Part of the
Cyber Security
TU DelftTU EindhovenUniversity of TwenteWageningen University
Cyber Security


+31(0)6 48 27 55 61



4TU.CybSec Syllabus Capstone CybSec Social skills (CpS)

Credits: 1 EC

Capacity: The maximum number of participants 30. 4TU.CybSec students have priority.

Enrollment: please mail the lecturer to enrol. This course can only be taken in combination with CpB and CpE.

Delivery: This course takes place off-site in four sessions of about 5 hours, distributed over the first semester (e.g. one session in Oct, Nov, Dec & Jan.). Students will be able to start travelling after 9:00 on the outbound journey and after 18:30 on the return journey to save 40% on the railway fare.

Motivation: A cyber security professional must be able to communicate with other professionals and in their language. This means that a cyber security professional must have excellent social skills, including presentation, writing, interview, feedback, and reflection skills.

Synopsis: An alumnus will mentor a group of students during the semester. The mentor invites his/her mentees to his office to expose the students to the real working environment. The students train specific social skills during each session. The trainings will be based on realistic cases from the host organisation where possible. The training sessions will be conducted in small parallel groups to ensure that all students are actively engaged in the training. Before each training day, the students are asked to study relevant literature and to prepare themselves. Students complete 3 homework assignments and write a reflection report after two trainings and at the end of the course.

Aim: To give students a good understanding of the social skills of Cyber Security in a real context.

Learning outcomes: The student will acquire:

Lecturer: Dr. Zeki Erkin (TUD) and alumni.

Examination: 100% by coursework.  

Contents: A sample case for each session is provided below:

·Day 1: Interviewing busy executives. Sample case:  The student is a consultant who needs assess the risk of introducing a new application for a company. Key staff of the company, such as the Chief Information Officer, the Chief Information Security Officer, and the IT manager of provisioning, have different views on the project. The challenge will be to obtain the most relevant information in the time available, to verify the information, and to propose the best possible advise. Students are asked to write a reflection and a risk assessment by way of homework.

·Day 2: Writing to change organisations. Sample case: The students are asked to write  for a government agency on a new cyber security policy or issue. Examples include (1) writing a briefing for a government minister on a reaction from IT industry to a change in the law, (2) writing an email to the constituency of a government agency on a rapidly upcoming cyber threat, and (3) drafting a skeleton for a factsheet on cyber awareness.The challenge will be to connect the target audience, to use plain English only, to convey the message even if people only scan the press release. Prior to the meeting, students are asked to write a briefing for a government minister.

Day 3: Giving and receiving feedback. Sample case: The student is an engineer in a team and the team failed their target because one of the team members has consistently been slacking. He/she is not taking responsibility for his/her behaviour. The challenge with feedback in general is to recognise its value for your personal and professional growth and learn to search for it in everyday life. The challenges in giving feedback are to do so in a verbally non-violent way, to make it easier to recognize, understand and accept, to encourage learning, and to show respect even if there is disagreement. The challenges in receiving feedback are to postpone defence mechanisms, discover the full message, to encourage learning, to separate understanding from processing the feedback, and to thank the other one for her/his effort.

Day 4: Presenting as an expert witness. Sample case: The student is an expert witness who has to explain in 5 minutes how a botnet provides relative anonymity for an offender to a non-technical audience. The presentation has to contain an analogy and an illustration, both created by the students themselves. The challenge will be to establish a rapport with the audience, to present the essence and leave out irrelevant (technical) detail, to verify that the audience has truly grasped the essence of the case, and to avoid tunnel vision.