Module Details

Module Code: COMP9051
Title: Threat Intelligence
Long Title: Threat Intelligence
NFQ Level: Expert
Valid From: Semester 1 - 2023/24 ( September 2023 )
Duration: 1 Semester
Credits: 5
Field of Study: 4811 - Computer Science
Module Delivered in: 2 programme(s)
Module Description: Threat Intelligence is emerging as a critical component in enterprise information security in combatting existing and emerging online threats. The effective application and development of threat intelligence systems requires both a clear understanding of the vulnerabilities of an organisation and the threat actors. In this module the student will develop expert knowledge of threat intelligence and utilize this knowledge to affect an improvement in security posture and combat specific advanced persistent threats.
 
Learning Outcomes
On successful completion of this module the learner will be able to:
# Learning Outcome Description
LO1 Analyse the theoretical underpinnings of threat intelligence
LO2 Appraise the effect cybersecurity threat intelligence has on the security of an organisation
LO3 Exploit and appraise threat intelligence to analyze and defeat specific advanced persistent threats
LO4 Employ threat intelligence to enhance security posture
LO5 Utilize specialized tools requiring advanced knowledge of threat intelligence
Dependencies
Module Recommendations

This is prior learning (or a practical skill) that is strongly recommended before enrolment in this module. You may enrol in this module if you have not acquired the recommended learning but you will have considerable difficulty in passing (i.e. achieving the learning outcomes of) the module. While the prior learning is expressed as named MTU module(s) it also allows for learning (in another module or modules) which is equivalent to the learning specified in the named module(s).
Incompatible Modules
These are modules which have learning outcomes that are too similar to the learning outcomes of this module. You may not earn additional credit for the same learning and therefore you may not enrol in this module if you have successfully completed any modules in the incompatible list.
No incompatible modules listed
Co-requisite Modules
No Co-requisite modules listed
Requirements

This is prior learning (or a practical skill) that is mandatory before enrolment in this module is allowed. You may not enrol on this module if you have not acquired the learning specified in this section.
No requirements listed
 
Indicative Content
Intelligence Strategy
Threat Intelligence, Trending, Reports, Critical Asset Identification, Protection Techniques, Attack Surface Risk Management.
Intelligence Aggregation
Open Source information, Human, Counter and Internal Intelligence, Data Formats, Sources Reputation Services, Aggregation of Intelligence
Intelligence Capabilities
Systems and Architecture, Services, Indicators of Compromise, Incident Prediction, Automated Response, Storing Threat Data.
Threat Analysis
Kill Chain, Threat Actor Profiling and Tracking, Big Data Analytics, Threat Data Visualization, Threat Intent, Threat Risk Profiling, YARA, MITRE ATT&CK Framework.
Operational Intelligence
Actionable Intelligence, Course of Action, Automated Proactive Defense, Manual Proactive Defense, Threat Dissemination and Intelligence Sharing, Intelligence Strategy, Process and Systems Review
Module Content & Assessment
Assessment Breakdown%
Coursework100.00%

Assessments

Coursework
Assessment Type Written Report % of Total Mark 40
Timing Week 7 Learning Outcomes 1,2
Assessment Description
This report will assess the student's theoretical knowledge of threat intelligence and the impact threat intelligence has on the security of an organisation. The student may be expected to write a current state of the art for threat intelligence and how it may be applied to a specific organisation.
Assessment Type Project % of Total Mark 60
Timing Sem End Learning Outcomes 3,4,5
Assessment Description
The focus of this project will be to execute and analyse the effect a threat intelligence system has on the capacity of a network in combating a selection of advanced persistent threats. The student will be expected to employ both theoretical and practical knowledge learned in the module to perform this activity.
No End of Module Formal Examination
Reassessment Requirement
Coursework Only
This module is reassessed solely on the basis of re-submitted coursework. There is no repeat written examination.

The University reserves the right to alter the nature and timings of assessment

 

Module Workload

Workload: Full Time
Workload Type Contact Type Workload Description Frequency Average Weekly Learner Workload Hours
Lecture Contact Lecture delivering theory underpinning learning outcomes. Every Week 2.00 2
Lab Contact Lab to support learning outcomes. Every Week 2.00 2
Independent & Directed Learning (Non-contact) Non Contact Independent study. Every Week 3.00 3
Total Hours 7.00
Total Weekly Learner Workload 7.00
Total Weekly Contact Hours 4.00
Workload: Part Time
Workload Type Contact Type Workload Description Frequency Average Weekly Learner Workload Hours
Lecture Contact Lecture delivering theory underpinning learning outcomes. Every Week 2.00 2
Lab Contact Lab to support learning outcomes. Every Week 2.00 2
Independent & Directed Learning (Non-contact) Non Contact Independent study. Every Week 3.00 3
Total Hours 7.00
Total Weekly Learner Workload 7.00
Total Weekly Contact Hours 4.00
 
Module Resources
Recommended Book Resources
  • Roberts A.. (2021), Cyber threat intelligence: The no-nonsense guide for CISOs and security managers, Berkeley, CA, USA, [ISBN: 9781484272190].
  • Kyle Without and Joseph Opacki. (2020), Operationalizing Threat Intelligence: A guide to developing and operationalizing cyber threat intelligence programs, Packt, [ISBN: 9781801814683].
Supplementary Book Resources
  • Michael Bazzell. (2015), Open Source Intelligence Techniques: Resources for Searching and Analyzing Online Information, 4. CreateSpace Independent Publishing Platform, [ISBN: 1508636338].
  • Adam Shostack. (2014), Threat Modeling: Designing for Security, 1. Wiley, [ISBN: 1118809998].
  • Scott E. Donaldson, Stanley G. Siegel, Chris K. Williams. (2015), Enterprise Cybersecurity: How to Build a Successful Cyberdefense Program Against Advanced Threats, 1. Apress, [ISBN: 1430260823].
  • Jay Jacobs and Bob Rudis. (2014), Data-Driven Security: Analysis, Visualization and Dashboards, 1. Wiley, [ISBN: 1118793722].
  • Pherson, R.H. and Heuer Jr, R.J.. (2020), Structured analytic techniques for intelligence analysis, 3rd. CQ Press, [ISBN: 9781506368931].
Recommended Article/Paper Resources
Other Resources
 
Module Delivered in
Programme Code Programme Semester Delivery
CR_KINSE_9 Master of Science in Cybersecurity 2 Elective
CR_KINSY_9 Postgraduate Diploma in Science in Cybersecurity 2 Elective