Unit CSB05: Cyber Security Network Solutions Unit code: M/617/1128 RQF level: 2 Aim In this unit the learner will bring together their prior learning from the other units on the course. The unit will focus on protecting and future-proofing the learner’s network environment; the Local Area Networks and Wide Area Networks (including databases and storage) of the business. The learner will look at security architecture and security engineering as very basic concepts and to understand key security management approaches to protecting information. Information assets can include people, processes and technology. The learner will then build on this to design their own organisational cyber security plan. The goal of the plan will be to ensure that their own organisation’s IT infrastructure is much safer than beforehand. Because ‘cyber security’ is a discipline that converges physical and technical security requirements, much of this unit content will provide the learner with Crime Prevention Through Environmental Design Principles (CPTED) that include a strong element of physical security content as well as an introduction to Business Continuity and Disaster Recovery practices and principles.
Learning and Assessment Criteria Learning Outcomes.To achieve this unit a learner must be able to:
Assessment Criteria: Assessment of these outcomes demonstrates a learner can:
1 Understand the importance of having the correct mindset when using ICT
1.1 Explain the importance of personal attitude and approach, and organisational awareness training, in relation to managing and reducing cyber security risks
2 Understand how physical security adjustments and knowledge of CPTED principles can strengthen cyber security plans
2.1 Describe a range of physical security approaches that protect against malicious and non-malicious cyber security incidents 2.2 Outline the key CPTED principles and their application to cyber security plans
3.1 Explain how planning can be informed and shaped by 3 Understand the ISO27001 existing standards Information Security Management Standard, and other useful Standards and Education programs 4 Develop a computer/network security plan (‘toolkit’) for a selected organisation
4.1 Describe the key requirements of the security toolkit in relation to the organisation’s security needs and priorities 4.2 Design a cyber security toolkit to meet the security requirements of an organisation
Indicative Content -Personal attitudes to computer use and how to change organisational cultures -CPTED, security engineering and physical/environmental security measures -Protecting critical business processes
-Applying International Standards, Useful Networks and Industry Educational approaches -Designing a cyber security toolkit for a workplace organisation
London School of International Business | www.LSIB.co.uk
12
