Corporate Information SecurityLaajuus (5 op)

Osaamistavoitteet

The primary learning outcome is to understand how to apply security in a corporate environment, what to do and why. Security is much more than just installing firewalls, configuring the operating system and keeping things up to date. The most important is to understand how your company does business and build security around that. You can either secure the existing business model, or if it proves too expensive to secure, you can rethink how you do business so that security is not a significant expense. With the recent news about spying done by NSA for USA and already well known Chinese corporate espionage, the need for corporate and "cyber security" is far more important than before.

The learnings in this course apply both against for profit malware writers who are after your bank account, and corporate spies who are after your business secrets.

All in all, security is about keeping company losses to an acceptable level. In this course the student will get information just what that is all about. This course is based on the lecturer’s over 10 years of experience at F-Secure Anti-Malware and security labs.

Also the students will understand the secret difference between cyber security and corporate information security.
Or actually I tell it right here, cyber security is exactly the same as information security, except that consultants can charge more when they sell cyber security.

Basically this course is condensed version of things I have learned in doing malware and security research since 2000, so I know a thing or two about cyber attacks and
how to stop them.

Sisältö

The content of the course focuses on:
– Security problems (how systems are attacked)
– Solution models (How to protect systems)
– Tools that can be used in building secure systems

Topics include:
• Corporate Security
• Network Security
• Systems Security
• Software Security
• Incident reponse

Esitietovaatimukset

Introduction to Information Security (Tietoturvallisuuden perusteet)
IT Security (Tekninen tietoturva)

Arviointikriteerit, tyydyttävä (1)

Understands the significance of corporate information security.

Arviointikriteerit, hyvä (3)

Understands the significance of corporate information security and knows the security models and tools.

Arviointikriteerit, kiitettävä (5)

Understands the significance of corporate information security and knows the security models and tools and can implement them.