003-2024-0828_DLBCSIDPITS01_Course_Book

Course Introduction

  • Title: Introduction to Data Protection and Cyber Security

  • Institution: IU International University of Applied Sciences

Course Book Details

Publisher Information

  • Publisher: IU Internationale Hochschule GmbH

  • Contact: media@iu.org | www.iu.de

  • Copyright: © 2024 IU Internationale Hochschule GmbH

  • Version: DLBCSIDPITS01 Version No.: 003-2024-0828

Table of Contents

  • Introduction

  • Signposts Throughout the Course Book (p. 6)

  • Suggested Readings (p. 7)

  • Learning Objectives (p. 9)

  • Unit 1: Fundamentals of Cyber Security and Data Protection (p. 11)

  • Unit 2: Data Protection (p. 31)

  • Unit 3: Basic Functions of Cyber Security and Their Implementation (p. 49)

  • Unit 4: Cyber Security Management (p. 63)

  • Unit 5: Cyber Security Management in Everyday Life (p. 73)

  • Unit 6: Network and Communication Security (p. 83)

  • Unit 7: Cyber Security in the Development of Software Systems (p. 91)

  • Backmatter (p. 100)

  • List of References (p. 100)

  • List of Tables and Figures (p. 106)

Introduction to Course

Welcome and Learning Structure

  • Course book as the core content with additional materials available on the learning platform.

  • Content organized into units and sections for efficient learning.

  • Each section includes self-check questions for comprehension assessment.

  • Completion of knowledge tests on the platform is required for passing.

Suggested Readings

  • Articles and texts related to IT security, information security strategies, and data protection regulations.

  • Key texts include GDPR and other international guidelines on data security.

Learning Objectives

  • Overview of key concepts in data protection and cyber security.

  • Understanding legal frameworks, operational goals, and basic principles of data security.

  • Familiarity with procedures for managing privacy and security issues.

Unit 1: Fundamentals of Cyber Security and Data Protection

Study Goals

  • Understanding the concepts of confidentiality, integrity, and availability.

  • Learning about strategies for cyber security planning and risk management.

Introduction Overview

  • Ubiquity of IT in daily life affecting personal and organizational data security.

  • Discusses real-world security breaches and the significance of protecting sensitive information.

Key Concepts

  • Confidentiality, Integrity, Availability (CIA Triad): Core objectives in IT security.

  • Vulnerabilities and Threats: Identify potential risks and attacks on data systems.

  • Risk Management: Strategies to assess and mitigate risk in information systems.

Unit 2: Data Protection

Study Goals

  • Understanding personal rights regarding data protection and the role of consent.

  • Exploring the impact of laws on individual data privacy.

Data Protection Principles

  1. Consent and Choice

  2. Purpose Limitation

  3. Collection Limitation

  4. Accuracy and Quality

  5. Openness and Transparency

  6. Data Security

  7. Accountability

GDPR Overview

  • The General Data Protection Regulation outlines responsibilities and rights for personal information.

Unit 3: Basic Functions of Cyber Security and Their Implementation

Study Goals

  • Recognizing the importance of identity, authentication, and authorization in cyber security.

Key Concepts

  • Access Control: Mechanisms to ensure only authorized users can access sensitive information.

  • Rights Management: Assigning permissions based on user roles and identity.

Unit 4: Cyber Security Management

Study Goals

  • Understanding protection requirements and international standards.

Cyber Security Strategies

  • Importance of a coordinated cyber security approach across departments.

Unit 5: Cyber Security Management in Everyday Life

Study Goals

  • Recognizing the role of end-user behavior in maintaining security.

Essential Practices

  • Strong password management and awareness of phishing attacks.

Unit 6: Network and Communication Security

Study Goals

  • Role of firewalls and network separation in protecting data.

Key Concepts

  • Firewall Technology: Different types of firewalls and their importance in network security.

Unit 7: Cyber Security in Software Development

Study Goals

  • Understanding the significance of security in application development.

OWASP Top Ten Vulnerabilities

  1. Broken Access Control

  2. Cryptographic Failures

  3. Injection

  4. Insecure Design

  5. Security Misconfiguration

  6. Vulnerable Components

  7. Authentication Failures

  8. Software Integrity Failures

  9. Logging and Monitoring Failures

  10. Server-Side Request Forgery (SSRF)

Conclusion

  • Emphasizes the continuous need for data protection and cyber security awareness in daily practices and organizational culture.