Curriculum for the Professional Master's Programme in Cyber Security and Privacy, 2022

1: Preface

Pursuant to consolidation Act 778 of August 7, 2019 on Universities (the University Act), the following is established. The programme also follows the Examination Policies and Procedures incl. the Joint Programme Regulations  for Aalborg University.

2: Basis in Ministerial orders

The Professional Master’s Degree programme is organised in accordance with the Ministry of Higher Education and Science’s Order no. 19 of January 9, 2020 on Professional Master’s Degree Programmes, Ministerial Order no. 2272 of December 1, 2021 on Part-time University Programmes (the Part-Time Order)), and Ministerial Order no. 2271 of December 1, 2021 on University Examinations (the Examination Order). Further reference is made to Ministerial Order no. 114 of February 3, 2015 (the Grading Scale Order).

3: Campus

The programme is offered in Copenhagen.

4: Faculty affiliation

The Master programme falls under the The Technical Faculty of IT and Design, Aalborg University.

5: Study board affiliation

The Master programme falls under the Study Board of Electronics and IT.

6: Affiliation to corps of external examiners

The Master programme is associated with the Civil engineering corps of external examiners.

7: Admission requirements

Admission to the master programme presupposes a relevant higher education at least at bachelor level and at least 2 years of relevant professional experience pursuant to the completion of a qualifying exam.

Relevant bachelor educations are:

  • Bachelor of Science (BSc) or Bachelor of Engineering ("diplomingeniør") degree within the fields of IT, Communication or Electronics.
  • Bachelor degree within the area of Computer Science, Software Technologies, Information Management or simlar
  • Bachelor from business academies ("professionsbachelor") with an education within IT

Also, there will be individual assessment based on work experience - and if the academic qualifications are missing it can be assessed whether work qualifications can be set equal to an education in IT.

All applicants must prove that their English language qualifications is equivalent to level B (Danish level) in English.

8: The programme title in Danish and English

The Master programme entitles students to the Danish title: Master i cybersikkerhed og privacy. English title: Master of Cyber Security and Privacy

9: Programme specifications in ECTS credits

The education is the equivalent of a one-year full-time study (60 ECTS) offered as: a) two years of part-time study or b) three years of part-time study. Invididual modules of the programme can also be followed to the extent that the necessary prerequisites are met.

10: Rules concerning credit transfer (merit), including the possibility for choice of modules that are part of another programme at a university in Denmark or abroad

The Study Board can approve that passed programme elements from other educational programmes at the same level replaces programme elements within this programme (credit transfer).

Furthermore, the Study Board can, upon application, approve that parts of this programme is completed at another university or a further education institution in Denmark or abroad (pre-approval of credit transfer).

The Study Board’s decisions regarding credit transfer are based on an academic assessment.

11: Exemption

The Study Board’s possibilities to grant exemption, including exemption to further examination attempts and special examination conditions, are stated in the Examination Policies and Procedures published at this website: https://www.studyservice.aau.dk/rules

12: Rules for examinations

The rules for examinations are stated in the Examination Policies and Procedures published at this website: https://www.studyservice.aau.dk/rules

13: Rules concerning written work

In the assessment of all written work, regardless of the language it is written in, weight is also given to the student's formulation and spelling ability, in addition to the academic content. Orthographic and grammatical correctness as well as stylistic proficiency are taken as a basis for the evaluation of language performance. Language performance must always be included as an independent dimension of the total evaluation. However, no examination can be assessed as ‘Pass’ on the basis of good language performance alone; similarly, an examination normally cannot be assessed as ‘Fail’ on the basis of poor language performance alone.

The Board of Studies can grant exemption from this in special cases (e.g., dyslexia or a native language other than Danish).

The Master’s project must include an English summary. If the project is written in English, the summary can be in Danish. The summary is included in the evaluation of the project as a whole.

14: Requirements regarding the reading of texts in a foreign language

It is assumed that the student can read academic texts and use reference works, etc., in English.

15: Competence profile on the diploma

The following competence profile will be given in the diploma:

A graduate of the Master programme has competencies acquired through the course of an educational programme based in the integration of research results and practical experiences.

The graduate of the Master programme can through scientifically grounded personal and professional competencies perform highly qualified functions inthe labor market.

