Security and Data Ethics
Rhedir gan School of Computer Science and Electronic Engineering
20.000 Credyd neu 10.000 Credyd ECTS
Semester 1 a 2
Big data is an industry term that links to key business operations. If security and ethical issues of this data are not maintained then the survival of an organisation could be put at risk. Other issues such as breaches of Data Protection Laws could see an organisation fined and if other laws are linked to the breach could see employees imprisoned.
Indicative content includes:
- Overview of big data: identification, purpose and functionality to an organisation e.g. storage, organising, processing, analysing, data transfer.
- Software and database tools e.g. Apache Hadoop - network of many computers to solve problems involving massive amounts of data and computation power.
- Overview of data utilisation within organisations, keeping data accurate/up-to-date, cleaning of data, Experian, Postcode Address File (PAF).
- Cold calling, mailing lists – business benefits/bad publicity/cross sell and up sell opportunities.
- Hacking: ethical and malicious hacking. Deliberate, intentional and unintentional deletion/disruption of data flows/storage.
- Weaknesses and vulnerabilities of systems: updates, patches, software bugs/fixes.
- Preventative techniques: Firewalls and security software e.g. IDS, IPS, policies/procedures, codes of conduct, physical security e.g. biometrics, IoT devices.
Ethical and Legal Issues
- Users’ Rights – from a practical “best practise” point of view, international standards including policies and procedures for information security management systems (ISMS) ISO27001 & ISO27002. How do companies deal with other companies’ data and policies/ethics of employees’ devices - BYOD (Bring Your Own Device), forensic examinations?
- Consequences of poor file management, monitoring, user rights and backup options – on site/off site/cloud storage.
- Legislation – Data Protection Act 2018, Computer Misuse Act 1990, Health and Safety at Work Act 1974, Copyright, Designs and Patent Act 1988.
Equivalent to the range 70%+. Assemble critically evaluated, relevent areas of knowledge and theory to constuct professional-level solutions to tasks and questions presented. Is able to cross-link themes and aspects to draw considered conclusions. Presents outputs in a cohesive, accurate, and efficient manner.
Equivalent to 40%. Uses key areas of theory or knowledge to meet the Learning Outcomes of the module. Is able to formulate an appropriate solution to accurately solve tasks and questions. Can identify individual aspects, but lacks an awareness of links between them and the wider contexts. Outputs can be understood, but lack structure and/or coherence.
Equivalent to the range 60%-69%. Is able to analyse a task or problem to decide which aspects of theory and knowledge to apply. Solutions are of a workable quality, demonstrating understanding of underlying principles. Major themes can be linked appropriately but may not be able to extend this to individual aspects. Outputs are readily understood, with an appropriate structure but may lack sophistication.
Describe principal security considerations of storing data.
Demonstrate an understanding of legal issues facing organisations.
Demonstrate knowledge and understanding of how organisations store and use data ethically.
Discuss international standards including policies and procedures for information security management systems (ISMS).
|Data theory report||60.00|
|Security methods presentation||40.00|
Strategaeth addysgu a dysgu
The classroom-based element will include student-centred learning methods such as interactive lectures, case studies, group discussions and practical workshops.
The tutor directed student learning will be supported by online learning materials hosted or signposted on the Grŵp VLE.
- Llythrennedd - Medrusrwydd mewn darllen ac ysgrifennu drwy amrywiaeth o gyfryngau
- Rhifedd - Medrusrwydd wrth ddefnyddio rhifau ar lefelau priodol o gywirdeb
- Defnyddio cyfrifiaduron - Medrusrwydd wrth ddefnyddio ystod o feddalwedd cyfrifiadurol
- Hunanreolaeth - Gallu gweithio mewn ffordd effeithlon, prydlon a threfnus. Gallu edrych ar ganlyniadau tasgau a digwyddiadau, a barnu lefelau o ansawdd a phwysigrwydd
- Dadansoddi Beirniadol & Datrys Problem - Gallu dadelfennu a dadansoddi problemau neu sefyllfaoedd cymhleth. Gallu canfod atebion i broblemau drwy ddadansoddiadau ac archwilio posibiliadau
- Cyflwyniad - Gallu cyflwyno gwybodaeth ac esboniadau yn glir i gynulleidfa. Trwy gyfryngau ysgrifenedig neu ar lafar yn glir a hyderus.
Sgiliau pwnc penodol
- Knowledge and understanding of facts, concepts, principles & theories
- Recognise legal, social, ethical & professional issues
- Knowledge and understanding of commercial and economic issues
- Knowledge of information security issues
- Development of general transferable skills
- Methods, techniques and tools for information modelling, management and security
- Knowledge and/or understanding of appropriate scientific and engineering principles
- Knowledge and understanding of computational modelling
- Principles of appropriate supporting engineering and scientific disciplines
Rhestrau Darllen Bangor (Talis)http://readinglists.bangor.ac.uk/modules/icl-1013.html
Calder, A & Watkins, S., 2015. IT Governance: An International Guide to Data Security and ISO27001/ISO27002. 6th Ed. KoganPage. (7th Ed released Oct 2019)
Chertoff, M., 2018. Exploding Data: Reclaiming Our Cyber Security in the Digital Age. Grove Press UK
Hodeghatta Rao, U & Nayak, U., 2014. The InfoSec Handbook: An Introduction to Information Security. Apress
Marr, B., 2016. Big Data in Practice: How 45 Successful Companies Used Big Data Analytics to Deliver Extraordinary Results. Wiley
Cyrsiau sy’n cynnwys y modiwl hwn
Gorfodol mewn cyrsiau:
- H115: BSc Applied Cyber Security (Degree Apprenticeship) year 1 (BSC/ACS)