About Cyber Security, UMUC, cyber security university.#Cyber #security #university


#

Introduction to Cyber Security

Network outages, hacking, computer viruses, and similar incidents affect our lives in ways that range from inconvenient to life-threatening. As the number of mobile users, digital applications, and data networks increase, so do the opportunities for exploitation.

Cyber security, also referred to as information technology security, focuses on protecting computers, networks, programs, and data from unintended or unauthorized access, change, or destruction.

Government agencies, the military, corporations, financial institutions, hospitals, and other groups collect, process, and store a great deal of confidential information on computers and transmit that data across networks to other computers. With the growing volume and sophistication of cyber attacks, ongoing attention is required to protect sensitive business and personal information, as well as safeguard national security.

Cyber security university

Mike Bruni of Booz Allen Hamilton discusses how the field of cybersecurity can affect your everyday activities.

Cyber security university

And when you’re at UMUC…that is the time to take your innovative ideas and tinker with them and mature them. And then offer them to the greater good. Because cyber space is open to all of us. So when you innovate, you’re helping all of us.

Former Vice President of U.S. Public Sector Cybersecurity Practice, HP Enterprise Services

Cyber security university

Since 2010, more than 4,000 UMUC students have graduated with a degree in cybersecurity. Now, we are preparing the next generation of leaders with more than 8,000 students currently enrolled in the program.

Cyber Security Careers

UMUC is uniquely positioned to fill the increasing demand pipeline for cyber security jobs. There will be a 1.5 million projected global shortfall of cyber security professionals by 2019. Source Plus, opportunities are close by: The demand for cyber security professionals is expected to grow. Source When you study with UMUC, you’ll be learning in the backyard of prospective employers!

Cyber Security Glossary of Terms

Learn cyber speak by familiarizing yourself with cyber security terminology from the Department of Homeland Security.

The ability and means to communicate with or otherwise interact with a system, to use system resources to handle information, to gain knowledge of the information the system contains, or to control system components and functions.

An actual assault perpetrated by an intentional threat source that attempts to alter a system, its resources, its data, or its operations.

A list of entities that are blocked or denied privileges or access.

A computer connected to the Internet that has been surreptitiously/secretly compromised with malicious logic to perform activities under the remote command and control of a remote administrator.

A model for enabling on-demand network access to a shared pool of configurable computing capabilities or resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.

The systems and assets, whether physical or virtual, so vital to society that the incapacity or destruction of such may have a debilitating impact on the security, economy, public health or safety, environment, or any combination of these matters.

The use of mathematical techniques to provide security services, such as confidentiality, data integrity, entity authentication, and data origin authentication.

The interdependent network of information technology infrastructures that includes the Internet, telecommunications networks, computer systems, and embedded processors and controllers.

The unauthorized movement or disclosure of sensitive information to a party, usually outside the organization, that is not authorized to have or see the information.

The processes and specialized techniques for gathering, retaining, and analyzing system-related data (digital evidence) for investigative purposes.

Enterprise Risk Management

A comprehensive approach to risk management that engages people, processes, and systems across an organization to improve the quality of decision making for managing risks that may hinder an organization’s ability to achieve its objectives.

The measures that protect and defend information and information systems by ensuring their availability, integrity, and confidentiality.

The process and methods for analyzing information from networks and information systems to determine if a security breach or security violation has occurred.

The numerical value used to control cryptographic operations, such as decryption, encryption, signature generation, or signature verification.

Software that compromises the operation of a system by performing an unauthorized function or process.

An actual assault perpetrated by an intentional threat source that attempts to learn or make use of information from a system but does not attempt to alter the system, its resources, its data, or its operations.

An evaluation methodology whereby assessors search for vulnerabilities and attempt to circumvent the security features of a network and/or information system.

A digital form of social engineering to deceive individuals into providing sensitive information.

A set of software tools with administrator-level access privileges installed on an information system and designed to hide the presence of the tools, maintain the access privileges, and conceal the activities conducted by the tools.

