Cyber Security Assessment and Management

Academic year
Subject Area
Informatics Security
Language of Instruction
Other Languages of Instruction
Mode of Delivery
ECTS Credits
2nd Cycle Studies - Mestrado

Recommended Prerequisites

BSc in Informatics Engineering or equivalent.

Teaching Methods

Lecture classes (T): presentation and discussion around the topics of the course.

Lab classes (PL): application of theoretical concepts in projects.

The MSI theoretical classes will take place, preferably, Friday afternoon and Saturday morning. Theoretical classes will also be broadcast by teleconference and will be recorded to allow the students to follow the classes remotely.

The practical classes will be preferably booked Friday morning. The practical assignments may also be developed by the students in remote and asynchronous mode with remote support of teachers.

Learning Outcomes

The aim of this curricular unit is to provide knowledge regarding the foundations of cyber security assessment and management. It is expected that students master the fundaments of security, with focus on the enterprise perspective. A strong emphasis is put on the security risk assessment and risk management, covering the whole process form the organization/system security requirements. Besides acquiring knowledge on the fundamentals of these areas, specific domains will be targeted, such as cloud, smart-cards and payment, cyber-physical systems, and critical infrastructure protection.

Work Placement(s)



– Introduction to cyber security assessment and management

– System security risk perspective: requirements, risk elements, and management frameworks

– Security assessment techniques and tools

– Computer security, malware detection and defense

– Enterprise security and privacy

– Economics of information security

– Security assessment and management in specific domain

. Cloud Security

. Smart cards and payment security

. Cyber-physical systems security

. Critical infrastructure protection.

Head Lecturer(s)

Nuno Manuel dos Santos Antunes

Assessment Methods

Exam: 50.0%
Project: 50.0%


Lawrence Gordon and Martin Loeb, “Managing Cybersecurity Resources: A Cost-Benefit Analysis”, Mcgraw-Hill

- Ross Anderson, “Security Engineering”, Wiley

- Ross Anderson, et al., “Security Economics and the Internal Market”, ENISA, 2008

-   Charles P. Pfleeger, et al., “Security in Computing”, Prentice Hall, 2015

- Shimon K. Modi, “Biometrics in Identity Management: Concepts to Applications”, Artech House 2011

- William Stallings, Lawrie Brown, “Computer Security: Principles and Practice”,  Pearson 2014

- Sumeet Dua, Xian Du, “Data Mining and Machine Learning in Cybersecurity”, CRC Press, 2011

- Ralph Gross, Alessandro Acquisti, “Information Revelation and Privacy in Online Social Networks”, ACM WPES, 2005.

- Arvind Narayanan, Vitaly Shmatikov, “De-anonymizing Social Networks”, IEEE SP, 2009.

- Yves-Alexandre de Montjoye, et al., “Unique in the crowd: The privacy bounds of human mobility”, Nature Scientific Reports, 2013.