PC1: Introduction and Fundamentals of Modern Cryptography
PC2: Mechanisms and Algorithms of Symmetric Cryptography
PC3: Mechanisms and Algorithms of Asymmetric Cryptography
PC4: Cryptographic Applications and Protocols
PC5: Cryptographic Vulnerabilities and Countermeasures
PC6: Advanced Cryptography Topics
PC7: Applications of Cryptography for Cyber Resilience
PC8: Case Studies and Practical Applications

Periodic assessment:
Completion of 2 mini-assessment tests throughout the semester, each with a minimum score of 8, each counting 15% towards the final grade. Completion of 4 laboratories, each of which will count for 10% of the final grade. Carrying out a final collaborative project (in group) with a final presentation. The project will have a total weighting of 30%, whereas the presentation will have a weighting of 10%.

Assessment by exam (1st Season, 2nd Season):
Face-to-face exam (100% of the final grade)

Mandatory

Paar C., Pelzl J., Preneel B., Understanding Cryptography: A Textbook for Students and Practitioners, 2014, Springer. ISBN: 978-3642446498.
Tilborg H., Jajodia S., Encyclopedia of Cryptography and Security, 2011, Springer. ISBN: 978-1441959058.
Aumasson J., Serious Cryptography: A Practical Introduction to Modern Encryption, 2017, No Starch Press. ISBN: 978-1593278267.
Bertaccini M., Cryptography Algorithms: A guide to algorithms in blockchain, quantum cryptography, zero-knowledge protocols, and homomorphic encryption, 2022, Packt Publishing. ISBN: 978-1789617139
Stallings W., Cryptography and Network Security - Principles and Practice, 2022, Pearson. ISBN: 978-0-13-670722-6.
Stinson D. R., Paterson M., Cryptography: Theory and Practice, 2019, Chapman and Hall/CRC. ISBN: 978-1138197015.

Optional

Nielson S. J., Monson C., Practical Cryptography in Python: Learning Correct Cryptography by Example, 2019, ISBN: 978-1484248997
Bray S., Implementing Cryptography Using Python, 2020, Wiley. ISBN: 978-1119612209.

PC1: Principles of Cybersecurity Risk Management and Resilience
PC2: Risk Identification and Assessment
PC3: Risk Analysis and Mitigation Strategies
PC4: Security Controls and Countermeasures
PC5: Security Governance and Compliance
PC6: Supply Chain Risk Management
PC7: Risk Monitoring and Communication
PC8: Emerging Trends and Future Challenges in Risk Management
PC9: Risk Management Plan and Case Studies

The UC Cyber-risk Management for Resilience will adopt as core teaching and learning methodology Task-Based Learning, combined with Project-Based Learning and Problem-Based Learning. Gamification will be used as a strategy for student motivation and engagement. This pedagogical approach is articulated with the ISCTE pedagogical model because the student is considered an active agent in his learning process, knowledge is worked as a tool for the construction and development of more knowledge and is applied in various contexts.

Mandatory

Wheeler, E., Security Risk Management: Building an Information Security Risk Management Program from the Ground Up, 2011, (1st edition). Syngress
Talabis, M., & Martin, J., Information Security Risk Assessment Toolkit: Practical Assessments through Data Collection and Data Analysis, 2012, (1st edition). Syngress
Freund, J., & Jones, J., Measuring and Managing Information Risk: A FAIR Approach, 2014, (1st edition). Butterworth-Heinemann.
Calder, A., & Watkins, S., IT Governance: An International Guide to Data Security and ISO 27001/ISO 27002, 2019, (7th edition). Kogan Page
Brumfield, C., Cybersecurity Risk Management: Mastering the Fundamentals Using the NIST Cybersecurity Framework, 2021, (1st edition). Wiley.

Optional

PC1: Introduction to Cybersecurity and Cyber Resilience
PC2: Cybersecurity Frameworks and Standards
PC3: Regulatory and Legislative Framework for Cybersecurity
PC4: Concepts of Cybersecurity and Cyber-resilience Management
PC5: Strategic Alignment of Cybersecurity with Organisational Strategy
PC6: Cybersecurity Governance, Policies and Risk Management
PC7: Cybersecurity Metrics and Performance Management
PC8: Emerging Trends and Future Directions

In the first week of the academic year, the student indicates whether he/she wants to be assessed in Season 1, in the periodic assessment modality or by exam.

