Cyber security is a continuously evolving field. This is particularly evident in terms of Tactics, Techniques and Procedures (TTPs) exhibited by adversaries and the subsequent response strategies employed by defending organisations. The consequences of a security breach or exploit can be extreme, particularly when attacks involve successful ransomware deployments.

In this module students will acquire an overview of defensive cyber security strategies that have been modelled on, or utilise, widely recognised frameworks and knowledge bases (e.g., NIST, MITRE ATT&CK). Indicative topics include vulnerability management, network monitoring, log file analysis, firewalls, IDS, IPS, SIEM, data and intelligence analytics, incident response, network forensics, incident management, orchestration strategies.

*Course content subject to change