BSc (Hons)
Cyber Security
Program
Overview
BSc (Hons) Cyber Security prepares you to meet the evolving challenges of protecting the digital systems and services we rely on in daily life, as well as responding effectively to instances where their vulnerabilities are exploited by threat actors.
You learn through a blend of theory and practical work that cuts across knowledge in computing and cyber security, that engages tools and techniques employed in industry, and is supported by interaction with real-world business scenarios. Across the course you are exposed to many aspects of cyber security, from key professional roles and their remits, through network design and administration, to the nuances of establishing robust strategies for organizational cyber resilience. The aim of BSc (Hons) Cyber Security is to support a holistic understanding of the subject, therefore facilitating access to a wide range of professional careers in the field.
Year 1
Fundamentals
of Cyber
Security
Cyber security has been defined as one of the key threats to the prosperity of the United Kingdom by the government, while similar conclusions have been drawn across the globe. The threat to individuals, businesses and the public sector has never been greater.
The module is to place your studies in context by giving you a holistic understanding of
the scope and depth of the cyber security sector. You are introduced to all key concerns of the subject - from identification and detection of threats through to response and recovery - using case studies to underpin relevance and significance. We examine how the field has emerged, how it has evolved, and what paths it may take in the future. With a focus on potential roles within the sector, you build critical knowledge of how cyber security principles are embedded into enterprise systems.
CodeLab I
CodeLab I is a rapid prototyping workshop series that introduces the fundamentals of
procedural programming. You encounter the first principles of coding from computational thinking and maths for programmers to key elements such as variables, conditionals, loops, arrays and functions.
We assume little to no prior experience of coding on entry. You learn procedural programming from the ground up, working through coding challenges and creative briefs that help embed new techniques and best practice into your programming ‘toolkit’.
Introduction to
Computing
Computer Science is all about effective problem solving using data. But what, exactly, is data, and what do we need to know about it? How can we use it? What problems can there be in its use and storage? In this module you will learn what data is, how it is represented, manipulated, processed, stored, transferred, error-checked and compressed.
You will learn how to elicit, represent and analyse the flow of data through systems, and how systems are effectively developed. You will gain an understanding of the devices, software and protocols that are used to do this, as well as the associated social and legal implications.
Digital Forensics
Digital forensics concerns techniques for recovering and analysing material found on computing devices. Often leveraged to investigate instances of cyber crime but also network intrusion and other forms of legal dispute, the field has in recent years gained significant relevance for both the private and public sector. Having a good understanding of the methods, objectives and limitations of digital forensics is essential for cyber security practitioners. As well as helping to identify malicious activity, forensic work supports fortification of business IT policies, and with it, mitigation of future cyber attacks.
This module covers the fundamentals of digital forensics, beginning with what it is and what it’s used for. We go on to examine a number of investigative tools and key techniques for collecting and analysing data from digital devices, as well as the human intuition that must be employed to identify evidence and draw conclusions from it.
Databases
This module provides an introduction to the design, creation and use of databases. It exposes particularly the function of relational databases, and the various data modelling approaches required to create solutions that are organised efficiently, robust and secure.
The aim of Databases is to provide practical experience of implementing applications that leverage standard relational database management systems (RDBMS). You learn how to determine appropriate relationships between data entities and how to represent them, use SQL notation to retrieve and manipulate data, and deploy database normalisation forms to ensure data integrity. This is followed by a brief introduction into methods of using data for data analytics, data science, and machine learning.
Web Dev I
The web is rapidly becoming the go-to environment for deploying and using software. We rely on web technologies to manage our work and social lives, collaborate with like-minded people, experience art and be entertained. Anyone entering the field of computing should have at least a basic understanding of web development, and be able to identify the key opportunities and limitations that web-based software presents.
This module focuses on the creation of online interactive experiences. You learn the key languages of web development (HTML5, CSS, JavaScript) - gaining a practical understanding of how they handle content structure/styling and user interactivity. We assume little to no prior experience of web development. You learn from the ground up, working through coding challenges and creative briefs that help embed new techniques and best practice into your programming ‘toolkit’.
