Module G: Interdisciplinary aspects of cybersecurity

Basics of information security: structure and taxonomy according to international guidelines, standards. Types of intelligence with special emphasis on human-related resources. 

Ethics and informal norms: organizational aspects, basic conditions for work according to the role. Data protection, safe disclosure, responsible behavior, normative aspects of work in the field of information security. 

Psychological aspects of cyber security: psychology of security (classification of attackers and attack vectors, rationality justification); the basics of related psychological characteristics (self-control, premeditation, temporal effects, decision-making, rational choice theory, illusions of superiority, similarity, influence of authority, personality traits). 

Human aspects by phases of attack: Recognizing threats, attacker mindset, rapid threat discovery based on mindset understanding. Preparation phase and intelligence gathering. Implementation stage (human perception of security, security budget, price of privacy, game theory and information security). Attack phase (social engineering, phishing, manipulation, deception). Post-mortem phase (stakeholder communication, communication with line managers, employees; responsible disclosure, cooperation strategies). 

Cyber Crime and Criminal Law; hacking, identity theft and online fraud. 

Basics of online legal transactions, legal aspects of digital financial services and e-commerce (including legal aspects of electronic signatures and certificates). 

Privacy and data protection, relevant laws and regulations related to the collection, storage and use of personal data. 

Cybersecurity management: policies and procedures to manage cybersecurity risks, such as incident response plans and compliance with industry standards and regulations. 

Legal and regulatory issues related to cyber insurance (coverage limits and exclusions). 

Information and information technology as an economic phenomenon: information as a public good, value of information; technology as tangible and intangible knowledge, distinctive attributes of information technology. 

Economic aspects and analysis of harmful behavior. 

Economic aspects of security deployment (cost-benefit analysis/incremental analysis, risk mitigation, operational risk). 

Standards and organizations in the field of cyber security (global, EU, Slovenia). 

Cyber security in the organization: role in business-information architecture, security policies, incident response, creating an incident response plan. 

The aim of the course is to give the student a comprehensive overview of non-technical interdisciplinary aspects of cyber security: human-psychological, legal and economic. This course will enable students to become aware of the complexity of the field, understand legal and regulatory restrictions, and will provide them with basic frameworks for communicating with stakeholders, thus preparing them for challenges in both the business world and private life. 

Lectures for theoretical aspects, classroom or laboratory work and teamwork for real-world use case scenarios and problem solving through project work. E-learning.