvailabilityNot available to visiting students
SCQF Credits20 ECTS Credits10
SummaryThis course is work-based and is focused on the real-world application of cyber security in a workplace environment. It includes experiencing how information and risk, threats and attacks, cyber security architecture and operations, secure systems hardening and usability and cyber security management are applied to provide resilience in a workplace organisational environment. Students who do this course will obtain practical experience in the design, implementation, and evaluation of cyber security approaches.
Course description This course provides graduate apprenticeship students with a holistic approach to cyber security, privacy and trust. It is a key stage in the learning and development strategy of the graduate apprenticeship programme in cyber security. It is project based, introduced in the university and facilitated in the workplace around work-based projects.

This is a work-based learning course worth 20-credits. Students undertake work-based application throughout the GA programme and are expected to spend around 200 hours in total on this course. The university Student-Led Individually Created Course (SLICC) approach will be planned to cover the graduate apprenticeship students working with their specific employers and the work will directly link to their own contexts in the workplace.

The main topics are: the application of cyber security re-search techniques, developing an understanding of the application of cyber security operations to business environments. In addition, this course covers the meta skills required to operate in a professional environment including graduate attributes for: lifelong learning, aspiration and personal development, outlook and engagement, research and enquiry, personal and intellectual autonomy, personal effectiveness and communication in both university and the workplace.

The year 1 courses in cyber security are applied to real world cyber security problems and projects.

Students will be directed in their learning using the SLICC approach. They will plan, propose, carry out, reflect on and evaluate a cyber security study from their own work context in cyber security. The SLICC framework requires that students use the generic learning outcomes to articulate their learning in their own defined project, reflect frequently using a blog, and collect and curate evidence of their learning in an e-portfolio. They receive relevant formative feedback on the Reflective Report, which forms the summative assessment. All this is with the guidance of a professional practice academic tutor.

The course will encourage appraisal of students┐ own practical experiences in cyber security and allow them to reflect on their learning in the context of cyber security.

Note: this course is not a stand-alone introduction to applied cyber security and can only be delivered as part of the Graduate Apprenticeship in cyber security.

Syllabus:
* Information and risk: including confidentiality, integrity and availability (CIA); concepts such as probability, consequence, harm, risk identification, assessment and mitigation; and the relationship between information and system risk.

* Threats and attacks: threats, how they materialise, typical attacks and how those attacks exploit vulnerabilities.

* Cyber security architecture and operations: physical and process controls that can be implemented across an organisation to reduce information and systems risk, identify and mitigate vulnerability, and ensure organisational compliance.

* Secure systems hardening and usability: the concepts of systems hardening and usability to ensure robust, resilient systems that are fit for purpose.

* Cyber security management: understanding the personal, organisational and legal/regulatory context in which information systems could be used, the risks of such use and the constraints (such as time, finance and people) that may affect how cyber security is implemented.

* Personal & professional: the ability to communicate, problem solve and work with and lead teams.
Entry Requirements (not applicable to Visiting Students)
Pre-requisites Students MUST have passed: Research Methods in Security, Privacy, and Trust (INFR11188)
Co-requisites
Prohibited Combinations Other requirements This course is not a stand-alone introduction to applied cyber security and can only be delivered as part of the Graduate Apprenticeship in Cyber Security. Graduate apprenticeship students must have completed all year 1 courses of the Graduate Apprenticeship in Cyber Security, core courses including: Research Methods in Security, Privacy Trust (INFR11188).
Course Delivery Information
Academic year 2019/20, Not available to visiting students (SS1) Quota:  None
Course Start Block 5 (Sem 2) and beyond
Timetable Timetable
Learning and Teaching activities (Further Info) Total Hours: 200 ( Lecture Hours 5, Feedback/Feedforward Hours 5, Summative Assessment Hours 50, Programme Level Learning and Teaching Hours 4, Directed Learning and Independent Learning Hours 136 )
Assessment (Further Info) Written Exam 0 %, Coursework 100 %, Practical Exam 0 %
Additional Information (Assessment) Written Exam _____%
Practical Exam _____%
Coursework _100_%

A SLICC is assessed via three key components, a self-reflective report, an agreed portfolio of outputs and a formative self-assessment.