The level of confidence that software is free from vulnerabilities, either intentionally designed into the software or accidentally inserted at any time during its lifecycle, and that the software functions in the intended manner.

A computer program that can replicate itself, infect a computer without permission or knowledge of the user, and then spread or propagate to another computer.

A list of entities that are considered trustworthy and are granted access or privileges.

Articles About Cyber Security

  • Big Data: Dream or Potential Nightmare?: The vast amount of data being generated in our technologically connected world presents cyber security concerns.
  • Unlocking the Secrets of Cyber Security: UMUC Cyber Security Program Advisory Board members discuss the challenges of hacking, tracking, and attacking in the virtual world.

Cyber Security Students

Meet successful students and alumni in UMUC’s cyber security programs who are gaining the skills they need to succeed.

The discount for Federal employees and their spouses and eligible dependents will be applied to out-of-state tuition and specialty graduate programs. It does not apply to doctoral programs. This discount cannot be combined with the Completion Scholarship for Maryland community college students or the Pennsylvania Completion Scholarship.

Undergraduate and standard graduate program tuition for students who meet the criteria for Maryland residency will be the applicable in-state rate. Tuition for active-duty military; members of the Selected Reserves, National Guard, and the Commissioned Corps of the U.S. Public Health Service and National Oceanic and Atmospheric Administration; and the spouses and dependents of these student groups will be the applicable military or specialty rate. If you are a student using Post 9/11 benefits, please contact an advisor at 800-939-UMUC to determine if you can apply both benefits.

View important information about the education debt, earnings, and completion rates of students enrolled in certificate programs.

All students are required to pay tuition for all courses in which they are enrolled. Tuition rates are subject to the approval of the University System of Maryland Board of Regents. They may be changed, or other charges may be included, as a result of the Board of Regents decisions. Notwithstanding any other provision of this or any other university publication, the university reserves the right to make changes in tuition, fees and other charges at any time such changes are deemed necessary by the university and the USM Board of Regents.

The Board of Regents has authorized the university to charge a student’s delinquent account for all collection costs incurred by the university. The normal collection fee is 17 percent plus attorney and/or court costs. The service charge for a dishonored check is $30. Requests for services (for example, transcripts, diplomas, registration) will be denied until all debts are paid.

Please see the USM residency policy for specific details about residency requirements.

Financial aid and tuition remission for University System of Maryland employees cannot be applied to noncredit courses. Golden ID benefits may not be applied to fees, noncredit courses, specialty graduate programs, or doctoral programs. Regular tuition rates apply for cooperative education, course challenge examinations, and EXCEL 301.

GI Bill is a registered trademark of the U.S. Department of Veterans Affairs. More information about education benefits offered by VA is available on the U.S. government GI Bill website.

The UCSP 615 requirement may be waived if you previously earned a graduate degree from a regionally accredited institution. For more information, contact your academic advisor.


New Wave of Ransom Threats Seen in Unprecedented Attack #chase #cyber #attack


#

New Wave of Ransom Threats Seen in Unprecedented Attack

Europol Says Over 200,000 Computers Hit in Global Attack

An unrivaled global cyber-attack is poised to continue claiming victims Monday as people return to work and turn on their desktop computers, even as hospitals and other facilities gained the upper hand against the first wave.

More than 200,000 computers in at least 150 countries have so far been infected, according to Europol, the European Union s law enforcement agency. The U.K. s National Cyber Security Centre said new cases of so-called ransomware are possible at a significant scale.

We ve seen the rise of ransomware becoming the principal threat, I think, but this is something we haven t seen before — the global reach is unprecedented, Europol Executive Director Rob Wainwright said on ITV s Peston on Sunday broadcast.

The malware used a technique purportedly stolen from the U.S. National Security Agency. It affected the U.K. s National Health Service, Russia s Ministry of Interior, China government agencies, Germany s Deutsche Bahn rail system, automakers Nissan Motor Co. and Renault SA, PetroChina, logistics giant FedEx Corp. and other company and hospital computer systems in countries from Eastern Europe to the U.S. and Asia.

