General Information
All organisations today face cyber and fraud threats: small and large businesses, non-profits, health organisations, government and more. Valuable corporate data is highly sought after in the criminal and business communities. Emerging intellectual property and organisational data provides an insight into competitors as well as being valuable commodities to sell on the criminal markets. In this subject, you will be introduced to cybercriminals, learn their motivations and methodologies, and identify potential vulnerabilities and proactive strategies to protect the organisational network, its employees and its data.
-
Details
Academic unit: Bond Business School Subject code: DTSC11-110 Subject title: Cyber and Fraud Threats in Organisations Subject level: Undergraduate Semester/Year: September 2022 Credit points: 10.000 -
Delivery & attendance
Timetable: https://bond.edu.au/timetable Delivery mode: Standard Workload items: - Directed Online Activity: x12 (Total hours: 24) - Webinar 1
- Workshop: x12 (Total hours: 24) - Workshop 2
- Personal Study Hours: x12 (Total hours: 72) - Recommended study time & reviewing materials
Attendance and learning activities: Attendance at all scheduled sessions is expected. Students are expected to notify the instructor of any absences with as much advance notice as possible. -
Resources
Prescribed resources: No Prescribed resources.
After enrolment, students can check the Books and Tools area in iLearn for the full Resource List.iLearn@Bond & Email: iLearn@Bond is the online learning environment at Bond University and is used to provide access to subject materials, lecture recordings and detailed subject information regarding the subject curriculum, assessment and timing. Both iLearn and the Student Email facility are used to provide important subject notifications. Additionally, official correspondence from the University will be forwarded to students’ Bond email account and must be monitored by the student. To access these services, log on to the Student Portal from the Bond University website as www.bond.edu.au
| Academic unit: | Bond Business School |
|---|---|
| Subject code: | DTSC11-110 |
| Subject title: | Cyber and Fraud Threats in Organisations |
| Subject level: | Undergraduate |
| Semester/Year: | September 2022 |
| Credit points: | 10.000 |
| Timetable: | https://bond.edu.au/timetable |
|---|---|
| Delivery mode: | Standard |
| Workload items: |
|
| Attendance and learning activities: | Attendance at all scheduled sessions is expected. Students are expected to notify the instructor of any absences with as much advance notice as possible. |
| Prescribed resources: | No Prescribed resources. After enrolment, students can check the Books and Tools area in iLearn for the full Resource List. |
|---|---|
| iLearn@Bond & Email: | iLearn@Bond is the online learning environment at Bond University and is used to provide access to subject materials, lecture recordings and detailed subject information regarding the subject curriculum, assessment and timing. Both iLearn and the Student Email facility are used to provide important subject notifications. Additionally, official correspondence from the University will be forwarded to students’ Bond email account and must be monitored by the student. To access these services, log on to the Student Portal from the Bond University website as www.bond.edu.au |
Enrolment requirements
| Requisites: |
Nil |
|---|---|
| Assumed knowledge: |
Assumed knowledge is the minimum level of knowledge of a subject area that students are assumed to have acquired through previous study. It is the responsibility of students to ensure they meet the assumed knowledge expectations of the subject. Students who do not possess this prior knowledge are strongly recommended against enrolling and do so at their own risk. No concessions will be made for students’ lack of prior knowledge.
|
| Restrictions: |
Nil |
Assurance of learning
Assurance of Learning means that universities take responsibility for creating, monitoring and updating curriculum, teaching and assessment so that students graduate with the knowledge, skills and attributes they need for employability and/or further study.
At Bond University, we carefully develop subject and program outcomes to ensure that student learning in each subject contributes to the whole student experience. Students are encouraged to carefully read and consider subject and program outcomes as combined elements.
Program Learning Outcomes (PLOs)
Program Learning Outcomes provide a broad and measurable set of standards that incorporate a range of knowledge and skills that will be achieved on completion of the program. If you are undertaking this subject as part of a degree program, you should refer to the relevant degree program outcomes and graduate attributes as they relate to this subject.
Subject Learning Outcomes (SLOs)
On successful completion of this subject the learner will be able to:
- Identify the motivations and methodologies used in cybercrime targeting organisations.
- Identify the human and technical vulnerabilities targeted by corporate and cyber criminals.
- Analyse defensive strategies to protect organisational networks and individuals.
- Recommend individual and organisational responses to cyber-attack including consideration of legal, ethical and security obligations.
