2019 Cybersecurity Governance

Font size  SML

Register update notification mail Add to favorite lecture list
Academic unit or major
School of Computing
Mamiya Masayuki  Tanaka Keisuke 
Course component(s)
Lecture / Exercise
Day/Period(Room No.)
Course number
Academic year
Offered quarter
Syllabus updated
Lecture notes updated
Language used
Access Index

Course description and aims

Cybersecurity is becoming a serious threat as a result of the development of information and telecommunications networks, including the Internet, and the advanced utilization of information and telecommunications technologies. Cyber attacks continue to have a serious impact on society, and the damage caused to society by the leakage of personal information and the leakage of intellectual property through attacks is immeasurable.
Despite the great importance of cybersecurity, there is currently a significant shortage of human resources.In response to this social demand, in April 2016, Tokyo Institute of Technology established a special training program for cyber security. In this Special Program for Cybersecurity, NRI cooperates with Rakuten, NTT, AIST, and NISC. At the same time, students can learn theoretical background knowledge by utilizing the theoretical field, which is a feature of the information and communications field of Tokyo Institute of Technology.
The curriculum centers on 6 subjects established in the School of Information Science and Technology: Introduction to Cybersecurity (1Q, 2-0-0), Cybersecurity Cryptography (3Q, 2-0-0), Cybersecurity Governance (3Q, 1 -1 - 0), Cybersecurity Attack and Defense 1 (2Q, 1 -1 - 0), Cybersecurity Attack and Defense 2 (3Q, 1 -1 - 0), and Cybersecurity Attack and Defense 3 (4Q, 1 -1 - 0).
In this lecture, students will understand the basic framework of information security management measures and learn how to conduct corporate governance in a secure manner.

Student learning outcomes

By completing this lecture, the following are understood and the way of thinking is acquired.
1)You will understand the management framework for information security
2) You will be able to understand the specific security measures for corporate governance
3) You will be able to plan for information security
4) You will be able to make recommendations, support and report to management.


security, information security, cybersecurity,governance, incident, risk control, IoT

Competencies that will be developed

Intercultural skills Communication skills Specialist skills Critical thinking skills Practical and/or problem-solving skills

Class flow

Classes will be advanced through lectures and dialogues, related exercises.

Course schedule/Required learning

  Course schedule Required learning
Class 1 Orientation, recent topics, basic idea of information security management. Understanding security management framework.
Class 2 Organization/structure/rules for information security management, employee management and education and training. Understanding internal control, human resources definition.
Class 3 Information security concerning government agencies. Understand the information security policy and the efforts of government agencies.
Class 4 Information security management of information assets · facilities and environments. Understanding controls and guidelines.
Class 5 Network security management, information security systemization. Understanding support system/tool.
Class 6 Risk assessment, information security audit. Understanding risk control.
Class 7 Information security management of group companies and overseas bases Understanding corporate governance.
Class 8 Overview of regulations on information security, various problems of industry type and business type. Understand the regulations on business law, information security issues specific to industry type / business type.
Class 9 Information security of control system, information security of embedded systems. Understanding IoT, Industrial equipment.
Class 10 Information security management and personnel labor, information security and public relations. Understand organizational behavior, stakeholder, risk communication.
Class 11 Responding and managing information security incidents. Understanding incident handling.
Class 12 Case Study (1). Understand cyber security governance by taking examples of information leakage cases as an example.
Class 13 Case Study (2). Understand what people and organizations were doing until the worst happens, why people and organizations misjudge.
Class 14 Formulation of an information security response plan and preparation of a request specification for outsourcing. Understanding planning, procurement.
Class 15 Information security for educational and research institutions, information security as a career, and the qualities and abilities required of CISO. Understand the expected roles and career development of researchers and engineers. Understand the qualifications and capabilities required for CISO.


Textbooks will not be used in this course.

Reference books, course materials, etc.

References will be announced in the classes.

Assessment criteria and methods

The evaluation consists of several reports as homework assignments during the course. Instructors also give exercises in the classes.

Related courses

  • XCO.T473 : Foundation of Cybersecurity
  • XCO.T474 : Theory of Cryptography for Cybersecurity
  • XCO.T475 : Attack and Defense on Cybersecurity I
  • XCO.T476 : Attack and Defense on Cybersecurity II
  • XCO.T477 : Attack and Defense on Cybersecurity III

Prerequisites (i.e., required knowledge, skills, courses, etc.)

None. However, the knowledge on the basic notions of computer science can help students to understand the contents of the course smoothly.

Contact information (e-mail and phone)    Notice : Please replace from "[at]" to "@"(half-width character).


Office hours

Appointment by e-mail is required.

Page Top