Periodic assessment (only available in Season 1):
A series of mini-tests will be held throughout the semester, each with a minimum grade of 8, which will account for 50% of the final grade. A final project will be presented, which will account for 50% of the final grade.

Assessment by exam (Season 1 in case of student's choice, Season 2 and Special Season):
Face-to-face exam (100% of the final grade)

Mandatory

Wong, C., Security Metrics, a Beginner’s Guide, 2011, (1st edition). McGraw Hill
Wens, C. van der., ISO 27001 Handbook: Implementing and auditing an Information Security Management System in small and medium-sized businesses, 2019, Independently published
Trim, D. P., & Lee, D. Y.-I., Cyber Security Management: A Governance, Risk and Compliance Framework, 2014, (1st edition). Gower
Siegel, C. A., & Sweeney, M., Cyber Strategy: Risk-Driven Security and Resiliency, 2020, (1st edition). Auerbach Publications
Petrenko, S., Cyber Resilience, 2022, (1st edition). River Publishers
Hodson, C. J., Cyber Risk Management: Prioritize Threats, Identify Vulnerabilities and Apply Controls, 2019, (1st edition). Kogan Page
Calder, A., NIST Cybersecurity Framework: A pocket guide, 2018, ITGP
Brumfield, C., Cybersecurity Risk Management: Mastering the Fundamentals Using the NIST Cybersecurity Framework, 2021, (1st edition). Wiley

Optional

PC1: Introduction to Security Architectures
PC2: Traditional Security Models
PC3: Zero-Trust Principles
PC4: Implementing Zero-Trust Models
PC5: Zero-Trust and Cloud Security
PC6: Zero-Trust and Endpoint Security
PC7: Zero-Trust and Identity and Access Management (IAM)
PC8: Zero-Trust and Data Security
PC9: Zero-Trust and Incident Response
PC10: Zero-Trust Implementation Challenges and Future Trends

Periodic assessment:
Completion of two assessment tests throughout the semester, each with a minimum score of 8 points, counting 30% towards the final grade. Completion of individual and collaborative activities proposed throughout the semester, counting 30% towards the final grade. Carrying out a final collaborative project (in group) with a final presentation. The project will have a total weight of 40%, whereas the presentation will have a weight of 10%.

Assessment by exam (1st Season, 2nd Season):
Face-to-face exam (100% of the final grade)

Mandatory

Sherwood, N., Enterprise Security Architecture: A Business-Driven Approach, 2021, (1st edition). CRC Press.
Moyle, E., & Kelley, D., Practical Cybersecurity Architecture: A guide to creating and implementing robust designs for cybersecurity architects., 2020, Packt Publishing.
King, C., Osmanoglu, E., & Dalton, C., Security Architecture: Design, Deployment and Operations, 2001, (First Edition). McGraw-Hill Osborne Media.
Green-Ortiz, C., Fowler, B., Houck, D., Hensel, H., Lloyd, P., McDonald, A., & Frazier, J., Zero Trust Architecture, 2023, (1st edition). Cisco Press.
Finney, G., & Kindervag, J., Project Zero Trust: A Story about a Strategy for Aligning Security and the Business, 2022, (1st edition). Wiley.
Das, R., The Zero Trust Framework, 2023, (1st edition). CRC Press.

Optional

Ijlal, T., Zero Trust Security for Beginners: A no-fluff guide to implementing Zero Trust architecture using NIST, 2023, Independently published.
Gilman, E., & Barth, D., Zero Trust Networks: Building Secure Systems in Untrusted Networks, 2017, (1st edition). O’Reilly Media.

PC1: Information Systems and Communication Networks Infrastructures.
PC2: Network Security Technologies.
PC3: Distributed Systems Security.
PC4: Industrial Control Systems (ICS).
PC5: Security of Operating Systems, Cloud and Virtualized.
PC6: Security of Internet of Things (IoT) Systems
PC7: New Trends for Infrastructure and Network Security

Periodic assessment:
Completion of several mini-assessment tests throughout the semester, counting a total of 30% for the final assessment - each mini-test has a minimum grade of 8. Realisation of a set of proposed practical group activities (laboratories), which count for 40% for the final assessment. Realisation of a final collaborative project (in group) with final presentation. The project will have a total weighting of 30%, where the presentation will have a weighting of 10%.

