Module contents: • Organisational structures - Roles of security personnel (e.g. Enisa taxonomy) - corporate services (IT Services, Security, Compliance, SOC, Silver Team) - Incident response workflow • Risk Management - Definitions - Practical usage - threat identification - ACL's threat modelling – (Attack vectors, types of threats, inside vs. outside) - Mitigation in practice  model, adapt, reassess, repeat  ranking of risk and the Avoid, Reduce, Transfer, Accept  communication with stakeholders  Prevention  Preparation  Silver teams  SOC • Security Governance & Policy - Formal structures  Frameworks (micro to macro, individual to society, ...)  Standards (e.g. ISO27001)  Laws and Ethics (covered in-depth elsewhere)  Security Policy (pitfalls, requirements, necessary components)  Holistic approach (Humans, Machines, Culture)  Policy in context (requirements depending on the segment, e.g. Finance vs. Agriculture) • Privacy - Definitions - Applicability - Basic concepts (value, right to be forgotten, choice, trust) - contextual issues in privacy (Law vs. common sense, formal vs. informal norms, requirements of businesses vs. individuals; cultural discrepancies; ethics of privacy, health and finance vs. e-commerce ...) - Practical application (e.g. in software development. Addressed in other modules). • Laws, ethics, and compliance (Laws and regulations are covered in the module Judicial aspects of INFOSEC.) - Ethics of security (informal vs. formal norms, ethical fallacies in security, rationalisation, the inclination to use biblical precepts to justify ones’ actions...) • Executive and board level communication (NOTE: On this study level, only basic understanding of this topic is required.) - Why is effective communication needed. - Foundations of effective communication - How to communicate with superiors • Analytical Tools and analysis - Tools - Overview and practical use (basics). - Data analytics - What is it. - What data is expected and how is it gathered (IDS, SOC, netflow logs...). - Basics of analysis and diagnosis. - Forensics vs. analytics - Analysis of human and mechanical attack vectors. • Security intelligence collection, analysis, and dissemination of security information Intelligence types (SIGINT, HUMINT, MASINT, ...) - Classification and use. - Pitfalls of intelligence gathering (noise, overabundance, establishing veracity, ethics, privacy ...) - Overview of some intelligence gathering tools (Shodan, Google, Spiderfoot, Maltego...) • Personnel Security - Security awareness, training and education - Hardening employees (overview, user training, pitfalls. More in year 2) - Physical security (machines, offices, dumpster diving, etc) - Third party services (External SOC, security guards ... ) - Third party contractors (contractors, employees, business partners)"