Security and Data Ethics
Run by School of Computer Science and Electronic Engineering
20.000 Credits or 10.000 ECTS Credits
Semester 1 & 2
Overall aims and purpose
Big data is an industry term that links to key business operations. If security and ethical issues of this data are not maintained then the survival of an organisation could be put at risk. Other issues such as breaches of Data Protection Laws could see an organisation fined and if other laws are linked to the breach could see employees imprisoned.
Indicative content includes:
- Overview of big data: identification, purpose and functionality to an organisation e.g. storage, organising, processing, analysing, data transfer.
- Software and database tools e.g. Apache Hadoop - network of many computers to solve problems involving massive amounts of data and computation power.
- Overview of data utilisation within organisations, keeping data accurate/up-to-date, cleaning of data, Experian, Postcode Address File (PAF).
- Cold calling, mailing lists – business benefits/bad publicity/cross sell and up sell opportunities.
- Hacking: ethical and malicious hacking. Deliberate, intentional and unintentional deletion/disruption of data flows/storage.
- Weaknesses and vulnerabilities of systems: updates, patches, software bugs/fixes.
- Preventative techniques: Firewalls and security software e.g. IDS, IPS, policies/procedures, codes of conduct, physical security e.g. biometrics, IoT devices.
Ethical and Legal Issues
- Users’ Rights – from a practical “best practise” point of view, international standards including policies and procedures for information security management systems (ISMS) ISO27001 & ISO27002. How do companies deal with other companies’ data and policies/ethics of employees’ devices - BYOD (Bring Your Own Device), forensic examinations?
- Consequences of poor file management, monitoring, user rights and backup options – on site/off site/cloud storage.
- Legislation – Data Protection Act 2018, Computer Misuse Act 1990, Health and Safety at Work Act 1974, Copyright, Designs and Patent Act 1988.
Equivalent to the range 70%+. Assemble critically evaluated, relevent areas of knowledge and theory to constuct professional-level solutions to tasks and questions presented. Is able to cross-link themes and aspects to draw considered conclusions. Presents outputs in a cohesive, accurate, and efficient manner.
Equivalent to 40%. Uses key areas of theory or knowledge to meet the Learning Outcomes of the module. Is able to formulate an appropriate solution to accurately solve tasks and questions. Can identify individual aspects, but lacks an awareness of links between them and the wider contexts. Outputs can be understood, but lack structure and/or coherence.
Equivalent to the range 60%-69%. Is able to analyse a task or problem to decide which aspects of theory and knowledge to apply. Solutions are of a workable quality, demonstrating understanding of underlying principles. Major themes can be linked appropriately but may not be able to extend this to individual aspects. Outputs are readily understood, with an appropriate structure but may lack sophistication.
Describe principal security considerations of storing data.
Demonstrate an understanding of legal issues facing organisations.
Demonstrate knowledge and understanding of how organisations store and use data ethically.
Discuss international standards including policies and procedures for information security management systems (ISMS).
|Data theory report||60.00|
|Security methods presentation||40.00|
Teaching and Learning Strategy
The classroom-based element will include student-centred learning methods such as interactive lectures, case studies, group discussions and practical workshops.
The tutor directed student learning will be supported by online learning materials hosted or signposted on the Grŵp VLE.
- Literacy - Proficiency in reading and writing through a variety of media
- Numeracy - Proficiency in using numbers at appropriate levels of accuracy
- Computer Literacy - Proficiency in using a varied range of computer software
- Self-Management - Able to work unsupervised in an efficient, punctual and structured manner. To examine the outcomes of tasks and events, and judge levels of quality and importance
- Critical analysis & Problem Solving - Able to deconstruct and analyse problems or complex situations. To find solutions to problems through analyses and exploration of all possibilities using appropriate methods, rescources and creativity.
- Presentation - Able to clearly present information and explanations to an audience. Through the written or oral mode of communication accurately and concisely.
Subject specific skills
- Knowledge and understanding of facts, concepts, principles & theories
- Recognise legal, social, ethical & professional issues
- Knowledge and understanding of commercial and economic issues
- Knowledge of information security issues
- Development of general transferable skills
- Methods, techniques and tools for information modelling, management and security
- Knowledge and/or understanding of appropriate scientific and engineering principles
- Knowledge and understanding of computational modelling
- Principles of appropriate supporting engineering and scientific disciplines
Talis Reading listhttp://readinglists.bangor.ac.uk/modules/icl-1013.html
Calder, A & Watkins, S., 2015. IT Governance: An International Guide to Data Security and ISO27001/ISO27002. 6th Ed. KoganPage. (7th Ed released Oct 2019)
Chertoff, M., 2018. Exploding Data: Reclaiming Our Cyber Security in the Digital Age. Grove Press UK
Hodeghatta Rao, U & Nayak, U., 2014. The InfoSec Handbook: An Introduction to Information Security. Apress
Marr, B., 2016. Big Data in Practice: How 45 Successful Companies Used Big Data Analytics to Deliver Extraordinary Results. Wiley
Courses including this module
Compulsory in courses:
- H115: BSc Applied Cyber Security (Degree Apprenticeship) year 1 (BSC/ACS)