Assessment by exam (1st Season, 2nd Season):
Face-to-face exam (100% of the final grade)

Mandatory

Josyula, V., Orr, M., Page, G., Cloud Computing: Automating the Virtualized Data Center, 2012, Cisco Press
Smith, J., Nair, R., The Architecture of Virtual Machines, 2005, IEEE
“Elasticity in Cloud Computing: What It Is, and What It Is Not”, in Proceedings of the 10th International Conference on Autonomic Computing (ICAC 2013), San Jose, June 24–28
Buyya, R., Broberg, J, Goscinski, A., Cloud Computing Principles and Paradigms, 2011, Wiley & Sons, 2011
Prentice-Hall, Cloud Computing: Concepts, Technology & Architecture, 2014, Earl, T., Puttini, R., Mahmood, Z.
Hwang, K., Fox, G., and Dongarra, J., Distributed and Cloud Computing (From Parallel Processing to the Internet of Things), 2011, Elsevier

Optional

PC1. Psychology of human behavior and cybersecurity
Technology, people, and security
Beliefs, attitudes, and behaviors
Importance of the human factor
Vulnerabilities and threats
PC2. Cyberattacks
Psychological profiles of hackers and cybercriminals
Security policies in organizations
Safe use of social networks and digital media
PC3. Social Engineering and Psychological Manipulation Techniques
Social engineering techniques
Recognition and response to manipulation attempts (phishing, spear-phishing, etc.)
Behavioral psychology in social engineering
PC4. Human error and awareness campaigns
Types of human error and mitigation measures
Psychological aspects in responding to cybersecurity incidents
Role of leadership in cybersecurity
Awareness campaigns
PC5. Future trends and challenges
Challenges in cybersecurity and the human factor
Ethical issues related to human-centric cybersecurity
Innovative approaches to improving awareness and cyber resilience

Periodic Assessment (only available in 1st Season):
Analysis of 2 case studies throughout the semester: one individual and one in group. Each case study analysis (to be developed with a predefined structure by the instructor) and its respective discussion carry a weight of 35% towards the final grade, with a minimum grade of 8 points. The average grade of the two case study analyses must be equal to or greater than 9.5 points.
Completion of 2 mini-assessment tests throughout the semester, each with a minimum grade of 8 points. Each test contributes 15% towards the final grade.
Assessment by exam (1st Season, 2nd Season): Face-to-face exam (100% of the final grade)

Mandatory

Gheorghe A., Katina P., Gamification for Resilience: Resilient Informed Decision Making, 2023, Wiley. ISBN: 978-1394157747
Advances in Human Factors in Cybersecurity. Proceedings of the AHFE 2016 International Conference on Human Factors in Cybersecurity, July 27-31. Florida: Springer.
Hadnagy C., Social Engineering: The Science of Human Hacking, 2018, Wiley ISBN: 978-1119433385
Hallas B., Re-Thinking The Human Factor: A Philosophical Approach to Information Security Awareness Behaviour and Culture., 2018, Hallas Institute. ISBN: 978-1999695514
Leukfeldt, R. & Holt, T. J., The Human Factor of Cybercrime, 2019, NY: Routledge
Blokdyk G., Cybersecurity Awareness A Complete Guide. The Art of Service - Cybersecurity Awareness Publishing., 2023, ISBN: 978-1038801517
Gaspar de Matos, M. & Ferreira, M., Nascidos Digitais: Novas Linguagens, Lazer e Dependências., 2013, Lisboa: Coisas de Ler.

Optional

Lobato Miranda, G., Psicologia dos Comportamentos Online, 2015, Lisboa: Relógio de Água
Patrão, I. & Leal, I., Intervenção em Ciberpsicologia, 2019, Lisboa: Pactor

PC1: Introduction to Cybersecurity Threats and Incidents
PC2: Collection and Analysis of Threat Intelligence
PC3: Threat Hunting and Detection
PC4: Incident Response Planning
PC5: Incident Detection and Monitoring
PC6: Incident Handling and Containment
PC7: Resilience and Recovery
PC8: Ethical and Legal Aspects of Cybersecurity Incidents
PC9: Incident Response Team Collaboration
PC10: Case Studies and Real-World Scenarios

Periodic assessment:
Completion of 2 mini-assessment tests throughout the semester, each with a minimum score of 8, each counting 15% towards the final grade. Completion of 4 group laboratories, each of which will count for 10% of the final grade. Carry out a final collaborative project (in group) with a final presentation. The project will have a total weighting of 30%, whereas the presentation will have a weighting of 10%.

