डॉ. बी. आर. अम्बेडकर विश्‍वविद्यालय दिल्ली
Dr. B. R. Ambedkar University Delhi
Established by The Government of NCT of Delhi

1. How does the course link with the vision of AUD?

Dr. B. R. Ambedkar University Delhi aspires to be a premier, globally recognized institution of higher learning with a focus on Liberal Arts, Humanities and Social Sciences. The University promotes use of technology for enhancing the effectiveness of teaching and learning and overall quality management services. Cybersecurity is a critical concern for universities due to the sensitive and confidential information they handle, such as student records and research data. Universities are also increasingly targeted by cyberattacks, which can disrupt operations and damage their reputation. Effective cybersecurity measures are essential to protect university assets and maintain the trust of students, faculty, and staff.

2. How does the course link with the specific programme(s) where it is being offered?

The programmes and courses offered by SGA like BA in Global Studies, BA in Sustainable Urbanism, MA Urban Studies and MA Global Studies prepares students who have to observe, collect and process data from global perspective. Cybersecurity is important for students as they rely heavily on digital tools and services for their academic work and personal lives. Students need to protect their personal data, such as financial and identity information, from cyber threats. Good cybersecurity practices can also ensure the integrity and confidentiality of their academic work, such as research projects and assignments.

3. Does the course connect to, build on or overlap with any other courses offered in AUD?

Currently, the School / University is not offering a course in Cyber Security. The course may connect with most of the courses in AUD because learning to integrate digital skills in education has implications for students to carry out tasks in real life effectively.

4. Specific requirements on the part of students who can be admitted to this course:

(Pre-requisites; prior knowledge level; any others – please specify)

This course does not expect any prior knowledge of programming. It is designed for anyone who is new to the world of cyber security. Upon completion of this course, the learners will be able to understand the key concepts and principles of cybersecurity, including threat assessment, risk management, and incident response. They would also be able to apply cybersecurity best practices to protect their personal data and computer systems from cyber threats.

5. No. of students to be admitted (with justification if lower-than-usual cohort size is proposed):

Usual cohort size

6. Course scheduling (semester; semester-long/half-semester course; workshop mode; seminar mode; any other – please specify):

Semester mode

7. Course Summary:

In today's digital age, cybersecurity has become a critical issue for individuals, organizations, and governments alike. As more and more of our lives are conducted online, the risks and consequences of cyber threats have increased. Cyber-attacks can result in the theft of personal and sensitive information, financial losses, reputational damage, and even physical harm.

For this reason, it is important for undergraduate students to have a basic understanding of cybersecurity. By learning the fundamentals of cybersecurity, students can better protect themselves and their digital assets, and also be prepared for careers in fields that require cybersecurity knowledge, such as information technology, business, and government.

The course on cybersecurity aims to provide students with a comprehensive understanding of cybersecurity, including its importance, common threats, and countermeasures to protect against cyber-attacks. The course also covers incident response and the legal and ethical issues surrounding cybersecurity.

Students who take this course will be equipped with the knowledge and skills to recognize and mitigate common cyber threats. They will also be able to apply best practices for protecting digital assets, responding to security incidents, and managing risk. This knowledge will be valuable not only in their personal lives but also in their future careers.

Moreover, cybersecurity is a rapidly evolving field, and the need for professionals with cybersecurity expertise is expected to continue to grow. By taking this course, students will be better prepared to pursue careers in cybersecurity-related fields, such as cybersecurity analysis, network security, and cyber forensics. A course on cybersecurity is essential for students to navigate the digital world safely and

responsibly, and to prepare for careers in fields that require cybersecurity knowledge. The course would provide students with a foundational understanding of cybersecurity and equips them with practical skills to protect against cyber threats.

The course on cybersecurity provides a foundational understanding of the importance of cybersecurity in today's digital age in the context of Social Sciences. The course covers common cyber threats, countermeasures, incident response, legal and ethical issues, and risk management. Students will gain practical skills and knowledge to protect their digital assets and prepare for careers in cybersecurity-related fields.

1. 3. Objectives:

The objectives of the course are to:

1. 1. 1. To understand the importance of cybersecurity for Social Sciences and its role in safeguarding information.
      2. To identify common cyber threats and the methods used to perpetrate them.
      3. To learn the best practices for protecting digital assets and responding to security incidents.

1. 4. Expected learning outcomes:

At the end of the course, the students will be able to:

• recognize common cyber threats in Social Sciences, such as phishing, malware, and social engineering, and understand how these threats can be mitigated.
• apply best practices for protecting digital assets, such as creating strong passwords, using two-factor authentication, and keeping software up to date.
• understand the legal and ethical issues surrounding cybersecurity, including data privacy, intellectual property, and cybercrime in the context of Social Sciences.
• conduct a risk assessment and develop a risk management plan, including identifying assets, assessing threats and vulnerabilities, and selecting appropriate countermeasures.

1. 5. Overall structure (course organisation; rationale of organisation; brief module outlines):

This course is organised in 5 modules.