The hackers used the tool to encrypt files within affected computers, making them inaccessible, and demanded ransom — typically $300 in bitcoin. Russia and Ukraine had a heavy concentration of infections, according to Dutch security company Avast Software BV.

Microsoft Corp. President Brad Smith, in a blog post Sunday, said the attack is a wake-up call for governments in the U.S. and elsewhere to stop stockpiling tools to exploit digital vulnerabilities. They need to take a different approach and adhere in cyberspace to the same rules applied to weapons in the physical world, he said.

Normal Operations

About 97 percent of U.K. facilities and doctors disabled by the attack were back to normal operation, Home Secretary Amber Rudd said Saturday after a government meeting. At the height of the attack Friday and early Saturday, 48 organizations in the NHS were affected, and hospitals in London, North West England and Central England urged people with non-emergency conditions to stay away as technicians tried to stop the spread of the malicious software.

The initial attack was stifled when a security researcher disabled a key mechanism used by the worm to spread, but experts said the hackers were likely to mount a second attack because so many users of personal computers with Microsoft operating systems couldn t or didn t download a security patch released in March that Microsoft had labeled critical.

Microsoft said in a blog post Saturday that it was taking the highly unusual step of providing the patch for older versions of Windows it was otherwise no longer supporting, including Windows XP and Windows Server 2003.

While the scale of the attack shows Microsoft needs to strengthen its own capabilities, there is simply no way for customers to protect themselves against threats unless they update their system, Smith said in his blog post. Otherwise they re literally fighting the problems of the present with tools from the past.

This attack is a powerful reminder that information technology basics like keeping computers current and patched are a high responsibility for everyone, and it s something every top executive should support.

Matt Suiche, founder of United Arab Emirates-based cyber security firm Comae Technologies, said he s seen a variant on the original malware that still contains a kill-switch mechanism — though future versions could find a way to overcome it. We are lucky that this logic bug is still present, Suiche said.

A message informing visitors of a cyber attack is displayed on the NHS website on May 12.

Photographer: Carl Court/Getty Images

Victims have paid about $50,000 in ransom so far, with the total expected to rise, said Tom Robinson, chief operating officer and co-founder of Elliptic Enterprises Ltd. a ransomware consultant that works with banks and companies in the U.K. U.S. and Europe. Robinson, in an interview by email, said he calculated the total based on payments tracked to bitcoin addresses specified in the ransom demands.

Last year an acute-care hospital in Hollywood paid $17,000 in bitcoin to an extortionist who hijacked its computer systems and forced doctors and staff to revert to pen and paper for record-keeping.

Business Targets

A spokesman for Spain s Telefonica SA said the hack affected some employees at its headquarters, but the phone company is attacked frequently and the impact of Friday s incident wasn t major. FedEx said it was experiencing interference, the Associated Press reported.

Renault halted production at some factories to stop the virus from spreading, a spokesman said Saturday, while Nissan s car plant in Sunderland, in northeast England, was affected without causing any major impact on business, an official said.

In Germany, Deutsche Bahn faced technical disruptions on electronic displays at train stations, but travel was unaffected, the company said in a statement on its website. Newspaper reports showed images of a ransomware message on display screens blocking train information.

Russia s Interior Ministry, with oversight of the police forces, said about 1,000 computers were infected, which it described as less than 1 percent of the total, according to its website.

In China, the malware affected computers at several unspecified government departments, the country s Cyberspace Administration said on its WeChat blog Monday. Since that initial attack, agencies and companies from the police to banks and communications firms have put preventive measures in place, while Qihoo 360 Technology Co. Tencent Holdings Ltd. and other cybersecurity firms have begun making protection tools available, the internet overseer said.

The most important business stories of the day.

Get Bloomberg s daily newsletter.

China National Petroleum Corp. which owns PetroChina, reported that some of its 21,000 gas stations had seen their digital payment systems disabled by the attack and resorted to accepting cash. More than 80 percent of the stations had been reconnected to the network as of noon on May 14, the company said. Several Chinese universities had also been hit by the attacks, according to local media reports.

