Course content

• Introduction to socio-technical risks, threats, and vulnerabilities modeling and analysis
• Socio-technical root cause and impact analysis of crimes enabled by socio-technical changes and innovations
• Multi-level and multi-paradigmatic perspectives on socio-technical transitions in digital ecosystems
• Utilization of economic, political, regulatory, and legal instruments to address socio-technical enabled crimes at national and international levels
• Introduction to open source cyber security intelligence sources

Learning outcome

Knowledge:

• Understanding the socio-technical ICT evolution and innovation that has taken place over the last decades.
• Understanding the widening socio-technical gap in the organizations and governments and reflecting on how to tackle the vulnerabilities caused by this gap.
• Applying broad systems theory perspectives connected to practical cases so they will have the insight to implement a roadmap for information security in organizations and businesses.
• Gaining insight and understanding of crimes caused by socio-technical changes in the societies and proposing sustainable preventive recommendations for these crimes using social sciences, in particular, criminology and systems theory.
• Understanding the socio-technical risk analysis and reflecting on the use of appropriate security metrics for the analysis.
• Good knowledge of how cybersecurity laws, policies, and strategies can contribute to mitigating the risk of socio-technical enabled crimes.

Skills:

• Ability to connect social concepts to technical security problems and solutions.
• Ability to participate in strategy and policy debates about socio-technical issues at national and international levels.
• Ability to use relevant systems sciences and socio-technical theory in independent research and development in information security organization and management
• Ability to perform critical analysis of various literature sources and apply them in structuring and formulating scientific reasoning information security organization and management.
• Ability to carry out an independent limited research or development project in information security and management under supervision, following the applicable ethical rules.
• Ability to use open source cyber security threat intelligence

General competence:

• The student can analyze relevant professional and research ethical problems in information security organizations and management.
• The student can apply his/her information security knowledge and skills in new fields, to accomplish advanced tasks and projects.
• The student can use rhetorical techniques to discuss professional problems, analyses, and conclusions in the information security organization and management, both with specialists and with a general audience.
• The student can contribute to innovation and innovation processes in information security and socio-technical modeling and analysis for information security management.

Learning methods and activities

This course is only offered if a minimum of 5 students have registered for the course. The course is primarily a self-study course with assigned reading materials and for some group work and seminars.

Additional information: The course is offered primarily as a remote course with recorded lectures and two mandatory online-seminars. The lectures and the seminars in the course will be recorded and available on Internet through the NTNU's learning management system. During the course, open online office hours will offered weekly to the students for individual discussion. These individual discussions will be offered to support both full time student and students with full-time jobs.

Mandatory assignments:

There are two mandatory seminars including seminar reports in the course and one mandatory presentation that is done either on-line or on campus. These seminar dates will be scheduled and announced at the beginning of the course and attendance either online or on campus is mandatory for these seminars. The first seminar is done in the first 2-3 weeks of the course and the second seminar with student presentations will be scheduled in the last week of October. In the October seminar the students will be required to present the topic for their final term paper. The mandatory assignments have to be completed and with a pass grade before the student can hand-in a final term paper.

Compulsory assignments

• Lab assignments

Specific conditions

Recommended previous knowledge

This is a 3rd semester course in a 4 semster master program

Required previous knowledge

This is a 3rd semester course in a master program .

Course materials

There is a minimal reading list give and upload via NTNU's learning management system during the semester.

Current Minimal Reading list beginning of the course

• Kowalski, Stewart.(1994) IT Insecurity : A Multi-disciplinary Inquiry , Department of Computer and Systems Science , Stockholm University ISSN1101-8526 . Chapter 1, Chapter 5, Chapter 12 https://libris.kb.se/bib/7610934
• Nyblom, Philip Johannes Brugmans; Wangen, Gaute; Kianpour, Mazaher; Østby, Grethe. (2020) The Root Causes of Compromised Accounts at the University. SciTePress, Academic chapter/article/Conference paper
• Cassano-Piché, A., Vicente, K. J., & Jamieson, G. A. (2006). A Sociotechnical Systems Analysis of the Bse Epidemic in the Uk Through Case Study. Proceedings of the Human Factors and Ergonomics Society Annual Meeting, 50(3), 386-390. https://doi.org/10.1177/154193120605000337
• Huang, W. & Wang, S. K. (2009). Emerging Cybercrime Variants in the Socio-Technical Space. In B. Whitworth & A. de Moor (Eds.), Handbook of Research on Socio-Technical Design and Social Networking Systems (pp. 195-208). IGI Global. https://doi.org/10.4018/978-1-60566-264-
• Fineberg, V. (2014). BECO: Behavioral Economics of Cyberspace Operations. Games People Play. Behav. Secur, 2, 20.
• Adams, K. M., Hester, P. T., Bradley, J. M., Meyers, T. J., & Keating, C. B. (2014). Systems theory as the foundation for understanding systems. Systems Engineering, 17(1), 112-123.
• Funtowicz, S., & Ravetz, J. (2020). Post-Normal Science: How Does It Resonate With the World of Today?. In Science for policy handbook (pp. 14-18). Elsevier.
• 4 x Past Students Papers

Credit reductions