Module 1: Introduction to Cybersecurity

Module 1 deals with the fundamental aspects of cybersecurity, offering a foundational understanding of its significance in today's digital age, with a specific focus on its relevance to the field of Social Sciences. The module begins by providing a clear definition of cybersecurity and highlighting its paramount importance in safeguarding digital assets and information. It emphasizes how maintaining the confidentiality, integrity, and availability of data is crucial for preserving the integrity and protecting sensitive information. As part of Module 1, students will explore the diverse landscape of cyber threats within the realm of Social Sciences, gaining insights into the potential impacts these threats can have on research outcomes, data reliability, and ethical considerations. The module aims to equip learners with a comprehensive awareness of the dynamic nature of cybersecurity challenges in the context of social science data. Understanding the dynamic and evolving nature of these roles is integral to developing a skilled and effective cybersecurity workforce tailored to the unique needs of the Social Sciences.

Readings

• Cybersecurity and Infrastructure Security Agency. (2018). Cybersecurity 101: A                    primer.             Retrieved                              from https://www.cisa.gov/sites/default/files/publications/CISA-Cybersecurity-101-508.pdf
• National Institute of Standards and Technology. (2018). Cybersecurity framework. Retrieved from https://www.nist.gov/cyberframework
• Schneier, B. (2015). Data and Goliath: The hidden battles to collect your data and control your world. W. W. Norton & Company.
• The SANS Institute. (2021). Top 20 CIS controls and best practices. Retrieved from https://www.sans.org/top20/
• Greenberg, A. (2019). Sandworm: A new era of cyberwar and the hunt for the Kremlin's most dangerous hackers. Anchor.

Module 2: Threats and Attacks

Module 2 deals with an in-depth exploration of Common Cyber Threats and Attacks, specifically tailored to the context of Social Sciences, where the protection of sensitive research data and ethical considerations play a crucial role. These include the introduction of Malware, such as viruses, worms, and Trojans, which can compromise data integrity. Phishing attacks, targeting researchers and institutions, are discussed in detail, considering their potential impact on the confidentiality of social science data. Denial of Service (DoS) attacks, Ransomware, Advanced Persistent Threats (APTs), and Insider Threats are explored within the framework of social science data protection. The module delves into the intricacies of Man-in-the-middle attacks, SQL injection attacks, and Cross-site scripting attacks, emphasizing their potential consequences for social science research projects.

The discussion extends to the various attack methods employed by cyber threats, including exploiting vulnerabilities in software or hardware specific to social science research tools. Social engineering tactics, such as phishing, pretexting, and baiting, are

examined in light of their potential impact on researchers' susceptibility to cyber threats. Password cracking, eavesdropping, packet sniffing, spoofing, zero-day exploits, and watering hole attacks are discussed within the social science research context, acknowledging their implications for data security.

Readings

• Computer Security Basics, Second Edition by Rick Lehtinen and G.T. Gangemi Sr. - O'Reilly Media (ISBN: 978-0596006693)
• The Practice of Network Security Monitoring: Understanding Incident Detection and Response by Richard Bejtlich - No Starch Press (ISBN: 978-1593275099)
• Cybersecurity for Beginners by Raef Meeuwisse - IT Governance Publishing (ISBN: 978-1787780176)
• Network Security Essentials: Applications and Standards, Seventh Edition by William Stallings - Pearson (ISBN: 978-0134527338)
• Social Engineering: The Science of Human Hacking by Christopher Hadnagy

- Wiley (ISBN: 978-1119433387)

• The Art of Deception: Controlling the Human Element of Security by Kevin Mitnick - Wiley (ISBN: 978-0471237129)
• The CERT Guide to Insider Threats: How to Prevent, Detect, and Respond to Information Technology Crimes by Dawn Cappelli, Andrew Moore, and Randall Trzeciak - Addison-Wesley Professional (ISBN: 978-0137154566)
• Malware Analyst's Cookbook: and DVD: Tools and Techniques for Fighting Malicious Code by Michael Ligh, Steven Adair, Blake Hartstein, and Matthew Richard - Wiley (ISBN: 978-0470613030)

Module 3: Countermeasures for Cybersecurity

Module 3 deals with the Best Practices for Cybersecurity, elucidating the importance of strong password management, regular software updates, and encryption of sensitive data within the framework of social science research. Limiting access to sensitive data through role-based access controls and providing user awareness training becomes paramount to fortify the human element against common cyber threats like phishing and social engineering, aligning with the unique challenges faced by researchers in the social sciences. Risk Management is a key focus of the module, guiding students through risk assessments to identify and prioritize potential vulnerabilities and threats. The development and implementation of security policies, incident response planning, and regular monitoring and auditing of systems cater to the nuanced needs of safeguarding data. The module concludes with the importance of regular network vulnerability assessments and penetration testing to identify and address potential security weaknesses inherent in the unique digital ecosystems.

Readings

• "Cybersecurity Threats, Challenges, Vulnerabilities and Solutions" by Haider Al-Khateeb and Tarek S. Sobh. This book provides an overview of cybersecurity threats, challenges, and vulnerabilities, as well as solutions for protecting against cyber threats. Published by Springer, ISBN 978-3-030-34818-9.