Self-critical Final Reflective Report (100% weighting) - The reflective report is the key component of the assessment. Apprentices are expected to document and demonstrate active self-critical reflection and responses to the application of their learning throughout experience. It is essential that the report is linked to and draws upon the e-portfolio of evidence of learning. Maximum word limit is 3000 words.

E-portfolio of evidence - At the proposal approval stage for the work-based professional practice, the work-based tutor/advisor will discuss and agree with what outputs and information need to be created, collated and submitted in the e-portfolio. This e-portfolio will support and provide evidence for the learning and development of skills throughout the programme. The e-portfolio should be constructed throughout the duration of the learning experience, demonstrating evolution, iteration and progress over-time. It must include a regular reflective blog diary. It may contain other evidence, which may take many forms including photographs, documents, reports, feedback, video, podcasts, etc.

Formative Self-Assessment - An important component of the final submission, in addition to the ability to self-critically reflect on work place experience, is to demonstrate an understanding of the achievements made in the work-based application of the GA Cyber Security learning through graded self-assessment. In the self-assessment apprentices are required to demonstrate the alignment of the grades that they have provided for each learning outcome to the justification for them, and where this is evidenced within the e-portfolio.
Feedback Not entered
No Exam Information
Learning Outcomes
On completion of this course, the student will be able to:
  1. Demonstrate an understanding of the cross-disciplinary nature of cyber security, and the com-plexities, challenges and wider implications of the contexts in which cyber security problems oc-cur in the workplace.
  2. Draw on and apply relevant cyber security approaches, tools and frameworks for cyber security enquiry to different settings in real world situations.
  3. Review, develop and apply skills and attributes (academic, professional and/or personal) in gradu-ate attributes, including and lifelong learning, aspiration and personal development, outlook and engagement, research and enquiry, personal and intellectual autonomy, personal effectiveness and communication in both university and the workplace.
  4. Frame and address cyber security business problems, questions and issues as a cyber security project, being aware of the environment and context in which the problem exists.
  5. Review, evaluate and reflect upon knowledge, skills and practices in cyber security.
Reading List
Bolton, G. 2010. Reflective Practice: Writing and Professional Development. 3rd Ed. London: Sage

Boud, D., Keogh, R. and Walker, D. 2005. Reflection: Turning Experience into Learning.

Oxon: Routledge Falmer Fook, J. and Gardner, F. 2007. Practising critical reflection : a resource handbook Maidenhead: Open University Press

Kolb D.A. 1984.Experiential learning : experience as the source of learning and development New Jersey: Prentice Hall

Moon, J.A. (2006). Learning journals: a handbook for reflective practice and professional development (2nd edition). Abingdon: Routledge.

Mumford, J. and Roodhouse, S. (eds.) (2012). Understanding work based learning. Farnham: Gower.

Tarrant, P. (2013). Reflective practice and professional development. London: SAGE

Williams, K., Woolliams, M. and Spiro, J. 2012. Reflective writing Basingstoke: Palgrave Macmillan

Additional Information
Graduate Attributes and Skills Development of graduate attributes are a key component of a graduate apprenticeship. In this course there is specific reference to the development and application of skills and attributes (academic, professional and/or personal), including and lifelong learning, aspiration and personal development, outlook and engagement, research and enquiry, personal and intellectual autonomy, personal effectiveness and communication in both university and the workplace.
Special Arrangements This course is not a stand-alone introduction to applied cyber security and can only be delivered as part of the Graduate Apprenticeship in Cyber Security.
KeywordsCyber Security,Graduate Apprenticeship
Contacts
Course organiser Course secretaryMs Lindsay Seal
Tel: (0131 6)50 2701
Email: lindsay.seal@ed.ac.uk
Navigation
Help & Information
Home
Introduction
Glossary
Search DPTs and Courses
Regulations
Regulations
Degree Programmes
Introduction
Browse DPTs
Courses
Introduction
Humanities and Social Science
Science and Engineering
Medicine and Veterinary Medicine
Other Information
Combined Course Timetable
Prospectuses
Important Information