Assessment by exam (1st Season, 2nd Season):
Face-to-face exam (100% of the final grade)

Mandatory

Wilhoit, K., & Opacki, J., Operationalizing Threat Intelligence: A guide to developing and operationalizing cyber threat intelligence programs, 2022, Packt Publishing
Martinez, R., Incident Response with Threat Intelligence: Practical insights into developing an incident response capability through intelligence-based threat hunting, 2022, Packt Publishing
Johansen, G., Digital Forensics and Incident Response: Incident response tools and techniques for effective cyber threat response, 3rd Edition (3rd ed. edition), 2022, Packt Publishing
Dahj, J. N. M., Mastering Cyber Intelligence: Gain comprehensive knowledge and skills to conduct threat intelligence for effective system defense, 2022, Packt Publishing
Costa-Gazcon, V., Practical Threat Intelligence and Data-Driven Threat Hunting: A hands-on guide to threat hunting with the ATT&CK™ Framework and open source tools, 2021, Packt Publishing

Optional

Roccia, T., Visual Threat Intelligence: An Illustrated Guide For Threat Researchers, 2023, Independently published
Roberts, A., Cyber Threat Intelligence: The No-Nonsense Guide for CISOs and Security Managers, 2021, (1st ed. edition). Apress
Johansen, G., Digital Forensics and Incident Response: Incident response techniques and procedures to respond to modern cyber threats, 2020, 2nd Edition, Packt Publishing
(A. Dehghantanha, M. Conti, & T. Dargahi, Eds.; 1st ed. 2018 edition), Cyber Threat Intelligence, 2018, Springer
Altheide, C., & Carvey, H., Digital Forensics with Open Source Tools, 2011, (1st edition). Syngress

PC1: Introduction to Software and Application Security
PC2: Software Development Processes and Security
PC3: Security of Web Applications
PC4: Security of Mobile Applications
PC5: Security of Cloud Applications
PC6: Security of Enterprise Applications
PC7: Software Security Testing and Assessment
PC8: Secure and Resilient Software Maintenance and Patch Management
PC9: Incident Response and Recovery in Software and Applications
PC10: Secure and Resilient Software Development Lifecycle

The Software and Applications Security and Resilience CU will adopt as core teaching and learning methodology Problem-Based Learning combined with Project-Based Learning. Gamification will be used as a strategy for student motivation and engagement. This pedagogical approach is articulated with the ISCTE pedagogical model because the student is considered an active agent in his learning process, knowledge is worked as a tool for the construction and development of more knowledge and is applied in various contexts.

Mandatory

Markow M. (2023), Secure, Resilient, and Agile Software Development, 2023, Auerbach Publications. ISBN: 978-1032475011
Schagaev, I., Zouev, E., & Thomas, K. (2019), Software Design for Resilient Computer Systems, 2019, (2nd edition). Springer
(1st edition). Addison-Wesley Professional, Cyber Security Engineering: A Practical Approach for Systems and Software Assurance, 2016, Mead, N. R., & Woody, C. (2016)
(1st edition). Addison-Wesley Professional, Software Security: Building Security In, 2006, McGraw, G. (2006)
Kohnfelder, L., Designing Secure Software: A Guide for Developers, 2021, No Starch Press
Howard, M., LeBlanc, D., & Viega, J., 24 Deadly Sins of Software Security: Programming Flaws and How to Fix Them, 2009, (1st edition). McGraw Hill
Hoffman, A., Web Application Security: Exploitation and Countermeasures for Modern Web Applications, 2020, (1st edition). O’Reilly Media
Harwood, M., & Price, R., Internet and Web Application Security, 2022, (3rd edition). Jones & Bartlett Learning

Optional

Hughes C., Turner T., Springett S., Friedman A., Software Transparency: Supply Chain Security in an Era of a Software-Driven Society, 2023, Wiley. ISBN: 978-1394158485
Shortridge K., Rinehart A., Security Chaos Engineering: Sustaining Resilience in Software and Systems, 2023, O'Reilly Media. ISBN: 978-1098113827
Stuttard, D., & Pinto, M., The Web Application Hacker’s Handbook: Finding and Exploiting Security Flaws, 2011, (2nd edition). Wiley
Wyk, K. R. V., Graff, M. G., Peters, D. S., & Ph.D, D. L. B., Enterprise Software Security: A Confluence of Disciplines, 2014, (1st edition). AddisonWesley Professional
Merkow, M. S., & Raghavan, L., Secure and Resilient Software: Requirements, Test Cases, and Testing Methods, 2012, (1st edition). Auerbach Publications

