logo-polimi
Loading...
Risorse bibliografiche
Risorsa bibliografica obbligatoria
Risorsa bibliografica facoltativa
Scheda Riassuntiva
Anno Accademico 2020/2021
Scuola Scuola di Ingegneria Industriale e dell'Informazione
Insegnamento 055892 - DIGITAL SECURITY MANAGEMENT
Docente Fugini Mariagrazia
Cfu 5.00 Tipo insegnamento Monodisciplinare

Corso di Studi Codice Piano di Studio preventivamente approvato Da (compreso) A (escluso) Insegnamento
Ing Ind - Inf (Mag.)(ord. 270) - BV (479) MANAGEMENT ENGINEERING - INGEGNERIA GESTIONALE*AZZZZ055892 - DIGITAL SECURITY MANAGEMENT

Obiettivi dell'insegnamento

The course Digital Security Management addresses the fundamental management and technical aspects of security in enterprises, emphasizing the need for good security management practices. The basic goal of this course is to provide concepts and practical methods about the management of security policies, methods, tools, security services, and responsibilites in organizations. The knowldege that will be acquired can enable an aware communication between those who speak the language of security and those who are acquainted with the language of enterprise, so supporting informed conversations between technology teams and organization managers. More precisely, the course aims are to: i) identify the problems and concepts of security management in organizations; ii) show how these problems can be solved through organizational and technical measures. Therefore, it describes the policies, methods, tools, and resources to set in place in private and public organizations towards these aims.


Risultati di apprendimento attesi

The course is aligned with courses taught at the major International Universities (e.g., MIT, Sloan, University of London, Universities in North Europe), and in various Schools of Management and Technical Schools.

 

The students will learn theory about security and privacy issues, and mainly practical experiences about tools to be diplayed in enterprises and organizations to set in place security plans and monitor the security services. Through interventions and testimonial, security governance and monitoring will be explained, so that group work and cooperation on cases guide the students in developing their own security solutions to specific problems presented during classes.


Argomenti trattati

The course is organized in two parts: 1) an introduction to the “language” and fundamentals of security, and of security management in particular; 2) the description of technical measures that can be adopted to deploy security management.

Security and privacy of data (and of “new data” such as Big Data, streaming data from IoT systems, Datawarehouse systems) is focused. The GDPR and its application are analyzed through descriptions of guidelines to security plans formulation. Testimonials of security management will give cases and experiences in practical application of measures for data privacy, security plans, management of security services for privacy protection, and other security management practices in enterprises.


Prerequisiti

Concepts of software engineering and architectures, databases and information systems, enterprise management, operations. 

Teaching methodology: 

- Front classes; 
- Engaging, interactive, and personalized learning experience built upon learning tools, which include:
− key concepts and insights on the course modules
− case studies and examples on creating a culture of prevention and awareness
− ethics considerations in security explored through case studies

Interactive media will include videos and simulations, individual assignments, collaborative learning through discussion forums.

 


Modalità di valutazione

 

Evaluation method (exam):

- Evaluation of a project to be developed in groups of two students on themes assigned in class. This gives 16 points out of the total 32/30. The evaluation must be  sufficient (9 points) and the project has one solar year of validity.

- Written examination on concepts, methods, scenarios learnt in class with security experts and on all the subject presented during the classes. This gives the remanining 16 points for a total potential mark of 32/30.The evaluation must be  sufficient (9 points). The exam is in the form of open questions. 

 

 


Bibliografia
Risorsa bibliografica facoltativaSusanto, H. and Almunawar, M.N., Information Security Management Systems: A Novel Framework and Software as a Tool for Compliance with Information Security Standard, Editore: Apple Academic Press, Anno edizione: 2018
Risorsa bibliografica facoltativaPeltier, T.R., Information Security Policies, Procedures, and Standards: guidelines for effective information security management, Editore: Auerbach Publications, Anno edizione: 2016
Risorsa bibliografica facoltativaVideo https://ocw.mit.edu/courses/electrical-engineering-and-computer-science/6-858-computer-systems-security-fall-2014/video-lectures/
Risorsa bibliografica facoltativa Cybersecurity for Managers: A Playbook (online) 2020
Risorsa bibliografica facoltativaCyber DB books https://www.cyberdb.co/10-cybersecurity-books-2018/
Risorsa bibliografica obbligatoriaNotes of classes Available along the classes
Note:

Edited by the teacher

Risorsa bibliografica facoltativaFugini et al., Database Security , Editore: Addison Wesley, Anno edizione: 1995

Software utilizzato
Nessun software richiesto

Forme didattiche
Tipo Forma Didattica Ore di attività svolte in aula
(hh:mm)
Ore di studio autonome
(hh:mm)
Lezione
32:30
48:45
Esercitazione
17:30
26:15
Laboratorio Informatico
0:00
0:00
Laboratorio Sperimentale
0:00
0:00
Laboratorio Di Progetto
0:00
0:00
Totale 50:00 75:00

Informazioni in lingua inglese a supporto dell'internazionalizzazione
Insegnamento erogato in lingua Inglese
Disponibilità di materiale didattico/slides in lingua inglese
Disponibilità di libri di testo/bibliografia in lingua inglese
Possibilità di sostenere l'esame in lingua inglese
Disponibilità di supporto didattico in lingua inglese
schedaincarico v. 1.6.8 / 1.6.8
Area Servizi ICT
22/09/2021