Year 2
Network Administration
This module introduces the technologies and protocols of computer networks. You learn about the core duties of a network administrator, how to build networks using standard devices and interconnect, and how to configure and maintain networks using software tools. Gaining practical experience working with network technologies and architectures is an essential first step towards being able to protect data from unauthorized access.
After this module you will be in a better position to identify and address network vulnerabilities, as engage strategies for defending computing systems in modern
organizations.
CodeLab II
CodeLab II extends your knowledge of coding to include object-oriented programming (OOP). You build on the procedural programming techniques acquired in CodeLab I to deploy OOP concepts that enhance the functionality and efficiency of your builds.
Beyond developing new technical skills, you learn about the software development cycle. Here you form an understanding of how software projects are planned, implemented and maintained in industry. The ultimate aim of CodeLab II is to develop your programming proficiency to the point where you can independently experiment with unfamiliar coding techniques and languages successfully.
This module provides an introduction to the design, creation and use of databases. It exposes particularly the function of relational databases, and the various data modelling approaches required to create solutions that are organised efficiently, robust and secure.
The aim of Databases is to provide practical experience of implementing applications that leverage standard relational database management systems (RDBMS). You learn how to determine appropriate relationships between data entities and how to represent them, use SQL notation to retrieve and manipulate data, and deploy database normalisation forms to ensure data integrity. During the module we utilise variants of the LAMP web service stack, deploying MySQL and PHP to negotiate transactions with databases and serve content to users via web browsers. Module content therefore also incorporates aspects of HTML markup and JavaScript scripting to develop simple, yet focused dynamic web applications.
Intrusion Analysis and
Response
Knowing when the confidentiality, integrity or availability of an enterprise computer system has been compromised is critical for business continuity. Understanding how to confirm a breach and respond accordingly to minimise impact and expedite a return to normal working practices is essential for the cyber security practitioner.
Intrusion Analysis and Response aims to help you develop the specialised technical knowledge needed to identify and act on potential network intrusions. We begin with a review of several types of network breach, how they are conducted, and their potential effects on business continuity. Next, we critically examine systems for detecting and preventing intrusions, including what network traffic they observe, what rules they use to flag unexpected activity, and what actions they take to eliminate threats. We then turn to incident analysis and response. Here you compare published guidance from the public and private sector, and apply methods for intrusion containment, restoring operations and improving security posture via post-incident analysis.
Cyber Resilience
Cyber criminals are adapting faster than security solutions are being devised. Many specialists agree that traditional cyber security measures are proving inadequate at handing the persistence and complexity of the evolving threat landscape. The concept of cyber resilience in turn represents a shift in mindset to one that assumes that cyber attacks are inevitable, and that organisations should focus efforts on developing post-breach strategies in addition to mitigatory measures. Cyber resilience is about an organisation’s ability to reduce the impact of an attack, and it’s capacity to return to operations as quickly as possible.
Web Dev II
Web Dev II builds on the HTML5, CSS and JavaScript programming skills covered in Web Dev I. Following a HTML5 and CSS refresher, you will be introduced to more advanced CSS techniques that you will use throughout the module to create engaging, responsive, and well-designed web content. You then learn more sophisticated uses of JavaScript that will enable you to create dynamic and interactive web content.
To further develop your skills as a web developer you are taught how to test and troubleshoot your web development projects. This includes the use of online documentation, browser-based development tools, and web services that help improve the accessibility and Search Engine Optimisation (SEO) of your webpages. You will also be made aware of the modern ‘eco-system’ of web development tools, frameworks, and languages.
Year 3
Cyber Crime, Law
and Ethics
Cyber crime is an expansive and growing problem, perpetrated by cyber criminals and state-sponsored actors, and enabled by the same technologies that underpin the world economy and our daily lives. This module covers the primary types of cyber crime, including those related to personal or financial gain, and those which compromise the confidentiality, integrity, and availability of information.