16: Competence profile of the programme

Knowledge:

  • Must have knowledge about how different IT systems work in an enterprise and assess their value and risk for the enterprise from a security and privacy angle
  • Must have knowledge about the analysis of complex security problems in enterprises.
  • Must have knowledge about the relation between security risks and business processes, including identification and protection of business critical assets.
  • Must have knowledge that is based on the highest international research in a number of subject areas within
    • Network and application security
    • Enterprise technologies
    • Risk assessment
    • Privacy analysis
    • Enterprise security and compliance
    • IT security regulation and governance

Skills:

  • Must be able to perform threat, vulnerability and risk analyses of an enterprise system or the enterprise as a whole
  • Must be able to perform risk mitigation analysis of an enterprise system or the enterprise as a whole
  • Must have skills in monitoring and analysing network activity and traffic, including techniques for detection of anomalies and malicious activities.
  • Must be able to choose the most relevant theory/model and perform a security analysis and evaluation of a system/network.
  • Must be able to use various state-of-the-art frameworks for identifying adversaries as well as for developing/deploying attacks
  • Must have skills in communicating cyber security challenges and solutions to non-experts.

 

Competences:

  • Must have the competencies to develop compliant IT and security strategies for an enterprise
  • Must have the competencies to develop compliant privacy data-protection strategies for an enterprise
  • Must have the competency to assess and select relevant scientific and technical literature within the various subject areas of cyber security and privacy
  • Must have the competency to connect research challenges and questions within cyber security and privacy to real world problems and products that will have an impact on society
  • Must have the competency to analyse cyber risks and identify cyber security needs of an organization
  • Must have the competency to compare and assess the potential of different technologies, methods and approaches to make proper security design choices

 

17: Structure and Contents of the programme

The programme is structured in modules and organised as a problem-based study. A module is a programme element or a group of programme elements, which aims to give students a set of professional skills within a fixed time frame specified in ECTS credits, and concluding with one or more examinations within specific exam periods. Examinations are defined in the curriculum.

The programme is based on a combination of academic, problem-oriented and interdisciplinary approaches and organized based on the following work and evaluation methods that combine skills and reflection:

  • lectures
  • classroom instruction
  • Online teaching
  • project work
  • workshops
  • exercises (individually and in groups)
  • self-study
  • teacher feedback
  • reflection

18: Overview of the programme

Offered as: 1-professional
Module name Course type ECTS Applied grading scale Evaluation method Assessment method Language
1 Semester
Security and Privacy in Organisational Systems
(ESNMCSPM1P1)
Project 10 7-point grading scaleInternal examinationOral exam based on a project English
Application and Network Security
(ESNMCSPM1K1)
Course 5 7-point grading scaleInternal examinationWritten or oral exam English
Data Protection and Privacy
(ESNMCSPM1K2)
Course 5 7-point grading scaleInternal examinationWritten or oral exam English
2 Semester
Compliance and the Enterprise
(ESNMCSPM2P1)
Project 10 7-point grading scaleExternal examinationOral exam based on a project English
Enterprise Security and Compliance
(ESNMCSPM2K1)
Course 5 7-point grading scaleInternal examinationWritten or oral exam English
Emerging Technologies and Security
(ESNMCSPM2K2)
Course 5 7-point grading scaleInternal examinationWritten or oral exam English
3 Semester
3RD SEMESTER PROJECT
CHOOSE 1 PROJECT MODULE
Project 15
3RD SEMESTER COURSE MODULE
CHOOSE 1 COURSE MODULE
Course 5

 
3RD SEMESTER PROJECT
CHOOSE 1 PROJECT MODULE
Module name Course type ECTS Applied grading scale Evaluation Method Assessment method Language
Master's Project: Strategies for Secure Organisations
(ESNMCSPM3P1)
Project 15 7-point grading scale Internal examination Master's thesis/final project English
Master's Project: Privacy and Data Protection Strategies
(ESNMCSPM3P2)
Project 15 7-point grading scale Internal examination Master's thesis/final project English
Master's Project: Governance of Security
(ESNMCSPM3P3)
Project 15 7-point grading scale Internal examination Master's thesis/final project English

 
3RD SEMESTER COURSE MODULE
CHOOSE 1 COURSE MODULE
Module name Course type ECTS Applied grading scale Evaluation Method Assessment method Language
Usable Privacy and Security
(ESNMCSPM3K1)
Course 5 7-point grading scale Internal examination Written or oral exam English
Advanced Network and System Security
(ESNMCSPM3K2)
Course 5 7-point grading scale Internal examination Written or oral exam English
Regulation of Cyber Security
(ESNMCSPM3K3)
Course 5 7-point grading scale Internal examination Written or oral exam English

19: Additional information

20: Commencement and transitional rules

The curriculum is approved by the dean and enters into force as of September 1, 2022.

The Study Board does not offer teaching after the previous curriculum from 2020 after the summer examination 2024.

The Study Board will offer examinations after the previous curriculum, if there are students who have used examination attempts in a module without passing. The number of examination attempts follows the rules in the Examination Order.

21: Amendments to the curriculum and regulations