In Japan, Hitachi Ltd. said that some of its computers had been affected. In South Korea, CJ CGV Co.. the country s largest cinema chain, said advertising servers and displays at film theaters were hit by ransomware. Movie servers weren t affected and are running as normal, it said in a text message Monday. Indonesia s government reported two hospitals in Jakarta were affected.

While any size company could be vulnerable, many large organizations with robust security departments would have prioritized the update that Microsoft released in March and wouldn t be vulnerable to Friday s attack.

Users Tricked

Ransomware is a particularly stubborn problem because victims are often tricked into allowing the malicious software to run on their computers, and the encryption happens too fast for security software to catch it. Some security experts calculate that ransomware may bring in as much as $1 billion a year in revenue for the attackers.

The attack was apparently halted in the afternoon in the U.K. when a researcher took control of an Internet domain that acted as a kill switch for the worm s propagation, according to Ars Technica.

There is a high probability that Russian-language cybercriminals were behind the attack, said Aleks Gostev, chief cybersecurity expert for Kaspersky Labs.

Ransomware is traditionally their topic, he said. The geography of attacks that hit post-Soviet Union most also suggests that.

With assistance by Stepan Kravchenko, Ksenia Galouchko, Robert Hutton, Jack Sidders, Adam Satariano, Nour Al Ali, Aibing Guo, and Penny Peng

Before it’s here, it’s on the Bloomberg Terminal.


Types of Law Degrees and Legal Studies Degrees #cyber #law #degree, #types #of #law #degrees


#

Types of Law Degrees and Legal Studies Degrees

$136,260 for lawyers

Source: U.S. Bureau of Labor Statistics

Three main types of law degrees are available in the United States. The first degree students can enroll in is a Juris Doctor (J.D.) degree program, which can be completed after three years of full-time study. The second law degree is the Master of Laws (LL.M.). and the third degree is the Doctor of Juridical Science (S.J.D.).

Some J.D. programs may be combined with other master’s degree programs in specific facets of law, business, or public policy, and these programs might last longer than three years. The first year of study focuses on basic topics, like international law, criminal law, and civil procedure. Second and third-year students may customize their education to reflect their interests, taking electives in such areas as tax and business.

Juris Doctor

Applicants must have at least a bachelor’s degree to enter this standard law degree. Prospective students don’t need to take any undergraduate law courses or have prior experience with the judicial system. For the application, law schools will request scores for the Law School Admission Test (LSAT), recommendation letters, and in some cases a current resume.

The first year of the curriculum covers core courses. Students may then choose a concentration and complete a required number of elective classes. Some possible classes include:

  • Torts
  • Constitutional law and patent law
  • Legal writing
  • Federal litigation
  • Environmental law and public interest law
  • Law and ethics

Find schools that offer these popular programs

  • Advanced Legal Research
  • Comparative Law
  • Energy and Environmental Law
  • Financial, Banking, and Securities Law
  • Health Law
  • International Business, Trade, and Tax Law
  • International Law
  • Law Degree
  • PreLaw Studies
  • Programs for Foreign Lawyers
  • Tax Law
  • US Law

Master of Laws

Unlike most master’s degree programs, which are considered to be the first level of graduate degrees, the Master of Laws is the second professional law degree after the Juris Doctor. An LL.M program takes one year to complete with full-time study, and students may specialize in their interests, such as human rights law, environmental law, technology law, or taxation.

Because there are many different concentrations within LL.M. programs, curricula will differ. For example, a student enrolled in a tax law LL.M. program will gain a strong understanding of U.S. tax law. An LL.M. program mainly benefits international lawyers who wish to become familiar with and legally practice American law, but American lawyers who want to focus their studies on specific areas of law or prepare for an S.J.D. program may be accepted.

