The course provides an in-depth understanding of data privacy and security issues in digital infrastructures. It focuses on technological solutions, methods and practices for data protection in business organizations and collaborative networks. This provides students with an understanding of strategic and regulatory issues of data privacy and security as well as an overview of mechanisms for privacy and security assurance in modern organizations. Students in this course will not only gain a deep understanding of the design principles for data privacy and security but they will also acquire the practical skills necessary for their successful applications to problems in science and industry.

Knowledge and understanding: The course will offer key concepts and methods to plan, design, implement, manage and audit technological and organizational systems to assure data privacy and security in digital business. In particular, the course will provide a good understanding of the technical, managerial and social issues of data privacy and security and a deep understanding of the strengths and weaknesses of enterprise security architectures. Applying knowledge and understanding: On successful completion of this course students will be able to: Analyze the social and organizational implications of cyber risk in digital ecosystems Select, design and implement the most appropriate security controls to mitigate risk in digital business Apply encryption and anonymity techniques to preserve the confidentiality and the privacy of data Design innovative solutions for ensuring authenticity and accountability in distributed systems Making judgements: Students are expected to be able to reflect on the managerial and social responsibilities of applying digital technologies in enterprise systems development. Throughout the entire course, students will be invited to apply their multidisciplinary knowledge to critically assess realistic scenarios for strategic and tactical decision making. Communications Skills: This course will give the students the possibility to acquire and to understand major terms and concepts so as to communicate effectively their ideas, findings, proposals, analysis and critical reasoning in the area of data privacy and security. A special emphasis will be given to oral pitches in class and to writing technical reports and documentation. Learning skills: This course will empower students with the capability to learn how to use networking and security tools, and to apply them to real-world problems in an independent and critical way. A strong emphasis will be given to the reflection on the impact of these techniques and tools in complex organizational settings that are typical of today’s data-driven companies.

The course will cover the following topics: Challenges to data privacy and security The cybercrime ecosystem Software vulnerabilities and cyberattacks Planning, designing and implementing IT security High Reliability Organizations Security operations Secure Systems Development New directions in privacy and security

Lecture notes, research papers and course material will be made available on the e-learning platform. Recommended readings: Anderson, R. 2020. Security Engineering: A Guide to Building Dependable Distributed Systems, 3rd edition. Indianapolis, Indiana: John Wiley & Sons, Inc. Dhillon, G. 2018 Information Security, Text & Cases. Prospect Press

The course consists of lectures and practical lab sessions. Class activities include discussion of teaching cases and group presentations.

Continuous assessment will be based on a series of seven lab exercises (weeks 4, 5, 6, 7, 8, 10 and 11) and a final exam. Each lab exercise will count 10% for the final grade. The final exam will count for 30%. Students that will not take the lab exercises are required to complete an individual project and take an oral exam after the course.

Quality of the research proposal addressing a relevant problem in data privacy and security