Module: CYS7002-15 Critical Vulnerability Analysis
Level: 7
Credit Value: 15
Module Tutor: John Curry
Module Tutor Contact Details: j.curry@bathspa.ac.uk
1.Brief description and aims of module
Critical Vulnerability Analysis provides a holistic view of cyber security practices related to the mitigation of potential cyber security incidents. This includes methods of identifying aspects of a business that are vulnerable to direct or indirect attack, analysing the possible consequences of such attacks, and designing the implementation of relevant modification measures. Often packaged as ‘risk management’, a critical understanding of these phases is needed to be effective as a cyber security professional.
The module in addition exposes specific strategies for evaluating and reporting, for example, structural vulnerabilities and inadequate cyber security safeguards. As such, business preparations that include a degree of penetration testing are examined. Drawing on both red team (offence) and blue team (defence) perspectives, we advocate a purple team (collaborative) approach to analysing the security posture of a network or organisation. Here you learn about the methods that threat actors use to compromise their targets, and how we can emulate strategies of offence for the benefit of defence.
2.Outline syllabus
● Risk identification, analysis, evaluation and treatment
● Tools for risk management
● Testing methodologies and techniques
● Black Swans - how testing reveals the unexpected
● Vulnerability information based on Security Operating Procedures
● Incident management (analysis, containment, remediation, recovery)
● Investigation into security incidents
● Whole business response
3.Teaching and learning activities
Class Hours:
In-class activities analyse and implement risk management strategies, as well as engage emulation and campaign-based vulnerability testing (red, blue, purple team).
Independent Study:
You are required to complete independent research, analyse course materials, and reflect on in-class activities. We recommend also that you spend time reviewing the offence and defence strategies outlined in the titles under ‘key texts’.