Classes depend largely on the type of Master of Laws degree program students pursue. Core courses in a particular area of the law must be completed, and then students choose electives of interest to them. Potential courses may include:

  • Estate planning
  • Corporate tax problems
  • Local and state taxation
  • Intellectual property law
  • Bankruptcy

Doctor of Juridical Science

The most advanced law degree in the United States, the Doctor of Juridical Science program, can be completed on a full-time basis in three years. Many applicants to a Doctor of Juridical Science program are established law professionals with many years of experience. In addition, an S.J.D. program qualifies students to work in academic settings as law professors.

The program, which is research-intensive, requires students to know their research interests before beginning the application process. Most of a student’s time will be spent on the completion and defense of a dissertation. The course requirements are typically dealt with during the first year of enrollment and determined by students in conjunction with their advisors.

A majority of the S.J.D. curriculum gets spent researching and writing a dissertation. However, a small number of courses must be completed before students begin their projects. Classes appeal to an individual’s interests, and they may include:

  • Legal research
  • Business law
  • Legal advocacy
  • Family law
  • Migration law

Continuing Education Information

Graduates of a Juris Doctor (J.D.) program need to pass the bar exam before they can begin practicing law. Each state administers its own bar exam, but most require candidates to have graduated from a law school accredited by the American Bar Association (ABA). Lawyers may pursue licensure through the state in which they wish to practice law.

Job Outlook and Salary Information

According to the U.S. Bureau of Labor Statistics (BLS), the employment of lawyers was expected to increase by 6% from 2014 to 2024. Law firms, corporations, and government agencies often hire lawyers. Fierce competition was predicted due to the large number of law school graduates. The annual salary of a lawyer in May 2015 was $136,260.

Doctoral graduates may work in academia, teaching and writing papers while employed by a major law school. The BLS reported that the employment of post-secondary teachers would increase by 13% between 2014 and 2024. Postsecondary law teachers were listed as making a mean annual salary of $126,230 in May 2015.

Next: View Schools

Although many people think of lawyers and judges when they think about law careers, there are a number of other careers in law.

Persistence, critical reading and people skills are all required of a good law student. Do you see law school in your future.

In today’s economy, many students are considering graduate school enrollment in order to delay entering a depressed job market.

When thinking about a career path, many people consider the well-respected profession of an attorney. The law profession has.

  • Master
      • Master of Arts in Government – Law and Public Policy
      • Master of Arts in Law – General Legal Studies
      • Master of Arts in Law – Criminal Justice
  • Bachelor
      • Bachelor of Science in Paralegal Studies
      • Bachelor of Arts in Government – Pre-Law
      • Bachelor of Arts in Leadership Studies – Government
      • Bachelor of Applied Science in Criminal Justice
      • Bachelor of Arts in Leadership Studies – Criminal Justice
      • Bachelor of Science in Criminal Justice

Get Started with Regent University

8 Saint Joseph’s University

Minimum eligibility requirements:
  • Must have a Bachelor’s degree or higher
School locations:

Get Started with Saint Joseph’s University

9 University of the Rockies

Minimum eligibility requirements:
  • Psychology programs do not lead to licensure and do not prepare an individual to become a licensed psychology professional
  • An online degree does not lead to teacher licensure in any state; online education programs are not CAE or TEA or NCATE accredited which is a requirement for certification in some states.
School locations:
  • Doctorate
      • Doctor of Psychology – Criminology and Justice Studies
  • Master
      • Master of Arts in Psychology – Criminology and Justice Studies

McCaul: Expect a Major IT Modernization Push after Cyber Executive Order #major #in #cyber #security


#

McCaul: Expect a Major IT Modernization Push after Cyber Executive Order

A long-delayed cybersecurity executive order due out from the Trump administration could be a launching pad for a major push to replace outdated government technology, the House Homeland Security Chairman said Thursday.

That modernization drive will likely be led by a modernizing government technology bill, sponsored by committee member Rep. Will Hurd, R-Texas, which passed the House last Congress but stalled in the Senate, Rep. Michael McCaul, R-Texas, said at a cybersecurity event hosted by the wireless industry group CTIA.

