Infrastructure and cyber security in public entities

elementary

AD2_W02, AD2_W04

The aim of the course is to familiarize students with the basic issues of information infrastructure and cyber security in public entities.

After completing the course the student will know the basic cybersecurity threats and the legal framework of the national cybersecurity system. The student will be able to classify the incident and report the incident based on applicable regulations.

1. Legal basis for cyber security in public entities

2. The concept of cybersecurity and incidents.

3. Incidents affecting the availability of resources.

4. Incidents violating the confidentiality of resources.

5. Breaches of personal data protection and identity theft

6. Fraud, computer fraud, theft of cash from bank accounts.

7. Methods of anominisation used by perpetrators of incidents.

8. Incident classification and reporting - review of applicable legal regulations

9. Criminal liability for incidents.

1. Szpor Grażyna (red.), Gryszczyńska Agnieszka(red.), Kamil Czaplicki (red.), Ustawa o krajowym systemie cyberbezpieczeństwa. Komentarz, Wolters Kluwer, Warszawa 2019,

2. Agnieszka Gryszczyńska, Pozyskiwanie i analiza danych dotyczących incydentów cyberbezpieczeństwa [w:] Internet. Analityka danych, red. G. Szpor, Warszawa 2019, s. 296-313, ISBN 978-83-8198-138-5

3. Agnieszka Gryszczyńska, Prowadzenie postępowań karnych w sprawach z zakresu dystrybucji ransomware, [w:] Rocznik Bezpieczeństwa Morskiego Nr 1/S/2019, Przestępczość Teleinformatyczna 2018, red. J. Kosiński, Gdynia 2019 , s.193-218, ISSN 1898-3189

4. Internet. Analityka danych, red. Kamil Czaplicki,Grażyna Szpor, CH. Beck, Warszawa 2019

5. Internet. Strategie bezpieczeństwa, red. Grażyna Szpor, Agnieszka Gryszczyńska; C.H. Beck; 2017

AD2_W02: the student knows and understands: the legal basis for infrastructure protection and cybersecurity in public entities, basic terminology in the field of infrastructure and cybersecurity; lists the procedures for action in the event of incidents, has in-depth knowledge of the classification of incidents (P7U_W P7S_WG P7S_WK);

AD2_W04: the graduate knows and understands: the status of an individual and his activity in cyberspace in the national and international context (P7U_W P7S_WG P7S_WK).

Description of ECTS:

Participation in exercises: 15 h

preparation for exercises - including work on the e-learning platform: 30 h

preparation and presentation of the project: 15 h

preparation for the exam: 30 h

ECTS number = 3

AD2_W02: the student knows and understands: the legal basis for infrastructure protection and cybersecurity in public entities, basic terminology in the field of infrastructure and cybersecurity; lists the procedures for actions in the event of incidents, has in-depth knowledge of incident classification (P7U_W P7S_WG P7S_WK) - verification in the form of a single-choice test and presentations prepared by students during classes.

AD2_W04: the graduate knows and understands: the status of the individual and his activity in cyberspace in the national and international context (P7U_W P7S_WG P7S_WK) - verification in the form of a single-choice test and presentations prepared by students during classes.

For the grade 2: the student does not know the legal basis for infrastructure protection and cybersecurity in public entities, basic terminology in the field of infrastructure and cybersecurity; does not list procedures for actions in the event of incidents, does not have in-depth knowledge of the classification of incidents.

The student does not know and understand the status of an individual and his activity in cyberspace in the national and international context.

For the assessment of 3, 3.5: the student knows only the basic legal basis for infrastructure protection and cybersecurity in public entities, the basis for terminology in the field of infrastructure and cybersecurity; only in the basic scope lists the procedures for actions in the event of incidents, has only basic knowledge of the classification of incidents.

The student knows and understands only the basic status of the individual and his activity in cyberspace in the national and international context.

For the grade 4, 4.5: the student has a good knowledge of the legal basis for infrastructure protection and cybersecurity in public entities, knows the terminology of infrastructure and cybersecurity; lists the procedures for action in the event of incidents, has good knowledge of the classification of incidents.

The student knows well and understands the status of an individual and his activity in cyberspace in the national and international context.

For grade 5: the student has a very good knowledge of the legal basis of infrastructure protection and cybersecurity in public entities, knows the terminology of infrastructure and cybersecurity well; lists and knows how to apply procedures for actions in the event of incidents, has a very good knowledge of the classification of incidents.

The student knows and understands the status of an individual and his activity in cyberspace very well in the national and international context.

Multiple choice test. Presentations on specific topics prepared individually by students. Activity during exercise.

50-60% -3

60-70% - 3,5

70-80% - 4

80-90% - 4,5

90-100% - 5

Not required.