Cybersecurity: Prevention and Regulation 2751-BW-KONJA-20-CPR

Detailed Schedule for 15-Hour Course: Cybersecurity: Prevention and Regulation

Session 1: Introduction to Cybersecurity and Cybercrime (2 Hours)
Overview of the course structure and objectives.
Definitions of cybersecurity and cybercrime.
Discussion on the relevance of cybersecurity in today's digital landscape.
Historical evolution of cybercrime and notable case studies.
Activities:

Lecture on key concepts.
Group discussion: "What makes a system secure or vulnerable?"

Session 2: Threat Actors and Types of Cybercrime (2 Hours)
Classification of cybercrime: financial fraud, data breaches, ransomware, hacking, etc.
Overview of threat actors: cybercriminals, hacktivists, insider threats, and state-sponsored hackers.
Understanding their motivations and objectives.
Activities:

Case study analysis: "NotPetya Attack – A Global Perspective."
Brainstorming exercise on potential threat vectors in different industries.

Session 3: Legal Frameworks in Poland and the EU (2 Hours)
Overview of key cybersecurity and data protection regulations:
Poland: Act on National Cybersecurity System (KSC).
EU: GDPR, NIS Directive, Cybersecurity Act.
Rights, obligations, and penalties under these regulations.
The role of public institutions and private organizations in compliance.
Activities:

Interactive lecture with Q&A on compliance requirements.
Practical exercise: Analyze a data breach case and discuss legal implications.

Session 4: Cybersecurity Principles and Best Practices (2 Hours)
Fundamental principles of cybersecurity for users:
Password management.
Secure browsing habits.
Recognizing phishing and social engineering tactics.
Security measures for organizations: firewalls, antivirus software, and encryption.
Activities:

Workshop: Simulated phishing emails – how to identify and report them.
Group activity: Create a checklist for secure online practices.
Session 5: Prevention and Detection of Cyber Threats (2 Hours)
Strategies to prevent intrusions:
Network security practices.
Role of multi-factor authentication.
Methods for detecting and responding to intrusions:
Intrusion detection systems (IDS).
Incident response plans.
Activities:

Practical exercise: Setting up basic intrusion prevention measures.
Discussion on the importance of timely reporting and forensic investigation.

Session 6: Emerging Threats and Trends in Cybercrime (2 Hours)
Analysis of current trends: ransomware, deepfakes, IoT vulnerabilities.
Exploring cyber terrorism and its global implications.
Future trends and how to stay ahead of evolving threats.
Activities:

Case study: Cyberattack on critical infrastructure.
Brainstorming session: "How can technology both solve and create cybersecurity challenges?"
Session 7: Final Discussion, Review, and Project Presentations (3 Hours)
Summary of course topics.
Open discussion: Challenges and opportunities in combating cybercrime.
Student presentations on team projects:
Analysis of a major cybercrime event or proposal for a cybersecurity plan.
Feedback and course wrap-up.
Activities:

Team presentations and peer evaluations.
Course feedback and certification distribution.

Total student workload

70 hours: - 15 hours - contact hours; - 15 hours - individual work of the student in order to prepare for classes: searching for necessary information and materials, reading the indicated documents; - 40 hours - preparing for the exam.

Learning outcomes - knowledge

Understands the concept of cybercrime and cybersecurity, including their definitions, significance, and scope. Identifies the causes and drivers of computer crime, recognizing the role of technological and societal changes. Explains the scale of computer crime and its impact on individuals, organizations, and governments. Distinguishes between various types of threat actors (e.g., cybercriminals, hacktivists, state-sponsored hackers) and their objectives. Understands the classification and systematics of computer crimes, as well as emerging trends and modern threats, including cyber terrorism. Gains knowledge of best practices and principles for ensuring cybersecurity for users. Analyzes strategies for preventing and detecting cyber intrusions and safeguarding sensitive data. Demonstrates familiarity with Polish and EU legal frameworks regulating cybersecurity and combating cybercrime.

Learning outcomes - skills

Learning Outcomes - Skills: Identifies and assesses potential cybersecurity threats and vulnerabilities in various contexts. Applies methods and tools to prevent cyber intrusions and detect potential incidents effectively. Develops strategies for data protection and incident response tailored to specific scenarios. Analyzes case studies of cybercrime to understand threat actor behaviors and objectives. Evaluates and interprets Polish and EU legal regulations related to cybersecurity and cybercrime. Advises on best practices for secure system usage and mitigating risks for individuals and organizations. Communicates effectively on cybersecurity issues, providing clear guidance and recommendations for prevention and response. Continuously updates knowledge of emerging trends and legal developments in the field of cybersecurity.

Learning outcomes - social competencies

Learning Outcomes - Social Competencies: Recognizes the importance of cybersecurity as a shared responsibility and promotes a culture of digital safety within various environments. Demonstrates ethical awareness and responsibility in addressing issues related to cybercrime and data protection. Collaborates effectively with others to develop and implement cybersecurity measures and policies. Shows readiness to engage in lifelong learning to stay informed about evolving cyber threats and legal frameworks. Acts proactively to identify and mitigate cybersecurity risks, considering the impact on individuals, organizations, and society. Respects legal and ethical standards when handling sensitive information or responding to cybersecurity incidents. Encourages awareness and compliance with cybersecurity best practices among peers and professional networks.

Teaching methods

Lectures – Structured presentations to introduce key concepts, theories, and legal frameworks related to cybersecurity and cybercrime. Case Studies – Analysis of real-world cybercrime incidents to understand threat actor behavior and evaluate response strategies. Workshops – Interactive sessions to practice cybersecurity tools, prevention techniques, and intrusion detection methods. Group Discussions – Collaborative exploration of cybersecurity challenges and trends, encouraging critical thinking and diverse perspectives. Legal Analysis – In-depth examination of Polish and EU regulations to understand their application in combating cybercrime.

Observation/demonstration teaching methods

- staging

Expository teaching methods

- discussion
- participatory lecture
- description
- informative (conventional) lecture
- problem-based lecture
- narration

Exploratory teaching methods

- classic problem-solving
- presentation of a paper
- practical

Online teaching methods

- content-presentation-oriented methods
- cooperation-based methods
- exchange and discussion methods

Prerequisites

Language Proficiency: A good command of English (at least B2 level) is required, as the course materials, lectures, and discussions will be conducted in English. Basic Computer Literacy: Familiarity with basic computer operations and internet usage. Understanding of general IT concepts (e.g., operating systems, software applications) is recommended. Open-mindedness and Analytical Thinking: Willingness to participate in discussions, analyze case studies, and solve real-world problems related to cybersecurity.

Course coordinators

Maciej Siwicki

Assessment criteria

Active participation in classes (discussion of 4-5 cybersecurity issues) and presentation of work results in group classes.

Class Participation 20%; Final Project 80%

-- Written Submission (50%)

-- Simulation (50%).

Class participation is both important and required.

Additional information

Additional information (registration calendar, class conductors, localization and schedules of classes), might be available in the USOSweb system:

Description of 2751-BW-KONJA-20-CPR in USOSweb