Hurd is expected to reintroduce that bill soon.

Get the best federal technology news and ideas delivered right to your inbox. Sign up here.

I don t want to get ahead of the White House, but my sense is you re going to see a modernization act, McCaul said.

Within the federal network system, we have these legacy systems that are very antiquated, he said, which makes us more vulnerable to an attack like the [Office of Personnel Management] breach.

That 2015 breach, linked to the Chinese government, compromised sensitive security clearance information about more than 20 million current and former federal employees and their families.

McCaul expects the cyber executive order to be released in the near future, he said.

The chairman also plans to introduce legislation soon to create an independent cybersecurity agency within the Department of Homeland Security that has a more direct line to top department officials, he said.

The White House reviewed that proposal and recently supplied some technical tweaks, which McCaul was waiting on before introducing the bill, he said. The tweaks suggest the White House supports the bill, he said.

McCaul plans to introduce that legislation as a standalone bill, he said, separate from a larger initiative to reauthorize all of DHS s operations.

The chairman plans to introduce legislation today that would expand the CyberCorps Scholarship for Service program. which provides scholarships for information security professionals who agree to work for the government. The new bill would expand that program to include scholarships for graduates who plan to teach cybersecurity at the university level, he said.

McCaul also plans to reintroduce legislation soon to form a high-level commission to investigate the benefits of encryption and the danger it poses when terrorists and criminals communicate using spy-proof systems. McCaul and Sen. Mark Warner, D-Va. first floated that plan in February 2016 as the FBI was trying to compel Apple to help it crack into an encrypted iPhone used by San Bernardino shooter Syed Farook.

JOIN THE DISCUSSION

By using this service you agree not to post material that is obscene, harassing, defamatory, or otherwise objectionable. Although GovExec.com does not monitor comments posted to this site (and has no obligation to), it reserves the right to delete, edit, or move any material that it deems to be in violation of this rule.

Please enable JavaScript to view the comments powered by Disqus.


Counterintelligence Courses and Briefings – CI CENTRE #counterintelligence,counter-intelligence, #counterintel,counterespionage,spy, #espionage, #spies, #spying, #counterintelligence #training,ci, #ci


#

The CI Centre has over 50+ already-developed commercial off-the-shelf (COTS) training courses and briefings which can immediately be provided to your organization. They are conveniently on the GSA Schedule for quick, easy and immediate ordering at the best price already negotiated by the US Government.

Since 1997, we have provided this training to over 70,000 Intelligence Community, Military, Law Enforcement and Corporate clients—and have consistently received the best course feedback by these attendees.

We can provide the courses at your organization’s location or at a third-party facility.

Your employees will benefit by learning directly from our world-class team of experts who each have 25-40+ years of real-world experience and expert knowledge to share in the counterintelligence, counterterrorism, investigations and security fields.

As a manager, you will benefit from the rave course reviews, increased interest and buy-in to CI, CT and security, and a valuable workforce that is more aware of potential threats. Plus, the CI Centre is a turnkey company, meaning you can let us handle everything from registration to certificates.

Let’s talk about how your organization can receive immediate, needed training by scheduling one or more of our courses and briefings for your employees. Call us at 1-800-779-4007 or 703-642-7450 or use our Contact Us form.

Counterintelligence Strategy, Tactics and Skills

COTS Training Courses and Briefings

ADVANCED COUNTERINTELLIGENCE STRATEGY SKILLS

CI Centre’s Commercial Off-the-Shelf (COTS) training courses taught by our expert instructors offer significant savings in procurement and maintenance to federal/state/local government and corporate organizations and we offer easy and efficient ordering.

• Our COTS training courses have already been fully designed and developed. Your organization does not pay for the design and development costs because these are COTS courses.

• Our instructors are ready to deliver them to your organization—right now. You don’t use your own time, personnel and resources.

• Our COTS courses are proven, successful entities, many of which have been delivered since 1996. You are purchasing a vetted course whose feedback from attendees has been consistently positive.

