Overview

Are humans the weakest link in cybersecurity? This course provides the latest insights into technology users and cybercriminals’ behavior, helping you design the best strategies to mitigate your most critical risks.

Staying ahead of evolving user behavior and cybercriminal tactics is essential for building robust cybersecurity defenses. Our online course delves into current attack trends and user behavior patterns, equipping you with the knowledge to strengthen your cybersecurity strategies.

The first part of the course explores the most recent user behavior through the lens of security economics. Many security breaches stem from individual actions, such as unpatched systems or falling victim to phishing, ransomware, data leaks etc. Organizational security depends heavily on user behavior. While it's often said that "humans are the weakest link", this perspective is both misleading and unproductive. Organizations often misunderstand why users fail to comply with security policies, overlooking personal costs like time and effort. Given competing demands, it’s understandable that users may occasionally disregard security advice. This section helps to understand the scope of user incentives and develop policies that support and empower home users to enhance their security.

The second part of the course shifts the focus to cybercriminals, incorporating the latest research on attacker economics and cybercrime market trends. It covers current organizational threats, the different categories of cybercriminals (including cryptojacking), how they operate, and how effective interventions are at disrupting criminal marketplaces. These insights will benefit professionals conducting risk assessments and threat analyses, as well as law enforcement agencies working on interventions against cybercriminals.

Designed with the new NIS2 directive in mind, this course is especially valuable for managers looking to meet compliance and enhance their cybersecurity governance. It is ideal for professionals in IT, security, risk assessment, threat analysis, and law and compliance enforcement.

This course provides the tools to create stronger internal and external organizational security policies and strategies to empower home users with practical insights to enhance their personal security. 

What You'll Learn

After completion of the course, participants should be in a position to:

  1. Explain various security behaviors of individuals in a digital landscape
  2. Design policies and interventions that are based on a full understanding of technology users’ behavior
  3. Explain a variety of attack behaviors and types of cybercrimes
  4. Design policies and interventions that are based on a true understanding of attacker behavior and most recent cybercrime trends

Details

Course Syllabus

Week 1:
In this week we will introduce the comprehensive human aspects of security and privacy within complex computer systems. 
Topics covered this week:

  • Introduction to user research
  • Analyzing users’ security behavior in organizations
  • Exploring security considerations for home users

Week 2:
The focus of this week will be on broader aspects of human decision-making in the context of digital security and privacy.
Topics covered this week:

  • Exploring the choices users make when interacting with security systems
  • Analyzing the different privacy considerations users are faced with

Week 3:
This week we will conclude the section analyzing users by looking into the costs and interventions associated with cybersecurity and privacy at the user level.
Topics covered this week:

  • Factors that influence security and privacy behaviors
  • Analysis of security and privacy interventions

Week 4:
In this week we will introduce key concepts of cybercrime, examining the diverse range of offenders, their motivations, and the theoretical frameworks that explain their behaviors.
Topics covered in this week:

  • Different types of criminal actors
  • Key theoretical approaches influencing cybercrime
  • Addressing the myth of cybercrime’s sophistication
  • Exploring the cybercrime markets

Week 5:
This week we will focus on the evolving landscape of cybercrime by exploring its commoditization, resources and the services that drive this illicit industry.
Topics covered in this week:

  • The concept of cybercrime as a service
  • Approaches to measuring threat
  • Measuring cybercrime infrastructure 
  • The ethics of using stolen and scraped data

Week 6:
In the final week we will investigate the different approaches used to combat cybercrime, focusing both on offender perspective as well as enforcement strategies.
Topics covered this week:

  • Analysis of the methodologies used for interviewing cybercrime perpetrators 
  • Law enforcement interventions
  • The Budapest convention
  • Investigation of the measures taken to prevent cybercrime

Qualifications

Certificates

If you successfully complete this course you will earn a professional education certificate and you are eligible to receive 2.5 Continuing Education Units (CEUs).

View sample certificate

Admission

This course is primarily geared towards working professionals.

Prerequisites:

Participants are encouraged to combine this course with the course “Economics of Cybersecurity: Foundations and Measurements” and “Economics of Cybersecurity: Solutions”.

Contact

If you have any questions about this course or the TU Delft online learning environment, please visit our Help & Support page.

Technology, Policy & Management

Enroll now Enroll with STAP

  • Starts: Jan 22, 2025
  • Fee: €1050
  • Discounted group fee: contact us
  • Enrollment open until: Jan 15, 2025
  • Length: 6 weeks
  • Effort: 4 - 6 hours per week
  • Format: Online course

Related courses and programs