- Describe evolving technical methodologies against the organisation’s network and its employees.
Generative Artificial Intelligence in Assessment
The University acknowledges that Generative Artificial Intelligence (Gen-AI) tools are an important facet of contemporary life. Their use in assessment is considered in line with students’ development of the skills and knowledge which demonstrate learning outcomes and underpin study and career success. Instructions on the use of Gen-AI are given for each assessment task; it is your responsibility to adhere to these instructions.
-
Assessment details
Type Task % Timing* Outcomes assessed Case Analysis From a supplied case study, identify the motivations of the criminal and identify their motivations. Students will review the scenario provided and identify the human and technical vulnerabilities within the organisation that allowed the attacker to successfully commit their crime. 30% Week 6 1,2 Case Study Students will identify an organisation which has had its corporate data stolen by an external party with the co-operation of an employee of the victim organisation. You will identify the human and technical vulnerabilities exploited and present a series of options available to the company to recover from the data intrusion including security and legal options. 30% Week 11 2,3,4 Case Study Students will review an attack launched against a data organisation with the goal of stealing Intellectual property. Through careful analysis, students will identify the human and technical reasons this attack was successful and be able to make recommendations to the organisation’s CEO on how security can be increased through a professional report. 40% Week 13 1,2,3,4,5 - * Assessment timing is indicative of the week that the assessment is due or begins (where conducted over multiple weeks), and is based on the standard University academic calendar
- C = Students must reach a level of competency to successfully complete this assessment.
-
Assessment criteria
Assessment criteria
High Distinction 85-100 Outstanding or exemplary performance in the following areas: interpretative ability; intellectual initiative in response to questions; mastery of the skills required by the subject, general levels of knowledge and analytic ability or clear thinking. Distinction 75-84 Usually awarded to students whose performance goes well beyond the minimum requirements set for tasks required in assessment, and who perform well in most of the above areas. Credit 65-74 Usually awarded to students whose performance is considered to go beyond the minimum requirements for work set for assessment. Assessable work is typically characterised by a strong performance in some of the capacities listed above. Pass 50-64 Usually awarded to students whose performance meets the requirements set for work provided for assessment. Fail 0-49 Usually awarded to students whose performance is not considered to meet the minimum requirements set for particular tasks. The fail grade may be a result of insufficient preparation, of inattention to assignment guidelines or lack of academic ability. A frequent cause of failure is lack of attention to subject or assignment guidelines. Quality assurance
For the purposes of quality assurance, Bond University conducts an evaluation process to measure and document student assessment as evidence of the extent to which program and subject learning outcomes are achieved. Some examples of student work will be retained for potential research and quality auditing purposes only. Any student work used will be treated confidentially and no student grades will be affected.
| Type | Task | % | Timing* | Outcomes assessed |
|---|---|---|---|---|
| Case Analysis | From a supplied case study, identify the motivations of the criminal and identify their motivations. Students will review the scenario provided and identify the human and technical vulnerabilities within the organisation that allowed the attacker to successfully commit their crime. | 30% | Week 6 | 1,2 |
| Case Study | Students will identify an organisation which has had its corporate data stolen by an external party with the co-operation of an employee of the victim organisation. You will identify the human and technical vulnerabilities exploited and present a series of options available to the company to recover from the data intrusion including security and legal options. | 30% | Week 11 | 2,3,4 |
| Case Study | Students will review an attack launched against a data organisation with the goal of stealing Intellectual property. Through careful analysis, students will identify the human and technical reasons this attack was successful and be able to make recommendations to the organisation’s CEO on how security can be increased through a professional report. | 40% | Week 13 | 1,2,3,4,5 |
- * Assessment timing is indicative of the week that the assessment is due or begins (where conducted over multiple weeks), and is based on the standard University academic calendar
- C = Students must reach a level of competency to successfully complete this assessment.
