Cybersecurity : understanding risks and protection strategies (S1)

Catalog of Institut Mines-Télécom Business School courses

Code

MUFF MIS 2202

Level

L2

Field

Systèmes d’information

Language

Anglais/English

ECTS Credits

4

Class hours

20

Total student load

40

Program Manager(s)

Department

  • Service Bachelor
  • Technologies, Information et Management

Educational team

Introduction to the module

Unlike many other fields in information systems management, successful cybersecurity management results in nothing more than uneventful business operations. It is only when incidents or breaches occur that people truly recognize the importance of maintaining robust security infrastructure and practices.

While cybersecurity risks share similarities with other types of risks, they are quite different from the kind of dangers we encounter in everyday life, such as crossing a busy street. Will there ever come a time when people instinctively avoid cybersecurity risks, much like how we naturally try to avoid illness or physical accidents?

Despite the modern technologies we associate with “cybersecurity,” one could argue that some of its most basic ideas trace back to ancient Egypt. Additionally, familiar terms like “virus” and “Trojan horse” are borrowed from everyday language to describe cybersecurity concepts and threats. This suggests that cybersecurity can be understood from a human and social perspective, rather than solely through a technical or engineering lens.

With this in mind, a central objective of this course is to introduce students to the field of cybersecurity management in a way that is relatable to their personal lives and relevant to society and business practices. By highlighting the importance and some inner workings of cybersecurity, we discuss protection strategies based on our evaluation of risks and business concerns.

Learning goals/Programme objectives

  • LG1 Being able to extend digital intelligence through its different dimensions
  • LG2 Having the ability to manage uncertainty and complexity with accuracy and rigor
  • LG3 Having the foundations of responsible and sustainable management

Learning objectives/Intended learning outcomes

  • 1.3 - Develop competitiveness in business, and digital sovereignty
  • 2.1 - Identify and analyze in depth problems, causes and impacts
  • 2.2 - Explore solutions, decisions, and their relative and absolute impacts
  • 2.4 - Implement a plan, prepare for changes, and measure the success of actions with regard to strategy and stakeholder
  • 3.1 - Understand and employ basic concepts, knowledge and theories related to the discipline
  • 3.2 - Apply discipline knowledge appropriately and effectively
  • 3.4 - Select and employ judiciously appropriate techniques and tools within the discipline
  • 5.2 - Understand and analyze situations from alternate perspectives with relevance and rigor

Content : structure and schedule

Note: the order of sessions and title names may be subject to change at the beginning of the course.

Session 1 - Introduction to Cybersecurity and Cyber Threats
Session 2 - Threats, Risks, & Promises of the Secured
Session 3 - The Multitudes of Protection and Risk Management
Session 4 - Simulation: Cybersecurity Incident Management & Understanding Attacks
Session 5 - Case Study: Cybersecurity as Part of the Business Cycle
Session 6 - Presentations (Security Communication) & Concluding Remarks

Sustainable Development Goals

No. 9 : Industrie, Innovation et Infrastructure
No. 16 : Paix, justice, et institutions efficaces

Number of SDG's addressed among the 17

2

Learning delivery

synchrone

Pedagogical methods

This course is divided into 6 learning units, each being 3 hours in duration with a 15 min half time break.

The course mostly takes the form of in-class lectures by professor, but there are group discussions, exercises, and security management simulations, which require the learners’ active participation. Debates and challenges are highly welcomed among learners speaks and the professer.

Certain audiovisual materials will be used in class. Reading materials will be distributed in Moodle for deeper course review.
Learners will also have the opportunity to engage in a group presentation work on the topic of cybersecurity communication.

Evaluation and grading system and catch up exams

Participation (10%): Attendance rate in class and active participation in discussions.
Course project (20%): Learners can choose between a presentation-based project or written-analytics-based project.
Final exam (70%): Composed of MCQs, true or false questions, and scenario-based subjective questions.

Learners who do not pass the final exam will have the opportunity to take a catch-up exam on table.

Module Policies

Professor-Student Communication
● The professor will contact the students through their school email address (IMT-BS/TSP) and the Moodle portal. No communication via personal email addresses will take place. It is the student responsibility to regularly check their IMT-BS/TSP mailbox.
● Students can communicate with the professor by emailing him/her to his institutional address. If necessary, it is possible to meet the professor in his office during office-hours or by appointment.

Students with accommodation needs
If a student has a disability that will prevent from completing the described work or require any kind of accommodation, he may inform the program director (with supporting documents) as soon as possible. Also, students are encouraged to discuss it with the professor.

Class behavior
● Out of courtesy for the professor and classmates, all mobile phones, electronic games or other devices that generate sound should be turned off during class.
● Students should avoid disruptive and disrespectful behavior such as: arriving late, leaving early, careless behavior (e.g. sleeping, reading a non-course material, using vulgar language, over-speaking, eating, drinking, etc.). A warning may be given on the first infraction of these rules. Repeated violators will be penalized and may face expulsion from the class and/or other disciplinary proceedings.
● The tolerated delay is 5 minutes. Attendance will be declared on Moodle during these 5 minutes via a QR code provided by the teacher at each course start.
● Student should arrive on time for exams and other assessments. No one will be allowed to enter the classroom once the first person has finished the exam and left the room. There is absolutely no exception to this rule. No student can continue to take an exam once the time is up. No student may leave the room during an examination unless he / she has finished and handed over all the documents.
● In the case of remote learning, the student must keep his camera on unless instructed otherwise by the professor.

Honor code
IMT-BS is committed to a policy of honesty in the academic community. Conduct that compromises this policy may result in academic and / or disciplinary sanctions. Students must refrain from cheating, lying, plagiarizing and stealing. This includes completing your own original work and giving credit to any other person whose ideas and printed materials (including those from the Internet) are paraphrased or quoted directly. Any student who violates or helps another student violate academic behavior standards will be penalized according to IMT-BS rules.

Textbook Required and Suggested Readings

There is no textbook for this course. Suggested readings will be updated on Moodle prior to the beginning of course and potentially over the six lecture sessions. Certain audiovisual materials will be used in class.

Keywords

Cybersecurity, Information Security, Privacy, Risk, Ethics

Prerequisites

There is no prerequisite for the course, although familiarity and understanding of digital technologies and cybersecurity threats are welcomed.