Master of Science in Cybersecurity Management

Lead the new era of cybersecurity: strategic, human-centered, and powered by artificial intelligence. Drive your future

Seminars on the management of cybersecurity and critical infrastructures

Back to Syllabus

Description
The face-to-face seminars of the Master are the subject where students develop soft skills and teamwork. Through the accompaniment of a facilitator, the prominence and leadership of the subject is delegated to the students who must coordinate to solve the management and management challenges presented to them by the facilitator. Each seminar class will be unknown and unforeseen by the students, although always related to the professional challenges of managing an information security department. The success of the session will not be so much the resolution of the challenge (which can sometimes be impossible) but the implicit learning that involves recognizing the needs implicit in the role played by the person who manages a security department and the demands of their functions and obligations. For example, some of the seminars will involve circumstances such as the following: Activation of an incident response team - Organizational structure - Distribution of functions and operation - Organization and direction of the incident response team - Review of procedures, policies and plans for incident response - Relationship of the phases to incident response: incident detection, data analysis and incident identification Installation and operation plans for cybersecurity management systems - Planning of procedures and designation of responsibilities - Cataloguing anomalies in the traffic of a corporate network - Choosing a tool for monitoring network anomalies - Choosing a system for detecting intrusions and infections in corporate networks and systems - Recognition of attack patterns - Monitoring operation and optimizing efficiency
Type Subject
Primer - Obligatoria
Semester
Second
Course
1
Credits
10.00
Previous Knowledge

No prior particular knowledge required

Objectives

- Be able to put into practice the knowledge of cybersecurity taught throughout the programme through practical workshops.
- Be able to analyse the feasibility and possible alternatives of a project with cybersecurity and critical infrastructure solutions and policies taking into account specific business objectives.
- Participate in the advanced application of frameworks and techniques for the conversion of the entity's cybersecurity plans into viable projects aligned with the company's strategy.

Contents

The course is structured around five thematic seminars, each of which poses a real strategic challenge linked to the role of the CISO within an organization. The contents are not presented in a conventional theoretical format, but emerge from practice, case analysis, collaborative work and decision-making in simulated contexts.

The main content blocks that are worked on transversally are:

1. Governance and leadership in cybersecurity
- CISO management functions.
- Risk management, decision-making and alignment with business strategy.
- Crisis management and executive communication.

2. Project and program management
- Design and implementation of continuity plans (DRP/BCP).
- Evaluation and adoption of emerging technologies (AI, automation, XDR...)
- Cost-benefit analysis and justification of proposals to management.

3. Incident management and forensic analysis
- Coordination of response teams.
- Relationship with third parties (suppliers, legal teams, authorities).
- Preservation of evidence and decision-making in a limited time.

4. Culture and talent in cybersecurity
- Recruitment and retention of specialized professionals.
- Collaboration with Human Resources.
- Development of awareness and internal leadership plans.

The seminars may vary depending on current events in the sector and the profiles of the guest speakers, but they always maintain a structure focused on the analysis of a case, the simulation of executive roles and the collaborative resolution of the challenge proposed

Methodology

The seminars are face-to-face sessions where students experience the simulation of a cyber incident based on a real case, putting into practice the concepts learned in a very dynamic way. The facilitators of these sessions, CISOs (Chief Information Security Officers) or Information Security Officers (ISOs) from recognized companies, will observe how students develop in the face of the different challenges posed throughout the seminar and will discuss their recommendations and feedback at the end of the session.

Evaluation

The assessment is continuous and competency-based, focusing on the active role of the student as the leader of each seminar. This is not a lecture course, but an executive simulation environment. The student participates as a CISO responsible for facing a challenge, and their capacity for analysis, communication, leadership and decision-making is tested based on a realistic situation.

The course is structured in 5 seminars (one per challenge), and the student takes turns leading at least one of these seminars. The role of the expert is to accompany, challenge and guide, but not to direct.

Evaluation Criteria

- Leadership of the assigned seminar: 40%
Ability to lead the session, prepare the scenario, distribute roles, lead decision-making and manage interactions. Clarity, coherence and the ability to executive synthesis are valued.

- Active participation in seminars: 30%
Critical and constructive involvement in seminars led by others. The ability to provide professional judgment, ask relevant questions and enrich the debate is valued.

- Personal written reflection on learning: 20%
Writing a short final report (1-2 pages per seminar) that includes the decisions made, the lessons learned and a self-assessment of one's own role.

- Attitude, maturity and teamwork: 10%
Professional empathy, the ability to collaborate, active listening and adaptation to the role of a cybersecurity manager are assessed.

Basic Bibliography

Real documentation (anonymous or fictitious) of practical cases: DRP plans, forensic reports, crisis communication templates, etc. provided by invited experts.

Additional Material

Guest experts videos with explanations

Recent news and incidents that serve as a scenario for simulation or analysis.