Programme/Approved Electives for 2024/25
None
Available as a Free Standing Elective
No
Aims
This module aims to provide a foundational understanding of the role of human factors in cyber security and how to design security that is usable and acceptable to a range of human actors. It also aims to introduce a broader organisational and societal perspective on security. This will include the importance of trust and collaboration for effective cyber security and how to engage stakeholders and negotiate security solutions that meet their needs.The content and terminology used is based on the 'Human Factors Knowledge Area' of 'The Cyber Security Body Of Knowledge'
Intended Learning Outcomes
support the capabilities and limitations of target users and the devices they use;: 1,2apply contextual inquiry to identify the primary tasks stakeholders are carrying out;: 1,2design well-fitting security tasks that consider mental and physical workload;: 1,2design effective approaches to support security awareness and behaviour change;: 1,2develop methods to encourage a positive security culture.: 1,2
20 hours of interactive large group sessions;10 hours of small group labs/tutorials;30 hours of directed reading/viewing;5 hours of participation in online asynchronous sessions; - active learning70 hours of preparation for assessment 1 (Design of a set of well-fitting security tasks and Design of a security awareness, education and training campaign) in small teams;5 hours of participation in cohort presentation sessions for assessment 1.10 hours of preparation for assessment 2 (Individual Work Reflection Report)
Description of Module Assessment
1: Group Project weighted 80%Design of a set of well-fitting security tasks and security awareness campaignDesign of a set of well-fitting security tasks
Students will work in small teams to identify a set of stakeholders and tasks that they carry out,
based on a case study organisation. They will then design a set of 3 security tasks that consider
the capabilities and limitations of target users and the devices they use, the context they work
within and standard usability attributes. These tasks will then be presented to the cohort in a
15-minute presentation + 15 minutes for questions. Assessment will be based on the design of
the security tasks.
b. Design of a security awareness, education, and training campaign
Students will design a security awareness, education, and training campaign that promotes a
positive security culture within a chosen organisation. This will include a review of appropriate
methods e.g., simulations and games, the proposed design of a campaign, and an outline of how
resulting behaviour change could be evaluated within a chosen organization. Students will
produce a report (2,000-word equiv.) that outlines the campaign, including reasons for its design
and behaviour changes expected.
2: Coursework weighted 20%Individual Work Reflection ReportStudents will write a summary report and reflection on their role in the group project, their
individual contribution, and how they go about making the contribution to the group work. They will
produce a report (1,000-word equiv.)