Data Security (Technical) - an online course

About this course

This course equips you with the practical knowledge to securely manage personal data as defined in the General Data Protection Regulations. It requires a basic understanding of web based systems and networking, level 3 BTEC or higher. You will learn how to assess vulnerabilities to a known IT system and how to reduce those threat vectors. 

Taking place over six weeks, each week will contain a mix of taught material, self-study, activities and practical exercises, all carried out online.

Apply now

The amount of personal data being processed and stored is increasing at an almost exponential rate. For instance, data produced by customers engaging with digital marketing channels provides the data scientist with very large data sets and the opportunity to apply their understanding of data analytics helping marketers to take advantage of new business opportunities.

However, legal changes taking place mean that in conducting data science you may face heavy fines if the data you have collected is not securely processed or stored leading to an accidental or deliberate breach of security. It may not be widely known that according to the General Data Protection Regulation (GDPR) coming into force personal data will also include such information as Internet Protocol (IP) address, and Media Access Control address (MAC address).

With this in mind this course will demonstrate how to conduct a cyber risk assessment, walking you through each stage of the process and explaining types of ‘controls’ and why they are recommended. You will gain a better understanding of risk associated with an IT system used for data collection, processing and storage.  This course is designed from a management level perspective, introducing different aspects of the security risk assessment, such as:


  • Legal Responsibilities
  • Risk assessment
  • Implementation
  • Reporting
  • Vulnerabilities
  • Technical
  • Humans in the loop
  • Mitigation controls
  • Web based assessment


You will be required to assess vulnerabilities of, and threat to the components (laptops, server, databases, etc.) which may make up your information systems, to understand the role these play in exposing your confidential data, standardising operating procedures along with relevant aspects of intellectual property. You will learn how to provide approached controls, in terms of the risk to the information asset and the cost of the control. Finally, you will learn how to combine these two activities to conduct a risk assessment on a system as a whole.

Throughout the course, you will also be asked to consider how you would use the risk assessment approach in your own organisations and reflect on the use of risk assessments to apply appropriate cost-effective controls.

It is important to us that during the course you not only learn about threats and vulnerabilities which could lead to a breach of data security but you also apply techniques to assess the vulnerabilities of a website and make a judgement on the controls required to secure the data you are handling. This will put you in a much stronger position to assess the information environment in your organisation giving you the technical experience and theoretical knowledge to identify and mitigate the risks within a data environment.

You will be asked to complete activities each week and submit three pieces of coursework.

While you will complete all of them individually, you will also work in small groups with the dedicated supervision of a course tutor. The course tutors will be available to provide in-depth assistance should you have any problems.

Aims and learning outcomes

At the end of this course you will be able to:

  • Understand the requirement for security governance and the legal aspects of cyber security as it applies to an IT system
  • Identify the type of vulnerabilities and threat vectors to an IT system
  • Suggest the cyber control required to reduce the threat vectors
  • Understand the implication of various strategies used in mitigation of a cyber-attack.
  • Understand the security architecture of an organisation
  • Conduct a vulnerability assessment 



  • Vulnerability and threat assessment to a known IT system
  • Mitigation strategies for the reducing the threat vectors
  • Hands on testing for vulnerabilities 

Week 1

  • Introduction to the course
  • The current cyber security environment
  • Business impacts and cost
  • Legal, regulatory requirements 

Week 2

  • Common vulnerabilities from CWE, OWASP, STRIDE
  • Humans in the loop, social engineering, Vishing, Phishing, Malware, Spoofing
  • Selecting appropriate controls 

Week 3

  • Risk Assessment
  • Step by step guide to conducting a risk assessment
  • Cyber essentials Scheme 

Week 4

  • Tools and techniques for vulnerability assessment
  • Introduction to Rob the Data 

Week 5

  • Rob the Data 

Week 6 

  • Recap
  • How to communicate cyber risks to management
  • The role of incident planning
  • Resources


The Data Security (Technical) course is £1500 per person, inclusive of VAT.

For corporate packages, please see here.

How to Pay

You can pay by phone, email or Flywire, using the application form here.

Paying Online

  • To make a payment using this method, fill out the application form and select "Pay by Credit / Debit Card".
  • A 2% fee is charged for payment by credit card and we do not accept American Express. 
  • Fees paid by this method will be charged in British pounds sterling.

Paying by Phone

  • To make a payment using this method, fill out the application form and select "Pay by Phone". 
  • A 2% fee is charged for payment by credit card and we do not accept American Express. 
  • Fees paid by this method will be charged in British pounds sterling.

Pay by Email

  • To arrange a payment using this method, please contact us once you have received confirmation of your place. Contact your course advisor, agent, or email us on 


  • To make a payment using this method, fill out the application form and select "Pay by Flywire".
  • Best for international participants: accepting over 70 currencies via credit card, debit card, or bank transfer.

  • Simply visit and follow the instructions on the website. Please use the same email address that you used when you applied to the course.