- Cybersecurity Ecosystem. Cybercrime and crime.
- Ethics in Cybersecurity. Incident reporting. Criminalization of crimes. Which incidents have a criminal irgen and what are the motivations and trends.
- Corporate governance
- Organizational structures, roles and responsibilities
- Organizational culture
- Information security strategy development
- Information governance frameworks and standards
- Strategic planning (i.e. budgets, resources, business case)
The blended mode is based on a proprietary methodology developed by La Salle URL that combines the active online methodology SDBL (Self Directed Based Learning) with several face-to-face sessions distributed throughout the master.
The SDBL methodology is based on situational learning and self-directed learning. With situational learning, the student is taught, through challenges, to deal with real problems and situations in the company with which he/she can consolidate the new knowledge acquired. With self-directed learning, the student decides how to advance in his training based on his previous experience.
On a weekly basis, the LMS (Learning Management System) platform releases the content of a new topic. The way the week works is as follows:
-Synchronous kick-off session [1]:
o The teacher gives an overview of the contents and tasks that the student will encounter throughout the week. The objective of this meeting is to try to discover and reveal on a personal level which aspects of those to be covered during the week may be more difficult for the individual student.
o The teacher solves possible doubts of the students about the previous week's topic.
- Between synchronous connections:
o The student visualizes the content of the sessions and develops the tasks given to him/her about the topic of the week to consolidate knowledge and identify doubts.
Synchronous check point session:
o The teacher solves any doubts the students may have about the contents of the current week.
o The teacher presents additional content or case studies, which are of interest to the students.
o The teacher generates debate and discussion among the students about the contents of the week in course with the objective of helping the students in their assimilation, therefore, improving their learning.
- Rest of the week. The objective is to finish the development of the tasks of the current week based on the clarifications received in the synchronous check point session to overcome the exercises, tasks and/or deliverables of the topic. It is worth mentioning that most of the time dedicated during this last part of the week should be spent on solving the tasks and deliverables, rather than on assimilating content (an aspect that should have been resolved between the kick-off and check point sessions).
The LMS platform opens the content gradually (week by week) so that the whole group follows the same academic path. In other words, the sequential opening of topics is done so that all students in the program are working on the same subjects simultaneously.
On the other hand, the blended mode also provides very dynamic and experiential face-to-face sessions. Several classes are seminar-style, where students experience the simulation of a cyber-incident based on a real case, putting into practice the concepts learned. The facilitators of these sessions, CISOs (Chied Information Security Officers) or Information Security Officers (ISOs) from recognized companies, will observe how the students handle the different challenges posed throughout the seminar and will discuss with them their recommendations and feedback at the end of the session.
Other face-to-face sessions are for monitoring the work done, where students will be able to validate with the expert mentor the resolution of the tasks posed in the subjects and consult doubts before presenting the final version of their work in another face-to-face session programmed exclusively for this purpose.
[1] The synchronous sessions with the mentor are optional for students to attend, last approximately one hour, and are recorded and uploaded to the LMS.
Highly significant evaluation activities:
1. 1 case study to be delivered (40%).
2. Opinion on a case study (20%).
3. Group presentation (10%)
4. 20 multiple choice questions (30%)
Addenda:
- Use of Artificial Intelligence tools.
 
This Master's course allows the use of AI to assist in the completion of a deliverable, but its use must be acknowledged. On the assumption that you have used any AI tool, include a paragraph at the end of any assignment that uses AI explaining what you used the AI for and what prompts you used to obtain the results. Failure to do so will be considered as an action that tends to falsify or defraud the academic evaluation systems and, therefore, the copying policy of La Salle Campus Barcelona - Copying Policy | La Salle | Campus Barcelona (salleurl.edu) will be applied.
- Demonstrate academic integrity in the totality of their work.
If a student is caught cheating in any way on an exam, plagiarizing or rewriting exercises, activities, assignments, presentations, or submitting team work that he/she has not collaborated on, be prepared to receive a penalty in the final grade for the course.
The student and the group must ensure that the work they submit is their own. The student is responsible for citing all sources relied upon in their submissions, using quotation marks when language is taken directly from other sources.
The evaluation system combines different approaches to assess knowledge, skills and competencies in the field of information security leadership and management. It allows demonstrating the ability to analyze practical cases, express informed opinions, work in teams and apply theoretical knowledge in real situations.
Case study to be submitted (40%): This is a practical exercise in which you will be presented with a real situation related to information security management services. In order to analyze the case, the knowledge acquired during the training is applied and requires proposing concrete solutions or recommendations. The delivery of this case study allows you to demonstrate your ability to apply theory to practice and solve real problems in the field of information security.
2. Opinion on a case study (20%): In this point it is required to analyze the case study previously discussed. A reasoned opinion on the case must be expressed, highlighting the most relevant aspects, the successes and mistakes made, and the lessons learned. This evaluation allows demonstrating the capacity of critical analysis and understanding of the key concepts of information security.
3. Group presentation (10%): In this section, you are part of a discussion group to research and present a specific topic related to information security. The presentation should be clear, concise and well structured, and should include an introduction, development of the topic, conclusions and recommendations. This evaluation allows the development of teamwork, communication and presentation skills.
4. 20 multiple-choice questions (30%): This exam will assess theoretical knowledge of the key concepts of information security governance and management. The multiple choice questions can be multiple choice.
"The Economics of Information Security and Privacy" (Hal Varian, 2004): This book offers an economic perspective on information security and privacy, analyzing how economic incentives influence the behavior of the actors involved (companies, users, cybercriminals) and how economic tools can be used to improve security.
"Cybersecurity and Cyberwar: What Everyone Needs to Know" (P. W. Singer y Allan Friedman, 2014):This book provides an overview of cybersecurity and cyberwarfare, addressing topics such as the history of cyberattacks, current threats, defense strategies, and the geopolitical implications of cyberwarfare.
"World Economic Forum Global Risks Report" (Published annually): This annual report from the World Economic Forum analyzes major global risks, including cyber risks. The report provides valuable information on emerging trends in cybersecurity, the challenges facing businesses and governments, and strategies for managing cyber risks.
"The Cybersecurity Canon" (Palo Alto Networks): This collection of books recommended by cybersecurity experts covers a wide range of topics, from risk management to incident response. It is an excellent resource for deepening your knowledge of corporate cybersecurity.
1. Reports and Studies:
ENISA Threat Landscape Reports: The European Union Agency for Cybersecurity (ENISA) publishes annual reports on the cyber threat landscape, analyzing trends and emerging risks. These reports provide valuable information on the economic and social impact of cyber-attacks and the measures organizations can take to protect themselves.
Verizon Data Breach Investigations Report (DBIR): This annual report analyzes thousands of actual security incidents and data breaches, providing detailed information on the tactics, techniques and procedures used by cybercriminals. The DBIR is a valuable resource for understanding the threat landscape and developing more effective cybersecurity strategies.
2. Blogs and Specialized Websites:
Krebs on Security:The blog of Brian Krebs, a cybersecurity journalist, is a trusted source of news and information on cyberattacks, vulnerabilities and security trends.
Dark Reading: This website provides news, analysis and opinion on a wide range of cybersecurity topics, from risk management to threat intelligence.
3. Podcasts and Videos:
"Cybersecurity Where You Are" Podcast: This Cisco podcast addresses cybersecurity issues from a global perspective, interviewing industry experts and leaders.