Degree Programme in Cyber Security

Objectives

The core of the cyber security engineering studies is in functional cyber security supported by means of practical learning. You will acquire skills necessary in preventing, detecting and responding to attacks as well as mitigating consequences. In the future, new skills sets and competences are needed in the world of work.

The objective of the degree programme is to produce new high-level competence in the field of cyber security. Disruptions in the operations of our internet-based society may be fatal. You will also become familiar with the strategies, standards and management of cyber security and will be able to classify vulnerabilities and understand the principles of protection. After the completion of your studies, you are capable of applying security solutions to discover security threats and construct protection against them. You will also be able to manage countermeasures against denial-of-service attacks.

Degree programme description

The extent of the studies is 240 ECTS.
The curriculum consists of programme-specific core studies (180 ECTS), supplementary studies (60 ECTS), internship (30 ECTS) and the bachelor’s thesis (15 ECTS).

The following modules are particularly concentrated on cyber security (100 ECTS in total):
• Cyber security operating environments, 35 ECTS
• Applied cyber security, 25 ECTS
• Cyber security management, 15 ECTS
• Advanced technical cyber security, 15 ECTS

In engineering education, networks and their technical solutions are important. One of the focus areas of the studies is the ability to detect cyber security deficiencies in information systems. You will also learn to think about the cyber security situation from the perspective of potential attackers.
In cyber security studies, you will learn to design secure information systems, networks and various wireless solutions for companies and maintain them. You will also be able to implement the necessary technical solutions for the company's Internet connection according to the company's information security rules.

During your first year of study, you will gain comprehensive basic knowledge of cyber security, telecommunications, and information technology. You will get to know hacking and build networks. You will also get acquainted with the basics of cyber security and information security. The second year of study expands your expertise in application and network security. You will implement your first project-based work related to cyber security. After completing the second year of study, you will achieve the necessary skills to work as an intern in the field. The third and fourth years of study deepen your skills and offer the opportunity to develop your most important professional skills areas. Studies increasingly emphasize the application of what has been learned, doing, and deepening of knowledge. If you wish, you can go abroad to study at our extensive network of partner universities and complete an internship abroad.

Upon graduation, you will have a good understanding of administrative information security, related audits, and cybersecurity legislation, strategies, and standards. You will be able to carry out penetration testing, i.e., testing the system for information security risks. You also have a good understanding of data centers, and you can design and maintain secure applications needed in data centers and automate basic data center services.

The training also provides you with several other skills, including learning, ethics, innovation, and language and international skills.

Complementary competence at Xamk

Complementary competence comprises students’ optional studies. Complementary competence deepens or expands the core competence of the degree programme and allows you to specialise in a particular area. For professional optional studies, you can choose from individual courses or study modules in accordance with your personal study plan. The complementary competence selection includes Xamk-level multidisciplinary online studies, field-specific studies, and degree programme specific studies.

Other optional studies included in complementary competence are higher education courses that students can freely choose. You can choose up to 15 ECTS credits of other optional studies. You may also complete complementary competence study modules or courses from the selection of other higher education institutions, where applicable. The scope of complementary competence is, depending on the scope of core competence studies, 45–120 ECTS credits in degrees comprising 210 credits and 60–120 ECTS credits in degrees comprising 240 credits.

Implementation of studies

At the beginning of the studies, you prepare your personal study plan (PSP) which helps you make choices related to the studies, practical training, bachelor’s thesis and international activities. We make every effort to ensure that you can plan your studies in the best way possible, according to your own life situation.

The studies are implemented using various methods:
· lectures
· independent assignments
· teamwork
· online studies
· projects with companies and other organisations
· projects carried out at South-Eastern Finland University of Applied Sciences
· examinations
· practical training.

Career opportunities

After you have completed the bachelor’s degree programme in cyber security, you are able to work for cyber security or information security companies or IT departments of companies, Internet service providers, network operators, data centers and the Defence Forces.
• Cyber security analyst
• Information security manager
• Cyber security expert
• Penetration tester
• IT manager
• Security tester
• Ethical hacker
• Security consultant
• IT engineer
• System engineer
• Communication designer
• Networking expert
• Project manager
• System expert

RDI and cooperation with world of work

The degree programme in cyber security actively participates in RDI projects. The unique CyberLab RDI environment is a significant result of earlier RDI projects. The RDI projects have been focused, for example, on new business opportunities and related cyber security threats that the increasing digitalisation has brought to the manufacturing industries.

Learning environments

The cybersecurity training utilizes its own CyberLab learning environment, which includes its own data center, security control room, and network. CyberLab also produces the VirtualLab learning environment, a virtualized cybersecurity training environment. The environment is available regardless of time and place with a modern Internet browser.

VirtualLab is optimized for RDI, testing, teaching, and piloting use. The start-up of even large training environments is quick, for example, you can get your own data center in just minutes. Typical exercises carried out in VirtualLab include penetration testing exercises, various technology-specific exercises, and larger entities such as operator networks or information systems. The exercises can be pre-prepared so that the student can immediately start practicing the subject to be studied. Users can also build their own testing environments. One user can have several simultaneous exercises in use, and they can also be linked to each other into large entities.

The scenarios of the exercises can be offensive or defensive cyber exercises, installation exercises of operating systems and server solutions, configuration exercises of networks, or building an entire data center, including the installation of virtualization operating systems and programming of application accelerators. If the work is not finished, work can continue at home via a remote connection. The system also enables virtual remote teaching in almost all IT laboratory work. VirtualLab is not based on commercial products but is implemented by Xamk.

The CyberLab learning environment's own network, data center, and cybersecurity management center are widely used in learning projects and theses. Our own network and machine room enable working with the production environment and provide a genuine touch to the technologies in use. In the cybersecurity management center, you will learn to detect and react to cybersecurity anomalies. The CyberLab learning environment also includes physical security systems.