DSF : Cybersecurity and digital risk in finance

Catalog of Institut Mines-Télécom Business School courses

Code

MGFE MIS 6215

Level

M2

Field

Systèmes d’information

Language

Anglais/English

ECTS Credits

2

Class hours

20

Total student load

40

Program Manager(s)

Department

  • Technologies, Information et Management

Educational team

Introduction to the module

Les entreprises de moyenne et grande taille déploient, une politique de sécurité. Afin d'auditer ces politiques de sécurité différentes méthodes existent parfois similaires, parfois opposées, mais toujours complémentaires dans leur approche. Les finalités de ce module sont de :
o Comprendre les risques liés à l'usage de l'informatique et des réseaux,
o Connaître la démarche de gestion de la sécurité des SI dans les entreprises
o Avoir une vision synthétique des risques et parades de sécurité des SI,
o Connaître la qualification des risques et des parades.

Véritable point névralgique, le système d’information est souvent la proie de multiples attaques qui menacent l’activité économique des entreprises et requièrent la mise en place d’une politique interne de sécurité.
Le concept de Sécurité SI recouvre donc un ensemble de méthodes, techniques et outils chargés de protéger les ressources d’un système informatique afin d’assurer la disponibilité des services, la confidentialité et l’intégrité des informations.
Les échanges au travers notamment d’Internet ont rendu également nécessaire le développement de propriétés nouvelles comme l’authentification, la paternité et la traçabilité de l’information.

Learning goals/Programme objectives

  • LG1 Being able to extend digital intelligence through its different dimensions
  • LG2 Having the ability to manage uncertainty and complexity with accuracy and rigor
  • LG3 Having the foundations of responsible and sustainable management
  • LG4 Having access to different cross disciplinary management approaches and tools

Learning objectives/Intended learning outcomes

  • 1.2 - Develop digital creativity for the individual and the organizational
  • 1.3 - Develop competitiveness in business, and digital sovereignty
  • 2.1 - Identify and analyze in depth problems, causes and impacts
  • 2.2 - Explore solutions, decisions, and their relative and absolute impacts
  • 2.3 - Identify optimal solution(s) and priorities toward implementation
  • 2.4 - Implement a plan, prepare for changes, and measure the success of actions with regard to strategy and stakeholder
  • 3.1 - Understand and employ basic concepts, knowledge and theories related to the discipline
  • 3.2 - Apply discipline knowledge appropriately and effectively
  • 3.3 - Identify the boudaries of the discipline and possible cross-disciplinary connections
  • 3.4 - Select and employ judiciously appropriate techniques and tools within the discipline
  • 4.2 - Understand and employ cross-disciplinary concepts, knowledge, theories
  • 4.3 - Apply cross-disciplinary management approaches and tools effectively and judiciously

Rubrics

- Connaître le contexte général du Risque Cybersécurité afin de pouvoir le prendre en compte efficacement
- Avoir une bonne visibilité sur l’environnement juridique et normatif applicable au domaine de la Sécurité des S.I.
- Mettre en œuvre de manière opérationnel un Système de Management de la Sécurité de l’Information selon la norme ISO2700
- Mettre en œuvre de manière opérationnelle les principales activités en matière de Maitrise des Risques SSI

Content : structure and schedule

Partie 1 : Etat de la Menace - décryptage
1.1. Fondamentaux
1.2. Les principales menaces
1.3. Bilan des attaques – Monde et France
1.4. Evolution de la menace, nouveaux usages
Partie 2 : Etat des lieux acteurs
2.1. Citoyens
2.2. Entreprises
Partie 3 : Cybercriminalité
3.1. Business
3.2. Acteurs
Partie 4 : Stratégie de défense de l’Etat
Partie 5 : Marché de la Cybersécurité
5.1. Caractéristique de la filière
5.2. Prospectives technologiques

Sustainable Development Goals

Fiche ODD n°9 - Industrie, innovation et infrastructure

Number of SDG's addressed among the 17

1

Learning delivery

Mixte

Evaluation and grading system and catch up exams

Combinaison de cours, exemples, études de cas étudiées et analysées

Module Policies

Professor-Student Communication
● The professor will contact the students through their school email address (IMT-BS/TSP) and the Moodle portal. No communication via personal email addresses will take place. It is the student responsibility to regularly check their IMT-BS/TSP mailbox.
● Students can communicate with the professor by emailing him/her to his institutional address. If necessary, it is possible to meet the professor in his office during office-hours or by appointment.

Students with accommodation needs
If a student has a disability that will prevent from completing the described work or require any kind of accommodation, he may inform the program director (with supporting documents) as soon as possible. Also, students are encouraged to discuss it with the professor.

Class behavior
● Out of courtesy for the professor and classmates, all mobile phones, electronic games or other devices that generate sound should be turned off during class.
● Students should avoid disruptive and disrespectful behavior such as: arriving late, leaving early, careless behavior (e.g. sleeping, reading a non-course material, using vulgar language, over-speaking, eating, drinking, etc.). A warning may be given on the first infraction of these rules. Repeated violators will be penalized and may face expulsion from the class and/or other disciplinary proceedings.
● The tolerated delay is 5 minutes. Attendance will be declared on Moodle during these 5 minutes via a QR code provided by the teacher at each course start.
● Student should arrive on time for exams and other assessments. No one will be allowed to enter the classroom once the first person has finished the exam and left the room. There is absolutely no exception to this rule. No student can continue to take an exam once the time is up. No student may leave the room during an examination unless he / she has finished and handed over all the documents.
● In the case of remote learning, the student must keep his camera on unless instructed otherwise by the professor.

Honor code
IMT-BS is committed to a policy of honesty in the academic community. Conduct that compromises this policy may result in academic and / or disciplinary sanctions. Students must refrain from cheating, lying, plagiarizing and stealing. This includes completing your own original work and giving credit to any other person whose ideas and printed materials (including those from the Internet) are paraphrased or quoted directly. Any student who violates or helps another student violate academic behavior standards will be penalized according to IMT-BS rules.

Textbook Required and Suggested Readings

supports de cours

Keywords

cybersécurité, cadre réglementaire, Système de Management de la Sécurité de l’Information, Audit et contrôle des risques