• The information in COTS courses are kept up-to-date by the CI Centre. Your organization is not charged this maintenance.

• Courses can be delivered by our expert instructors at our facility in Falls Church, VA (outside Washington, DC, at a third-party facility, or we can come to your location (travel expenses extra).

• With set prices for the COTS courses, ordering is quick, easy and efficient. No need to write or issue Statements or Work, Request for Proposals or Bids, or conduct surveys—GSA has already negotiated the best price for the US Government. GSA Contract Number: GS-02F-0210R. Schedule 874 Mission Oriented Business Integrated Services (MOBIS) under name of parent company David G. Major Associates, Inc.

• Government credit cards are accepted as a form of payment for all purchases. We have the ability to meet your end-of-year money training requests.

With COTS courses ready-to-go, your organization can fulfill your training requirements right now.

For modified, tailored and customized courses (content, length) and training solutions, please give us a call.

To schedule one or more courses for your organization, use our Contact Form or call us at 1-800-779-4007 or 703-642-7450.

Training cannot be provided without your Contracting Officer’s official approval and signature on our training contract agreement. No other person/official, however senior, may approve of the funds released for the training except the Contracting Officer. (Note: the Contracting Officer is different from the COTR)


Cyber Security, Threat Intelligence and Forensics #cyber #security


#

Cyber Security, Threat Intelligence and Forensics

In Brief:

  • You will develop practical and real-world skills in all major areas of cyber security, cyber forensics, cyber warfare and cyber threat intelligence to fight against Advanced Persistent Threats (APTs)
  • You will prepare yourself to obtain professional security certifications such as CISSP and CCFP
  • You will be among the most employable people on the planet!
  • Part-time study option
  • International students can apply

Course Summary

This course builds on your previous knowledge of computer science and Information Technology (IT), and aims to provide you with an in-depth specialism in the fields of cyber security, cyber threat intelligence and digital forensics. You will gain advanced and in-depth knowledge of penetration testing, cyber forensics, malware reverse engineering and software vulnerability and will exploit research using a very hands-on approach. You will gain practical and real-world skills in all major areas of cyber security including penetration testing, digital forensics, cyber warfare and threat intelligence. Moreover, you will learn how to apply your skills in analysis, testing and maintenance of software systems or enterprise networks from a cyber security perspective.

You will use your penetration testing and vulnerability assessment skills in finding weaknesses in existing devices and applications and to advise developers or network administrators to secure their application or environment. Your cyber forensics skills can be used to identify, collect, preserve and analyse a wide range of digital evidences and present them in the court of law. You will use your knowledge of programming to analyse different malwares to determine how they work and how countermeasures can be developed. Only a small percentage of cyber security professionals are capable of analysing advanced persistent threats and are capable of understanding and managing malware campaigns. Finally, your cyber threat intelligence knowledge and skills will help you to strategically fight against organised cyber crimes, understand and analyse cyber warfare activities and propose appropriate defensive and offensive mechanisms to reduce or eliminate those risks.

You will have close and active contact with industry experts with the opportunity to attend regular industry guest lecture programs in cyber security while you operate within a well-formed professional and ethical framework.

This course contains five modules as follows:

Cyber Forensics and Malware Investigation

You will develop the skills, methodologies and processes to conduct in-depth computer and network investigation, including malware analysis and reversing techniques. This module provides early preparation for you to complete the Certified Cyber Forensics Professional (CCFP) exam.

Information Security in Practice

You will study threats to information security, technologies used to detect and combat them, and techniques and tools used to manage and investigate incidents. This module prepares you to complete the Certified Information Systems Security Professional (CISSP) exam.

Penetration Testing and Exploit Development

You will study network and host-based penetration testing tools and techniques and methods for vulnerability detection, exploiting development and countermeasures. This course provides the information needed in order to obtain ethical hacking and exploit development certifications.

Cyber Threat Intelligence

You will study techniques for detecting, responding to and defeating organised cyber crimes and cyber war activities, analysing successful and unsuccessful advanced persistent threats and malware campaigns.

