43010 Cyber Threat Intelligence and Incident Response
6cp; 3hpw, face to face, on campus, weeklyRequisite(s): ((48730 Cybersecurity AND 41181 Information Security and Management) OR 32548 Cybersecurity )
These requisites may not apply to students in certain courses.
There are course requisites for this subject. See access conditions.
Recommended studies:
sound knowledge of computer networking; knowledge of internet security vulnerabilities and defences at the network and application level; awareness of security operations (SecOps) concepts
Description
Cyber threat intelligence involves gathering and analysing information about potential cyber threats and risks from a range of sources. It helps organisations understand the tactics used by malicious actors and enables them to proactively identify and mitigate cyber threats.
Incident response is a structured process that empowers organisations to identify and address cybersecurity incidents and encompasses various stages, including preparing, preventing, detecting, analysing, containing, eliminating, and recovering from cyber-attacks or security breaches. It involves preparing for potential incidents, promptly detecting incidents and assessing the impact of the incidents, containing and eliminating the threat, recovering systems and data, and learning from the experience to enhance future incident response capabilities.
This subject brings these two concepts together by equipping students with the skills and knowledge to both prepare for, and respond to, cyber-attacks in organisational contexts. Through industry case studies and practical exercises, students will develop their abilities to proactively defend against cyber threats, mitigate risks, and strategically respond to incidents.
Typical availability
Autumn session, City campus
Detailed subject description.