Module: CYS5002-20 Cyber Resilience
Level: 5
Credit Value: 20
Module Tutor: John Curry
Module Tutor Contact Details: j.curry@bathspa.ac.uk
1. Brief description and aims of module:
Cyber criminals are adapting faster than security solutions are being devised. Many specialists agree that traditional cyber security measures are proving inadequate at handing the persistence and complexity of the evolving threat landscape. The concept of cyber resilience in turn represents a shift in mindset to one that assumes that cyber attacks are inevitable, and that organisations should focus efforts on developing post-breach strategies in addition to mitigatory measures. Cyber resilience is about an organisation’s ability to reduce the impact of an attack, and it’s capacity to return to operations as quickly as possible.
We begin with a review of the subtle yet critical differences between cyber security and cyber resilience with a particular focus on the notion of ‘assuming breach’. We then consider what cyber resilience means for the public, private and third sector, which includes an understanding of relevant published frameworks from the UK and other global powers. This is followed by a deep examination of potential strategies that an organisation can put in place for improving cyber resilience. This includes planning decisions that target cost of attack and risk exposure, as well as ways that organisations fine tune their post-incident recovery plans to meet individual circumstances.
2.Outline syllabus
Cyber security vs cyber resilience
The scope of cyber resilience: organisations, critical infrastructure, society, nation states
Assuming breach: taking on an adversary mindset
IT Governance Cyber Resilience Framework
MITRE ATT&CK framework
Defining a bespoke and robust organisational cyber resilience strategy
Identifying cyber risk (pure and speculative) and its place within business risk management
Analysing and calculating risk exposure
The problem of security decay and cyber hygiene
Tensions between security and complexity
Cyber resilience through compliance: GDPR, Cyber Essentials and related ISO (International Organization for Standardization) standards
The importance of organisational collaboration
3.Teaching and learning activities
Class Hours
Lectures and seminars are highly focused on strategic thinking and case study analysis. This is support where possible from insights on specific cyber resilience strategies from invited speakers. Workshop sessions invite you to establish and critically evaluate threat mitigation and post-incident recovery solutions for hypothetical business contexts.
Independent Learning
You are expected to undertake readings set by tutors and follow up concepts and examples introduced in class through independent research.
Assessment Type: Course Work
Description: Cyber resilience plan (5,000 words).
% Weighting: 100%