1. Accueil
  2. EN
  3. Studying at ULB
  4. Find your course
  5. UE
INFO-Y063

Organisation of Corporate Security 

academic year
2024-2025
2025-2026

Course teacher(s)

Gaël Hachez (Coordinator)

ECTS credits

5

Language(s) of instruction

english

Course content

The focus of this course is to provide understanding on how all security components are tied together to secure a company using a risk based approach in a constrained environment. It will cover amongst others the following topics (non-exhaustive list and subject to modification):
  • Security strategy : how to get budget ?
  • Security governance : making sure you are driving your security to a measurable result
  • Security frameworks : which one to choose (NIST CSF, CIS, ISO 27001, …)?
  • From information security to cyber resilience: you will be hacked, how to be resilient?
  • Know your assets: data classification – you cannot secure everything
  • Securing the human: from security awareness to security culture
  • Security Risk assessment and risk mitigation strategy
  • Supply chain security: hardware and software – SBOM
  • Cyber resilience by design with links to privacy by design
  • Security testing : how to combine code review, SAST, DAST, vulnerability testing, pen testing, red teaming in the most effective way?
  • Security assurance & certification : how to prove your security to your customers?
  • Security logging & monitoring : you don’t want to miss alerts but can you do it alone?
  • Incident & crisis management : If you are not prepared, you will fail.
  • Regulators: like God, they have all powers but are they evil?
  • Regulations: What is the best compliance approach + key ones: DORA, NIS 2.

Objectives (and/or specific learning outcomes)

From theory to practise…
  • A company has never unlimited resources (people & budget) for security: It is always a question of trade-offs.
  • Security is a good as the weakest link: piling up security functions / capabilities next to each other without proper linkage can lead to security holes.
The focus of this course is to provide understanding on how all security components are tied together to secure a company using a risk based approach in a constrained environment.

Teaching methods and learning activities

The course is split in two parts:

  •  Interactive courses on specific key topics to join the dots between the academic approach to certain security techniques and corporate world.
  • Team project that consists in effective and efficient security plan for a fictive company that will be presented to the executive committee of that fictive company.

Other information

Campus

Plaine

Evaluation

Method(s) of evaluation

  • written examination
  • Group work

written examination

Group work

Language(s) of evaluation

  • english

Programmes