Curriculum for the Professional Master's Programme in Cyber Security and Privacy, 2022
1: Preface
Pursuant to consolidation Act 778 of August 7, 2019 on Universities (the University Act), the following is established. The programme also follows the Examination Policies and Procedures incl. the Joint Programme Regulations for Aalborg University.
2: Basis in Ministerial orders
The Professional Master’s Degree programme is organised in accordance with the Ministry of Higher Education and Science’s Order no. 19 of January 9, 2020 on Professional Master’s Degree Programmes, Ministerial Order no. 2272 of December 1, 2021 on Part-time University Programmes (the Part-Time Order)), and Ministerial Order no. 2271 of December 1, 2021 on University Examinations (the Examination Order). Further reference is made to Ministerial Order no. 114 of February 3, 2015 (the Grading Scale Order).
3: Campus
The programme is offered in Copenhagen.
4: Faculty affiliation
The Master programme falls under the The Technical Faculty of IT and Design, Aalborg University.
5: Study board affiliation
The Master programme falls under the Study Board of Electronics and IT.
6: Affiliation to corps of external examiners
The Master programme is associated with the Civil engineering corps of external examiners.
7: Admission requirements
Admission to the master programme presupposes a relevant higher education at least at bachelor level and at least 2 years of relevant professional experience pursuant to the completion of a qualifying exam.
Relevant bachelor educations are:
- Bachelor of Science (BSc) or Bachelor of Engineering ("diplomingeniør") degree within the fields of IT, Communication or Electronics.
- Bachelor degree within the area of Computer Science, Software Technologies, Information Management or simlar
- Bachelor from business academies ("professionsbachelor") with an education within IT
Also, there will be individual assessment based on work experience - and if the academic qualifications are missing it can be assessed whether work qualifications can be set equal to an education in IT.
All applicants must prove that their English language qualifications is equivalent to level B (Danish level) in English.
8: The programme title in Danish and English
The Master programme entitles students to the Danish title: Master i cybersikkerhed og privacy. English title: Master of Cyber Security and Privacy
9: Programme specifications in ECTS credits
The education is the equivalent of a one-year full-time study (60 ECTS) offered as: a) two years of part-time study or b) three years of part-time study. Invididual modules of the programme can also be followed to the extent that the necessary prerequisites are met.
10: Rules concerning credit transfer (merit), including the possibility for choice of modules that are part of another programme at a university in Denmark or abroad
The Study Board can approve that passed programme elements from other educational programmes at the same level replaces programme elements within this programme (credit transfer).
Furthermore, the Study Board can, upon application, approve that parts of this programme is completed at another university or a further education institution in Denmark or abroad (pre-approval of credit transfer).
The Study Board’s decisions regarding credit transfer are based on an academic assessment.
11: Exemption
The Study Board’s possibilities to grant exemption, including exemption to further examination attempts and special examination conditions, are stated in the Examination Policies and Procedures published at this website: https://www.studieservice.aau.dk/regler-vejledninger
12: Rules for examinations
The rules for examinations are stated in the Examination Policies and Procedures published at this website: https://www.studieservice.aau.dk/regler-vejledninger
13: Rules concerning written work
In the assessment of all written work, regardless of the language it is written in, weight is also given to the student's formulation and spelling ability, in addition to the academic content. Orthographic and grammatical correctness as well as stylistic proficiency are taken as a basis for the evaluation of language performance. Language performance must always be included as an independent dimension of the total evaluation. However, no examination can be assessed as ‘Pass’ on the basis of good language performance alone; similarly, an examination normally cannot be assessed as ‘Fail’ on the basis of poor language performance alone.
The Board of Studies can grant exemption from this in special cases (e.g., dyslexia or a native language other than Danish).
The Master’s project must include an English summary. If the project is written in English, the summary can be in Danish. The summary is included in the evaluation of the project as a whole.
14: Requirements regarding the reading of texts in a foreign language
It is assumed that the student can read academic texts and use reference works, etc., in English.
15: Competence profile on the diploma
The following competence profile will be given in the diploma:
A graduate of the Master programme has competencies acquired through the course of an educational programme based in the integration of research results and practical experiences.
The graduate of the Master programme can through scientifically grounded personal and professional competencies perform highly qualified functions inthe labor market.
16: Competence profile of the programme
Knowledge:
- Must have knowledge about how different IT systems work in an enterprise and assess their value and risk for the enterprise from a security and privacy angle
- Must have knowledge about the analysis of complex security problems in enterprises.
- Must have knowledge about the relation between security risks and business processes, including identification and protection of business critical assets.
