In this pilot, we aim at designing a novel course to achieve three goals; first, to indicate the importance of information security management as a competitive advantage for digital innovation and growth, rather than purely defensive effort (i.e. the traditional viewpoint). Second, to facilitate critical thinking among students and to encourage them to take an active role in their learning processes. Third, to attract a larger group of students by offering a new, interesting and important course.
In this course information security management will be approached from a novel holistic perspective. As such, we indicate the importance of building information security-in from the outset and throughout the systems development and business operations. In particular, the students learn about the benefits of information security in modern societies and how it can be achieved through collective efforts of different groups of stakeholders within organizations.
Platforms and tools
In this pilot we aim at utilizing different information security and psychology theories, empirical evidence from research and industry, and student-centered pedagogical methods. As such we incorporate three main pedagogical methods including project-based learning, research-based learning, and team-based learning. Some of the techniques to be used in this course include reading circles, role-playing in real-life security dilemmas, case studies, group discussions, hand-on exercises, continuous feedback through self-evaluation and peer-evaluation, and expert communication.
Relying on relevant theories as well as real-life scenarios and cases, a set of video lectures, slides, relevant quizzes and exercises will be prepared and used in this course. These deliverables are mainly extracted from scientific publications or publicly available online materials and repositories (e.g. OWASP, SANS, NIST).
ISM-E2003 – Information Security Management (6 ECTS)
School of Business, Department of Information and Service Management / Information Systems Science