• "Cybersecurity: Protecting Critical Infrastructures from Cyber Attack and Cyber Warfare" by Thomas A. Johnson. This book provides an overview of cybersecurity threats to critical infrastructures, including energy, transportation, and communication systems, and countermeasures for protecting against cyber attacks. Published by CRC Press, ISBN 978-1-4665-0038-5.
• "Social Engineering: The Science of Human Hacking" by Christopher Hadnagy. This book explores the methods used by social engineers to manipulate people into divulging confidential information, and provides strategies for protecting against social engineering attacks. Published by Wiley, ISBN 978-1-118-16172-7.
• "The Art of Deception: Controlling the Human Element of Security" by Kevin Mitnick and William L. Simon. This book explores the ways in which hackers use deception to gain access to sensitive information, and provides strategies for defending against these attacks. Published by Wiley, ISBN 978-0-471-23712-9.
• "Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World" by Bruce Schneier. This book explores the ways in which data is collected, analyzed, and used for surveillance, and provides strategies for protecting personal privacy. Published by W. W. Norton & Company, ISBN 978-0-393-24481-6.

Module 4: Incident Response

Module 4 deals with an extensive exploration of Incident Response tailored specifically to the context of Social Sciences, recognizing the unique challenges in safeguarding research data and maintaining ethical standards. The module encompasses Incident Response Planning, guiding students in the development of comprehensive incident response plans that outline procedures for addressing security incidents. It emphasizes the importance of conducting tabletop exercises and simulations to test the efficacy of these plans, ensuring they are finely tuned to the nuanced needs of safeguarding sensitive data. Identification of roles and responsibilities for incident response team members, along with communication protocols for notifying relevant parties, including IT staff, management, and external authorities, is crucial in the event of a security incident. Students learn to analyze logs and system data, conduct periodic security assessments, and identify vulnerabilities that may be exploited in a security incident unique to their discipline. Restoration of systems and data to their pre-incident state is emphasized, accompanied by effective communication with stakeholders and management to provide updates on the incident and any associated impact.

Readings

• Computer Security Incident Handling Guide by National Institute of Standards and Technology (NIST) - NIST Special Publication 800-61. This guide provides a comprehensive framework for incident response and recovery, including key components of an incident response plan and strategies for restoring systems and services. ISBN: 9781491904040.
• The Incident Response Pocket Guide by N. Hayden, K. Nickerson, C. Hammerle, and M. McKee. This pocket guide provides a concise overview of incident response and recovery, including key components of an incident response plan and strategies for restoring systems and services. ISBN: 978-1973162679.
• Incident Response & Computer Forensics, Third Edition by Jason T. Luttgens, Matthew Pepe, and Kevin Mandia. This book provides a detailed overview of incident

response and computer forensics, including strategies for identifying and responding to security incidents. ISBN: 978-0071798686.

• Cybersecurity Incident Response: How to Contain, Eradicate, and Recover from Incidents by Eric C. Thompson. This book provides a practical guide to incident response and recovery, including key components of an incident response plan and strategies for restoring systems and services. ISBN: 978-1484228321.
• Computer Forensics and Incident Response by Kevin Mandia and Chris Prosise. This book provides a comprehensive overview of incident response and computer forensics, including strategies for identifying and responding to security incidents. ISBN: 978-0072226966.

Module 5: Cyber Ethics and Legal Issues

Module 5 deals with a comprehensive exploration of Cyber Ethics and Legal Issues recognizing the unique ethical considerations and legal landscapes that accompany the safeguarding of data. The module begins by fostering an understanding of the legal and regulatory frameworks for cybersecurity specific to social sciences, acknowledging the importance of compliance and adherence to established guidelines. It then delves into the analysis of ethical issues surrounding cybersecurity, emphasizing the nuanced aspects of data privacy, intellectual property, and cybercrime. Students are guided to evaluate the broader impact of cybersecurity on society considering economic, political, and social factors. In addressing these complex issues, students are equipped to develop strategies for navigating the legal and ethical challenges inherent in cybersecurity.

Readings

• "Cybersecurity Law" by Jeff Kosseff (Wiley, 2020) ISBN: 978-1-119-56829-8
• "Understanding Cybersecurity: Emerging Governance and Strategy" by Tyson Macaulay and Hilary Pearson (Routledge, 2018) ISBN: 978-1-138-90364-4
• "Cybercrime and the Law: Challenges, Issues, and Outcomes" by Susan W. Brenner (Edward Elgar Publishing, 2014) ISBN: 978-1-78347-313-6
• "The Cybersecurity Dilemma: Hacking, Trust, and Fear Between Nations" by Ben Buchanan (Oxford University Press, 2017) ISBN: 978-0-19-066501-2
• "Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World" by Bruce Schneier (W. W. Norton & Co, 2015) ISBN: 978-0-393-35225-6
• "Cyber War: The Next Threat to National Security and What to Do About It" by Richard A. Clarke and Robert K. Knake (Ecco, 2010) ISBN: 978-0-06-196223-3