PC1: Introduction to Systems Security Verification and Validation
PC2: Security Assessment Methodologies
PC3: System Auditing
PC4: Penetration Testing Fundamentals
PC5: Penetration Testing Methodologies
PC6: Wired and Wireless Networks Security Testing
PC7: Web and Mobile Applications Security Testing
PC8: Reporting and Remediation

Periodic assessment:
Completion of several mini-assessment tests throughout the semester, counting a total of 30% for the final assessment - each mini-test has a minimum grade of 8. Realisation of a set of proposed practical group activities (laboratories), which count for 40% for the final assessment. Realisation of a final collaborative project (in group) with final presentation. The project will have a total weighting of 30%, where the presentation will have a weighting of 10%.

Assessment by exam (1st Season, 2nd Season):
Face-to-face exam (100% of the final grade)

Mandatory

Weidman, G., Penetration Testing: A Hands-On Introduction to Hacking, 2014, (1st edition). No Starch Press
Sharma, H., & Singh, H., Hands-On Red Team Tactics: A practical guide to mastering Red Team operations, 2018, Packt Publishing
Sehgal, K., & Thymianis, N., Cybersecurity Blue Team Strategies: Uncover the secrets of blue teams to combat cyber threats in your organization, 2023, Packt Publishing
Rehberger, J., Cybersecurity Attacks – Red Team Strategies: A practical guide to building a penetration testing program having homefield advantage, 2020, Packt Publishing
Oriyano, S.-P., Penetration Testing Essentials, 2016, (1st edition). Sybex
Engebretson, P., The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy, 2013, (2nd edition). Syngress
Diogenes, Y., & Ozkaya, D. E., Cybersecurity - Attack and Defense Strategies: Infrastructure security with Red Team and Blue Team tactics, 2018, Packt Publishing

Optional

II, W. E., Penetration Testing Fundamentals: A Hands-On Guide to Reliable Security Audits, 2018, (1st edition). Pearson IT Certification
Tanner, N. H., Cybersecurity Blue Team Toolkit, 2019, (1st edition). Wiley
GSE, D. M., Blue Team Handbook: Incident Response Edition: A condensed field guide for the Cyber Security Incident Responder. (Incident Response ed. edition), 2014, CreateSpace Independent Publishing Platform
Don Murdoch, G. #99, Blue Team Handbook: SOC, SIEM, and Threat Hunting (V1.02): A Condensed Guide for the Security Operations Team and Threat Hunter, 2019, Independently published

The work program starts from a topic raised by the student's intellectual interest, a topic that will be addressed according to a customized program of work to be agreed upon with the possible supervisors. Notwithstanding this, the work to be done must materialize in a document with:
1. The formulation of a question or a problem, theoretically capable of having an appropriate response through the mobilization of scientific research methodology.
2. A review of the theoretical issues underlying the question above, obtained through research, analysis and critical interpretation of the latest internationally accepted scientific literature.
3. In coordination with the earlier theoretical balance, the dissertation must contain an exercise (theoretical and/or empirical) that complements an innovative way to approach the topic under investigation.
4. Finally, the dissertation must contain a conclusive synthesis answering the research starting point, as well as suggestions for further research

The evaluation of the CU process will be through the public discussion of the dissertation presented by the student, conducted by a panel.
The final rating (0 to 20) will be assigned by the panel, given the academic quality of written work presented (especially the relevance, originality and consistency of theoretical and methodological shown), as well as the student's performance during the presentation and discussion of the text.

