Module Code - Title:
CE5041
-
CYBERSECURITY LAW AND REGULATIONS
Year Last Offered:
2025/6
Hours Per Week:
Grading Type:
Prerequisite Modules:
Rationale and Purpose of the Module:
The aim of the module is to enable students to be aware of Security Standards and associated laws and regulations for Operational Technology (OT)/Information Technology (IT) convergence.
This module was developed under the CyberSkills HCI Pillar 3 Project. Please refer to the consortium agreement for ownership.
Syllabus:
Landscape
Multi-level governance and regulatory system i.e. International standards, EU rules, Domestic Rules.
Laws, Regulations & Standard
Ireland and EU: EU Cybersecurity Act, Personally Identifiable Information (PII), GDPR/Statutory Data Audit, NIS. Criminal Justice (Offences Relating to Information Systems) Act 2017. USA: CFA Act, CSA Act, ECPA, GLB Act, SOX, DMCA, CCPA. Personal Health Information (PHI) Health Insurance Portability and Accountability Act of 1996 (HIPAA). ENISA Threat Landscape. The meaning of 'Ethics'. The relationship between Law and Morality. Ethical issues in computing.
Standards, Compliance & Violation
Reporting standards. NIST. SSAE-16. AT-101. Federal Risk and Authorization Management Program (FedRAMP) compliance. ISO compliance. Regulatory Compliance. Reputational damage. Gambling Commission, Auditing. Skill in implementing and testing network infrastructure contingency and recovery plans.
Learning Outcomes:
Cognitive (Knowledge, Understanding, Application, Analysis, Evaluation, Synthesis)
On successful completion of this module, students will be able to:
LO1: Appraise the laws, regulations, policies and ethics as they relate to cyber security and privacy.
LO2: Assess manage and apply the reporting standards relevant to Operational and Information Technologies.
LO3: Demonstrate an understanding of the ethical issues associated with computing.
LO4: Evaluate the threat landscape associated with Information Technology (IT)/Operational Technology (OT) integration.
Affective (Attitudes and Values)
On successful completion of this module, students will be able to:
LO5: Value and accept the importance of laws, standards and ethics in computing.
Psychomotor (Physical Skills)
On successful completion of this module, students will be able to:
How the Module will be Taught and what will be the Learning Experiences of the Students:
This module will be delivered online in a blended fashion to industry-based learners and will be scheduled in the evening time by Cyberskills. The lecturing staff will be provided by the HEA HCI Pillar 3 initiative - Cyberskills.
By following recent developments with OT/ICS standards and its devices we aim to ensure that students of this module are knowledgeable, proactive, creative and articulate in relation to Applying and Managing (Secure) networking services and devices for the OT Domain.
The content of the module has been determined by aligning the module syllabus with the KSAs (Knowledge, Skills and Abilities) specified in the NIST/NICE framework for the Network Services work Role - Network Operations Specialist (OM-NET-001). The module content was discussed and designed with industry panel input from Dell and ADI.
Research Findings Incorporated in to the Syllabus (If Relevant):
Prime Texts:
Hilary Meagher, Lubna Luxmi Dhirani (2024)
Cyber-Resilience, Principles, and Practices. In: Naseer Qureshi, K., Newe, T., Jeon, G., Chehri, A. (eds) Cybersecurity Vigilance and Security Engineering of Internet of Everything. Internet of Things.
, Springer, Cham.
Theodoros Karathanasis (2025)
Cybersecurity and EU Law
Adopting the Network and Information Security Directive
, Routledge
Taylor & Francis
Other Relevant Texts:
Programme(s) in which this Module is Offered:
Semester(s) Module is Offered:
Autumn
Module Leader:
lubna.luxmi@ul.ie