THE UNIVERSITY of EDINBURGH

DEGREE REGULATIONS & PROGRAMMES OF STUDY 2021/2022

Information in the Degree Programme Tables may still be subject to change in response to Covid-19

University Homepage
DRPS Homepage
DRPS Search
DRPS Contact
DRPS : Course Catalogue : School of Informatics : Informatics

Postgraduate Course: Work-based Professional Practice in Cyber Security (INFR11191)

Course Outline
SchoolSchool of Informatics CollegeCollege of Science and Engineering
Credit level (Normal year taken)SCQF Level 11 (Postgraduate) AvailabilityNot available to visiting students
SCQF Credits20 ECTS Credits10
SummaryThis course is work-based and is focused on the real-world application of cyber security in a workplace environment. It includes experiencing how information and risk, threats and attacks, cyber security architecture and operations, secure systems hardening and usability and cyber security management are applied to provide resilience in a workplace organisational environment. Students who do this course will obtain practical experience in the design, implementation, and evaluation of cyber security approaches.
Course description This course provides graduate apprenticeship students with a holistic approach to cyber security, privacy and trust. It is a key stage in the learning and development strategy of the graduate apprenticeship programme in cyber security. It is project based, introduced in the university and facilitated in the workplace around work-based projects.

This is a work-based learning course worth 20-credits. Students undertake work-based application throughout the GA programme and are expected to spend around 200 hours in total on this course. The University Student-Led Individually Created Course (SLICC) approach will be planned to cover the graduate apprenticeship students working with their specific employers and the work will directly link to their own contexts in the workplace.

The main topics are: the application of cyber security re-search techniques, developing an understanding of the application of cyber security operations to business environments. In addition, this course covers the meta-skills required to operate in a professional environment including graduate attributes for: lifelong learning, aspiration and personal development, outlook and engagement, research and enquiry, personal and intellectual autonomy, personal effectiveness and communication in both university and the workplace.

The year 1 courses in cyber security are applied to real world cyber security problems and projects.

Students will be directed in their learning using the SLICC approach. They will plan, propose, carry out, reflect on and evaluate a cyber security study from their own work context in cyber security. The SLICC framework requires that students use the generic learning outcomes to articulate their learning in their own defined project, reflect frequently using a blog, and collect and curate evidence of their learning in an e-portfolio. They receive relevant formative feedback on the Reflective Report, which forms the summative assessment. All this is with the guidance of a professional practice academic tutor.

The course will encourage appraisal of students' own practical experiences in cyber security and allow them to reflect on their learning in the context of cyber security.

Note: this course is not a stand-alone introduction to applied cyber security and can only be delivered as part of the Graduate Apprenticeship in cyber security.

Syllabus:
* Information and risk: including confidentiality, integrity and availability (CIA); concepts such as probability, consequence, harm, risk identification, assessment and mitigation; and the relationship between information and system risk.

* Threats and attacks: threats, how they materialise, typical attacks and how those attacks exploit vulnerabilities.

* Cyber security architecture and operations: physical and process controls that can be implemented across an organisation to reduce information and systems risk, identify and mitigate vulnerability, and ensure organisational compliance.

* Secure systems hardening and usability: the concepts of systems hardening and usability to ensure robust, resilient systems that are fit for purpose.

* Cyber security management: understanding the personal, organisational and legal/regulatory context in which information systems could be used, the risks of such use and the constraints (such as time, finance and people) that may affect how cyber security is implemented.

* Personal & professional: the ability to communicate, problem solve and work with and lead teams.
Entry Requirements (not applicable to Visiting Students)
Pre-requisites Students MUST have passed: Research Methods in Security, Privacy, and Trust (INFR11188)
Co-requisites
Prohibited Combinations Other requirements This course is not a stand-alone introduction to applied cyber security and can only be delivered as part of the Graduate Apprenticeship in Cyber Security. Graduate apprenticeship students must have completed all year 1 courses of the Graduate Apprenticeship in Cyber Security, core courses including: Research Methods in Security, Privacy Trust (INFR11188).
Course Delivery Information
Not being delivered
Learning Outcomes
On completion of this course, the student will be able to:
  1. Demonstrate an understanding of the cross-disciplinary nature of cyber security, and the complexities, challenges and wider implications of the contexts in which cyber security problems occur in the workplace.
  2. Draw on and apply relevant cyber security approaches, tools and frameworks for cyber security enquiry to different settings in real world situations.
  3. Review, develop and apply skills and attributes (academic, professional and/or personal) in graduate attributes, including lifelong learning, aspiration and personal development, outlook and engagement, research and enquiry, personal and intellectual autonomy, personal effectiveness and communication in both university and the workplace.
  4. Frame and address cyber security business problems, questions and issues as a cyber security project, being aware of the environment and context in which the problem exists.
  5. Review, evaluate and reflect upon knowledge, skills and practices in cyber security.
Reading List
Bolton, G. 2010. Reflective Practice: Writing and Professional Development. 3rd Ed. London: Sage

Boud, D., Keogh, R. and Walker, D. 2005. Reflection: Turning Experience into Learning.

Oxon: Routledge Falmer Fook, J. and Gardner, F. 2007. Practising critical reflection : a resource handbook Maidenhead: Open University Press

Kolb D.A. 1984.Experiential learning : experience as the source of learning and development New Jersey: Prentice Hall

Moon, J.A. (2006). Learning journals: a handbook for reflective practice and professional development (2nd edition). Abingdon: Routledge.

Mumford, J. and Roodhouse, S. (eds.) (2012). Understanding work based learning. Farnham: Gower.

Tarrant, P. (2013). Reflective practice and professional development. London: SAGE

Williams, K., Woolliams, M. and Spiro, J. 2012. Reflective writing Basingstoke: Palgrave Macmillan

Additional Information
Graduate Attributes and Skills Development of graduate attributes are a key component of a graduate apprenticeship. In this course there is specific reference to the development and application of skills and attributes (academic, professional and/or personal), including and lifelong learning, aspiration and personal development, outlook and engagement, research and enquiry, personal and intellectual autonomy, personal effectiveness and communication in both university and the workplace.
Special Arrangements This course is not a stand-alone introduction to applied cyber security and can only be delivered as part of the Graduate Apprenticeship in Cyber Security.
KeywordsCyber Security,Graduate Apprenticeship
Contacts
Course organiserDr Heather Yorston
Tel:
Email: Heather.Yorston@ed.ac.uk
Course secretaryMs Lindsay Seal
Tel: (0131 6)50 2701
Email: lindsay.seal@ed.ac.uk
Navigation
Help & Information
Home
Introduction
Glossary
Search DPTs and Courses
Regulations
Regulations
Degree Programmes
Introduction
Browse DPTs
Courses
Introduction
Humanities and Social Science
Science and Engineering
Medicine and Veterinary Medicine
Other Information
Combined Course Timetable
Prospectuses
Important Information