Assessment criteria
| High Distinction | 85-100 | Outstanding or exemplary performance in the following areas: interpretative ability; intellectual initiative in response to questions; mastery of the skills required by the subject, general levels of knowledge and analytic ability or clear thinking. |
|---|---|---|
| Distinction | 75-84 | Usually awarded to students whose performance goes well beyond the minimum requirements set for tasks required in assessment, and who perform well in most of the above areas. |
| Credit | 65-74 | Usually awarded to students whose performance is considered to go beyond the minimum requirements for work set for assessment. Assessable work is typically characterised by a strong performance in some of the capacities listed above. |
| Pass | 50-64 | Usually awarded to students whose performance meets the requirements set for work provided for assessment. |
| Fail | 0-49 | Usually awarded to students whose performance is not considered to meet the minimum requirements set for particular tasks. The fail grade may be a result of insufficient preparation, of inattention to assignment guidelines or lack of academic ability. A frequent cause of failure is lack of attention to subject or assignment guidelines. |
Quality assurance
For the purposes of quality assurance, Bond University conducts an evaluation process to measure and document student assessment as evidence of the extent to which program and subject learning outcomes are achieved. Some examples of student work will be retained for potential research and quality auditing purposes only. Any student work used will be treated confidentially and no student grades will be affected.
Study Information
Submission procedures
Students must check the iLearn@Bond subject site for detailed assessment information and submission procedures.
Policy on late submission and extensions
A late penalty will be applied to all overdue assessment tasks unless an extension is granted by the subject coordinator. The standard penalty will be 10% of marks awarded to that assessment per day late with no assessment to be accepted seven days after the due date. Where a student is granted an extension, the penalty of 10% per day late starts from the new due date.
Academic Integrity
The University’s Academic Integrity Policy defines plagiarism as the act of misrepresenting as one’s own original work: another’s ideas, interpretations, words, or creative works; and/or one’s own previous ideas, interpretations, words, or creative work without acknowledging that it was used previously (i.e., self-plagiarism). The University considers the act of plagiarising to be a breach of the Student Conduct Code and, therefore, subject to the Discipline Regulations which provide for a range of penalties including the reduction of marks or grades, fines and suspension from the University.
Bond University utilises Originality Reporting software to inform academic integrity.Feedback on assessment
Feedback on assessment will be provided to students within two weeks of the assessment submission due date, as per the Assessment Policy.
Accessibility and Inclusion Support
If you have a disability, illness, injury or health condition that impacts your capacity to complete studies, exams or assessment tasks, it is important you let us know your special requirements, early in the semester. Students will need to make an application for support and submit it with recent, comprehensive documentation at an appointment with a Disability Officer. Students with a disability are encouraged to contact the Disability Office at the earliest possible time, to meet staff and learn about the services available to meet your specific needs. Please note that late notification or failure to disclose your disability can be to your disadvantage as the University cannot guarantee support under such circumstances.
Additional subject information
As part of the requirements for Business School quality accreditation, the Bond Business School employs an evaluation process to measure and document student assessment as evidence of the extent to which program and subject learning outcomes are achieved. Some examples of student work will be retained for potential research and quality auditing purposes only. Any student work used will be treated confidentially and no student grades will be affected.
Subject curriculum
-
Introduction to Professional Crime
This module will introduce the student to the worlds of cyber and corporate crime. It will introduce you to the many variations of criminals that attack corporates within and external to the organisation, their motivations and the manner in which they execute their crimes. With this information, students will be able to identify the overt and subtle attack strategies and how criminals use trust to betray and technology to victimise their targets.
-
Corporate Crime
The corporate criminal operates directly with their target and uses a multitude of skills to exploit the trust they build with their targets. Building on the introduction to the corporate criminal we examine these people in more detail, identify their personality traits and the knowledge they gain about the target which they use to commit their crimes.
-
Cybercrime
The cybercriminal operating outside of the external environment operates within a target rich environment . It is easier and safer for them to target those in foreign countries to their neighbours. With the explosion of data about individuals and organisations online, there is a multitude of data available for them to use in the commission of their cyber-attack. Attacks use automated tools allowing for a simple methodology to commit their crimes.
-
The Consequences of Corporate and Cybercrime
It is important to understand there is a human being who is victimised by every corporate and cybercrime. We examine in depth the personal and financial consequences of these forms of crimes and the resources available to them.
-
Organisational Defenses
Understanding the criminal environment provides the knowledge and opportunity to prevent these forms of crime. Proactive strategies make organisations more difficult for all but the most determined criminal and simple, cost-effective strategies may significantly reduce the corporate and personal risks. Elements of effective organisational defensive strategy and examples are presented.
-
The Future of Financial and Cybercrime
Criminals evolve their strategies as new opportunities present themselves. Further, changes in technology makes committing cyber and financial crime easier and more lucrative. An examination of the evolving threat landscape presents the opportunity to anticipate new vulnerabilities and threat environments.