Excerpt from course description

Cyber Security for Leaders


This Master of Management course (15 ECTS), is designed to be a part in a 90 ESCTS Executive Master of Management degree specializing in Security management and Cultural Understanding.

Cyber security is the application of technologies, processes, and controls to protect networks, programs, devices and data from syber attacks. The aim is to reduce the risk of cyber attacks and protect against the unauthorised exploitation of these systems.

Digitalization is among the highest political priorities in many countries. In Norway digitalization is seen as part of the strategy to overcome the challenges of the wide geographic distribution of the population, and enable equal services throughout the country. The political push towards digitalization for citizens, businesses and public services must be accompanied with precautions and strategies to create resilience against threats and attacks in cyberspace. Resilience means to protect your system, detect cyber security treats at the earliest possible occasion, and respond to incidents so that normal operation can be continued as soon as possible after a breach. In short, follow the principle “Protect, Detect and Respond”.

A high degree of resilience can be achieved via aware decision makers, deep and sound risk analysis, and teams which can balance the trade-off between vulnerability and overprotection. Moreover, the professional management and implementation of organizational and technical innovations in the context of cyber security involves managing across multiple stakeholders and networks. In short, cyber security leaders need to support such strategies and balancing processes, while consulting society and decision makers as part of the endeavor.

The students are troughout the course working experience based in an iterative process with challenges relevant for their organisation or other organisation you know well.

Course content

Session 1: Setting the Scene for a Secure Digitalized World

  • Standards, Frameworks and Regulations
  • Introduction to networks and management
  • Innovation challenges 
  • Digitalization and secure digitalization
  • Execution, control and respond

Session 2: Risk Management and Audit

  • Vulnerabilities, Threats, and Business Impact
  • Risk Management and Audit
  • Cyber Insurances
  • Change management
  • Polycies and governance

Session 3: Mastering Digital Incidents and Crises

  • Incident response and readiness.
  • Investigations and digital forensic readiness.
  • Business continuity management and disaster recovery planning.
  • The value of trust networks and collaboration with authorities.
  • Building security culture and socio-technical aspects


This is an excerpt from the complete course description for the course. If you are an active student at BI, you can find the complete course descriptions with information on eg. learning goals, learning process, curriculum and exam at portal.bi.no. We reserve the right to make changes to this description.