- Must have knowledge that is based on the highest international research in a number of subject areas within
- Network and application security
- Enterprise technologies
- Risk assessment
- Privacy analysis
- Enterprise security and compliance
- IT security regulation and governance
Skills:
- Must be able to perform threat, vulnerability and risk analyses of an enterprise system or the enterprise as a whole
- Must be able to perform risk mitigation analysis of an enterprise system or the enterprise as a whole
- Must have skills in monitoring and analysing network activity and traffic, including techniques for detection of anomalies and malicious activities.
- Must be able to choose the most relevant theory/model and perform a security analysis and evaluation of a system/network.
- Must be able to use various state-of-the-art frameworks for identifying adversaries as well as for developing/deploying attacks
- Must have skills in communicating cyber security challenges and solutions to non-experts.
Competences:
- Must have the competencies to develop compliant IT and security strategies for an enterprise
- Must have the competencies to develop compliant privacy data-protection strategies for an enterprise
- Must have the competency to assess and select relevant scientific and technical literature within the various subject areas of cyber security and privacy
- Must have the competency to connect research challenges and questions within cyber security and privacy to real world problems and products that will have an impact on society
- Must have the competency to analyse cyber risks and identify cyber security needs of an organization
- Must have the competency to compare and assess the potential of different technologies, methods and approaches to make proper security design choices
17: Structure and Contents of the programme
The programme is structured in modules and organised as a problem-based study. A module is a programme element or a group of programme elements, which aims to give students a set of professional skills within a fixed time frame specified in ECTS credits, and concluding with one or more examinations within specific exam periods. Examinations are defined in the curriculum.
The programme is based on a combination of academic, problem-oriented and interdisciplinary approaches and organized based on the following work and evaluation methods that combine skills and reflection:
- lectures
- classroom instruction
- Online teaching
- project work
- workshops
- exercises (individually and in groups)
- self-study
- teacher feedback
- reflection
18: Overview of the programme
Offered as:
1-professional | ||||||
| Module name | Course type | ECTS | Applied grading scale | Evaluation method | Assessment method | Language |
1 Semester
| ||||||
|
Security and Privacy in Organisational Systems
(ESNMCSPM1P1) | Project | 10 | 7-point grading scale | Internal examination | Oral exam based on a project | English |
|
Application and Network Security
(ESNMCSPM1K1) | Course | 5 | 7-point grading scale | Internal examination | Written or oral exam | English |
|
Data Protection and Privacy
(ESNMCSPM1K2) | Course | 5 | 7-point grading scale | Internal examination | Written or oral exam | English |
2 Semester
| ||||||
|
Compliance and the Enterprise
(ESNMCSPM2P1) | Project | 10 | 7-point grading scale | External examination | Oral exam based on a project | English |
|
Enterprise Security and Compliance
(ESNMCSPM2K1) | Course | 5 | 7-point grading scale | Internal examination | Written or oral exam | English |
|
Emerging Technologies and Security
(ESNMCSPM2K2) | Course | 5 | 7-point grading scale | Internal examination | Written or oral exam | English |
3 Semester
| ||||||
|
3RD SEMESTER PROJECT
CHOOSE 1 PROJECT MODULE
| Project | 15 | ||||
|
3RD SEMESTER COURSE MODULE
CHOOSE 1 COURSE MODULE
| Course | 5 | ||||
3RD SEMESTER PROJECT CHOOSE 1 PROJECT MODULE | ||||||
| Module name | Course type | ECTS | Applied grading scale | Evaluation Method | Assessment method | Language |
|
Master's Project: Strategies for Secure Organisations
(ESNMCSPM3P1) | Project | 15 | 7-point grading scale | Internal examination | Master's thesis/final project | English |
|
Master's Project: Privacy and Data Protection Strategies
(ESNMCSPM3P2) | Project | 15 | 7-point grading scale | Internal examination | Master's thesis/final project | English |
|
Master's Project: Governance of Security
(ESNMCSPM3P3) | Project | 15 | 7-point grading scale | Internal examination | Master's thesis/final project | English |
3RD SEMESTER COURSE MODULE CHOOSE 1 COURSE MODULE | ||||||
| Module name | Course type | ECTS | Applied grading scale | Evaluation Method | Assessment method | Language |
|
Usable Privacy and Security
(ESNMCSPM3K1) | Course | 5 | 7-point grading scale | Internal examination | Written or oral exam | English |
|
Advanced Network and System Security
(ESNMCSPM3K2) | Course | 5 | 7-point grading scale | Internal examination | Written or oral exam | English |
|
Regulation of Cyber Security
(ESNMCSPM3K3) | Course | 5 | 7-point grading scale | Internal examination | Written or oral exam | English |
19: Additional information
20: Commencement and transitional rules
The curriculum is approved by the dean and enters into force as of September 1, 2022.
The Study Board does not offer teaching after the previous curriculum from 2020 after the summer examination 2024.
The Study Board will offer examinations after the previous curriculum, if there are students who have used examination attempts in a module without passing. The number of examination attempts follows the rules in the Examination Order.