In Cyber Crime, Law and Ethics you explore the laws and legal protections in place in the UK and internationally, and how they have developed in response to the increasing threat to privacy, security and intellectual property. You critically evaluate the complex relationship between privacy and security, and the ongoing
This module provides an opportunity to investigate an area of cyber security of personal interest, and ideally one that engages a professional role that you wish to pursue. The core aim is to identify and critically evaluate current knowledge in the field with a view to developing cogent arguments and insights on that topic. This may include data collection exercises, or otherwise be conducted as a desk-based research activity.
You begin by identifying several potential areas of investigation and consulting with your project supervisor to agree on a single topic of enquiry. Following drafting of a research question, you draw on self-selected readings to conduct a literature review and consolidate resulting insights using a literature review map. Supported by lectures on research methods and knowledge exchange seminars, you then undertake further readings and/or conduct data collection activities independently to construct a critical argument on your chosen topic. Finally, you structure and write-up an academic paper that presents your findings.
Securing the
Internet of Things
The Internet of Things (IoT) is a potentially game changing technology that enables myriad devices to be connected and monitored continuously via the Internet. This enhanced connectivity has led to fascinating innovations such as autonomous vehicles, home automation, enhanced energy management, health monitoring and tools for improving business productivity, as well as many applications that have not yet been considered. IoT has been adopted quickly across almost all industries and domains with the objective of lessening the burden on humans.
As reliance on IoT grows, malicious hacker groups are choosing to target smart systems for cyber attack. This has implications for both organisations and citizens in terms of privacy, financial loss, welfare and disruption. While the number of devices connected to the Internet continues to increase (in the order of billions), so does the number of connection points and scope of data that hackers can exploit. For this reason, the challenge of securing the Internet of Things is one of urgent and widespread concern.
Cyber Offence
Internet users, corporate or individual, are under sustained attack by hackers. Whether receiving a random phishing email or a targeted attack by an advanced persistent threat, a successful defence requires understanding the attacker mindset. Some hackers are individuals, others are part of crime syndicates or nation states, but in all cases being able to view targets from their perspective is an invaluable and essential skill for cyber security practitioners.
This module puts you in the position of the hacker with an array of tools and techniques that expose and exploit vulnerabilities in target systems. You learn by emulating the ‘red team’ attack process, from digital reconnaissance and intelligence gathering through extracting data and covering your tracks. This form of ethical hacking is a valuable method used by all types of organisations to audit their defences and management processes. By understanding how hackers hack, your defensive awareness and skills are developed, enabling you to identify and mitigate weaknesses in enterprise systems.
Cyber Defence
Our world is dependent on digital technology and this technology is under greater threat from attackers than ever before. Cyber security is critical to defend enterprise systems, as well as personal computing. As attacks evolve, so must the techniques for securing systems. The ongoing challenges facing information security professionals require diligence, readiness and pragmatism. At all times, the effort spent on defence must be proportional to the level of threat and the potential costs associated with compromise.
This module takes you through some of the key technologies, hardware and software that are essential in the layered defences that keep systems operational and the hackers out. You learn by following ‘blue team’ processes to assess flaws and vulnerabilities, and apply hardening techniques to mitigate risks. The aim is to build a layered system of controls to generate a defence in depth model - a cross between a maze and a digital minefield. Defences are continually monitored and adapted as new threats are discovered and technologies become available.
Critical
Infrastructure
Clustered under the term ‘critical national infrastructure’ (CNI) are organisations, assets and supply chains that manage and deliver national provisions related to health, defence, communications, transport, power, water and emergency services, amongst others. Each of these sectors are exposed to threats from cyber criminals, terrorists and hostile states, with some critical services being more prone than others to espionage, data theft and disruption. CNI cyber resilience is therefore an important concern for the continued functioning of society. Indeed, securing key public and private sector services from cyber attack is an important component of the UK government’s National Security Strategy.
