CYBR373 (2020) - Human and Organisational Security


This course addresses how the behaviour and values of people as individuals or within an organisation affects cyber security threats and mitigation strategies. Topics include social engineering, cultural considerations, the insider threat, security usability, and risk management.

Course learning objectives

Students who pass this course will be able to:
  1. Describe different types of social engineering attacks on privacy and anonymity and identify potential mitigation strategies for these information security risks based upon awareness, training, education and operational security.
  2. Explain the role of international and local security standards to the development and evaluation of cyber systems.
  3. Demonstrate an understanding of the relationship between individual and social psychology as well as social and cultural norms on the security usability by applying this knowledge to the evaluation of the security of a given system.
  4. Compare and contrast different approaches to risk management in relation to cyber security and discuss the strengths and weaknesses of common risk management frameworks, such as Octave, NIST, COBIT as well as the role of international and local standards.