Project

You will work under the direction of an academic supervisor to research a suitable problem, and to develop and evaluate a solution that demonstrates originality in the application of your knowledge.

Entry Requirements

The minimum entry requirement is a 2.2 honours in Computer Science or other related computing discipline with knowledge of programming and networking. Other applicants with a strong cyber security background are welcome to apply and will be considered on a case-by-case basis.

Salford Alternative Entry Scheme (SAES)

We welcome applications from students who may not have formal/traditional entry criteria but who have relevant experience or the ability to pursue the course successfully.

The Accreditation of Prior Learning (APL) process could help you to make your work and life experience count. The APL process can be used for entry onto courses or to give you exemptions from parts of your course.

Two forms of APL may be used for entry: the Accreditation of Prior Certificated Learning (APCL) or the Accreditation of Prior Experiential Learning (APEL).

English Language Requirements

International applicants will be required to show a proficiency in English. An IELTS score of 6.5 (no element below 5.5) is proof of this.

Suitable For

Suitable for graduates of a computing subject that includes programming and networking, and who love go down to a low level to discover how things work.

The Postgraduate Bursaries and Scholarships for 2017-18 entry are currently under review and subject to change. A revised schedule of scholarships and bursaries will be published in Spring 2017.

Teaching

  • Projects and assignments enable you to apply what you have learned to a realistic problem; to develop independent learning skills; to demonstrate an ability make decisions in uncertain situations; and to develop your ability to compare and contrast alternative technologies.
  • Group activities in class are used to develop your team working and professional skills (though all assessment is individual).
  • Supervised work in computer laboratories is used to put into practice principles you have covered in supporting lectures.
  • Research skills are integral to the program, and you will be required to critique examples of work and then carry out your own research-based investigations in our assignments.
  • The issue of professionalism and ethics is woven in throughout the programme, and issues must be identified and addressed as part of all assignments and projects.

Assessment

  • Examination (20%) assesses your immediate response to small or medium unseen problems
  • Coursework (45%) assesses your considered and in-depth response to a larger problem
  • Project (35%) assesses your ability to work independently, to plan a significant activity and, in carrying out the plan, to demonstrate originality in the application of your knowledge.

Postgraduate Staff Profile

Dr Ali Dehghantanha has worked as a security researcher, malware analyzer, penetration tester, security consultant and professional trainer. He researches the latest trends in Real-Time Malware Detection and Analysis in Mobile and Pervasive Systems , 0-Day Malware and Exploit Detection Techniques and Big-Data Forensics . He is serving as an EU Marie-Curie research fellow (the Marie-Curie Fellowships are Europe’s most competitive and prestigious awards, and are aimed at fostering interdisciplinary research and international collaborations) working on privacy respecting digital forensics techniques.

Some research papers:

  • Dehghantanha, A 2013, ‘Trends in Android Malware Detection’, Journal of Digital Forensics, Security, and Law.
  • Steve Watson, Ali Dehghantanha, “Digital Forensics: The Missing Piece of the Internet of Things Promise”, (Elsevier) Journal of Computer Fraud Security 2016.
  • Teing Yee Yang, Ali Dehghantanha, Raymond Choo, Mauro Conti, Tooska Dargahi, “Forensic Investigation of Cooperative Storage Cloud Service: Symform as a Case Study”, (Wiley) Journal of Forensics Sciences 2016.
  • Teing Yee Yang, Ali Dehghantanha, Kim-Kwang Raymond Choo, Zaiton Muda, “Windows Instant Messaging App Forensics: Facebook and Skype as Case Studies”, PLOSONE, Vol.11 Issue 3, 2016.
  • Farid Daryabar; Ali Dehghantanha; Brett Eterovic-Soric,Kim-Kwang Raymond Choo, “Forensic Investigation of OneDrive, Box, GoogleDrive and Dropbox Applications on Android and iOS Devices”, Australian Journal of Forensic Sciences, 2016.