Economics of Cybersecurity: Users and Attackers

Source: https://learningforlife.tudelft.nl/economics-of-cybersecurity-users-and-attackers/ Parent: https://learningforlife.tudelft.nl/our-courses/ai-data-computer-science/

Share webpage

Explain various security behaviors of individuals in a digital landscape.
Design policies and interventions that are based on a full understanding of technology users’ behavior.
Explain a variety of attack behaviors and types of cybercrimes.
Design policies and interventions that are based on a true understanding of attacker behavior and most recent cybercrime trends.

Start date Jan 20, 2027

€ 1.145,-

Type Course
Admission open until

The deadline to register for this course.

Jan 13, 2027 - Location Online - Pacing Instructor-paced - Length

For instructor paced courses this is the length of the course.

For self-paced courses this is the length of the course if you spend the amount of time per week as specified. You're free to go faster or slower as you see fit.

6 Weeks - Effort 4 - 6 Hours per week

Add to Cart

Group discounts

Subscribe to back in stock notification

Are humans the weakest link in cybersecurity? This course provides the latest insights into technology users and cybercriminals’ behavior, helping you design the best strategies to mitigate your most critical risks.

Staying ahead of evolving user behavior and cybercriminal tactics is essential for building robust cybersecurity defenses. Our online course delves into current attack trends and user behavior patterns, equipping you with the knowledge to strengthen your cybersecurity strategies.

The first part of the course explores the most recent user behavior through the lens of security economics. Many security breaches stem from individual actions, such as unpatched systems or falling victim to phishing, ransomware, data leaks etc. Organizational security depends heavily on user behavior. While it's often said that "humans are the weakest link", this perspective is both misleading and unproductive. Organizations often misunderstand why users fail to comply with security policies, overlooking personal costs like time and effort. Given competing demands, it’s understandable that users may occasionally disregard security advice. This section helps to understand the scope of user incentives and develop policies that support and empower home users to enhance their security.

The second part of the course shifts the focus to cybercriminals, incorporating the latest research on attacker economics andcybercrime market trends. It covers current organizational threats, the different categories of cybercriminals (including cryptojacking), how they operate, and how effective interventions are at disrupting criminal marketplaces. These insights will benefit professionals conducting risk assessments and threat analyses, as well as law enforcement agencies working on interventions against cybercriminals.

Designed with the new NIS2 directivein mind, this course is especially valuable for managers looking to meet compliance and enhance their cybersecurity governance. It is ideal for professionals in IT, security, risk assessment, threat analysis, and law and compliance enforcement.

This course provides the tools to create stronger internal and external organizational security policies and strategies to empower home users with practical insights to enhance their personal security. - Details

##### Course Syllabus

Week 1:\ In this week we will introduce the comprehensive human aspects of security and privacy within complex computer systems. \ Topics covered this week:

Introduction to user research
Analyzing users’ security behavior in organizations
Exploring security considerations for home users

Week 2:\ The focus of this week will be on broader aspects of human decision-making in the context of digital security and privacy.\ Topics covered this week:

Exploring the choices users make when interacting with security systems
Analyzing the different privacy considerations users are faced with

Week 3:\ This week we will conclude the section analyzing users by looking into the costs and interventions associated with cybersecurity and privacy at the user level.\ Topics covered this week:

Factors that influence security and privacy behaviors
Analysis of security and privacy interventions

Week 4:\ In this week we will introduce key concepts of cybercrime, examining the diverse range of offenders, their motivations, and the theoretical frameworks that explain their behaviors.\ Topics covered in this week:

Different types of criminal actors
Key theoretical approaches influencing cybercrime
Addressing the myth of cybercrime’s sophistication
Exploring the cybercrime markets

Week 5:\ This week we will focus on the evolving landscape of cybercrime by exploring its commoditization, resources and the services that drive this illicit industry.\ Topics covered in this week:

The concept of cybercrime as a service
Approaches to measuring threat
Measuring cybercrime infrastructure
The ethics of using stolen and scraped data

Week 6:\ In the final week we will investigate the different approaches used to combat cybercrime, focusing both on offender perspective as well as enforcement strategies.\ Topics covered this week:

Analysis of the methodologies used for interviewing cybercrime perpetrators
Law enforcement interventions
The Budapest convention
Investigation of the measures taken to prevent cybercrime
Qualifications

##### Certificates

If you successfully complete this course you will earn a professional education certificate and you are eligible to receive 2.5 Continuing Education Units (CEUs).

View sample certificate
Admission

This course is primarily geared towards working professionals.

##### Prerequisites:

Participants are encouraged to combine this course with the course “Economics of Cybersecurity: Foundations and Measurements” and “Economics of Cybersecurity: Business Strategies and Policy Interventions”. - Contact

If you have any questions about this course or the TU Delft online learning environment, please visit our Help & Support page.