Mandatory

Optional

A practical guide to dissertation and thesis writing
How to write a better thesis

1. Steps and processes for designing a research project.
Structure and goals of the research project.
Development stages of a research project.
Norms for the elaboration of a research project.
2. Outlining the methodological strategy:
What is the methodological strategy: the link between conceptual and operationalization stages
Main methodological options: quantitative and qualitative
Research design
Planning data analysis
Ethical Issues in Cybersecurity and Resiliency research
3: Analysing and presenting results
Data analysis
Discussion and conclusions
Norms for scientific writing
References and appendices
4: Preparing the public defense of the Applied Project

The Applied Project should be defended in public, where the following components will be evaluated: a) technical component; b) written format and c) oral presentation and arguments.
Evaluation Criteria:
a. technical component (30%)
b. formal written component and presentation (20%)
c. public presentation and defense (20%)
d. process (evaluated by supervisor) (30%)

Mandatory

Optional

"PC1:Scientific research and its main methods
PC2:Cross-cutting ethical principles and debates
PC3:Presentations of themes and thesis proposals by Professors, Researchers and Companies
PC4:Research problem, questions and hypotheses
PC5:Methodologies and tools for systematic literature review and bibliometric analysis
PC6:Research design methodologies
PC7:Scientific paper writing and scientific presentation
PC8:Individual presentations of the methodological component of the thesis projects"

"The evaluation includes the following moments, in continuous evaluation modality:
- Participation (10%)
- Presentation and discussion of the thesis proposal and methodological research strategy designed for the research project in the Master's area (20%, individual presentation).
- Presentation of an article from the literature selected by the student, within the topic of the thesis (20%, individual presentation)
- Written work with the thesis proposal, the description of the methodological strategy to be adopted in the master's project (50%, individual work), with a structure pre-defined by the teacher.
The assessment of this CU does not include the final written exam."

Mandatory

The PRISMA Group. Preferred reporting items for systematic reviews and meta-analyses: The PRISMA statement. PLoS Med. 2009, 6, e1000097
Christopher Turk; John Kirkman, Effective Writing: Improving Scientific, Technical, and Business Communication, 1989, E & FN Spon
Dodig, G., Theory of Science, 2003, Maelardaen University Sweden
Jackson, S.L., Research Methods, a modular approach, 2008, Wadsworth, 2008
Dawson, C., Introduction to Research Methods, 2009, 4th Ed., Howtobooks, 2009, ISBN 978-1-84528-367-4
Kumar, R., Research Methodology, 2014, 4th Ed., SAGE, 2011, ISBN 978-1-84920-301-2

Optional

Ivan Valiela, Doing Science: Design, Analysis, and Communication of Scientific Research, 2001, Oxford University Press. New York
Bucchi, M. & Trench, B. (Eds.), Handbook of Public Communication on Science and Technology, 2008, London: Routledge
Doing a Successful Research Project: Using Qualitative or Quantitative Methods
Brown, T, Change by Design: How Design Thinking Transforms Organizations and Inspires Innovation, 2009, HarperCollins, 2009, ISBN-13: 978-0062856623
Lewrick, M, Link, P., Leifer, L., The Design Thinking Toolbox, Wiley, 2020, ISBN 9781119629191

"PC1: Introduction to Resilience and Business Continuity
PC2: Business Impact Analysis
PC3: Threats to Business Continuity
PC4: Preventive Measures for Business Continuity
PC5: Business Continuity Technologies and Solutions
PC6: Testing and Exercising Business Continuity Plans
PC7: Cybersecurity Disaster Response Strategies
PC8: Cybersecurity Disaster Recovery Strategies
PC9: Crisis Management and Communication
PC10: Resilience Assessment and Continuous Improvement"

"Periodic assessment:
Completion of 1 final assessment test of the semester, with a minimum score of 8, counting 40% towards the final grade. Completion of 4 group laboratories, each of which will count for 10% of the final grade. Completion of a final collaborative (group) project carried out in stages throughout the semester. The project will have a total weighting of 60%, whereas the presentation will have a weighting of 10%.

Assessment by exam (1st Season, 2nd Season):
Face-to-face exam (100% of the final grade) "

Mandatory

Whitman, M. E., & Mattord, H. J., Principles of Incident Response & Disaster Recovery, 2021, (3rd edition). Cengage Learning
Snedaker, S., Business Continuity and Disaster Recovery Planning for IT Professionals, 2013, (2nd edition). Syngress
Phillips, B. D., & Landahl, M., Business Continuity Planning: Increasing Workplace Resilience to Disasters, 2020, (1st edition). Butterworth-Heinemann
Business Impact Analysis: Building the Foundation for a Strong Business Continuity Program.
Engemann, K. J., & Henderson, D. M., Business Continuity and Risk Management: Essentials of Organizational Resilience, 2014, (1st edition). Rothstein Publishing
Crask, J., Business Continuity Management: A Practical Guide to Organizational Resilience and ISO 22301, 2021, (1st edition). Kogan Page
A practical approach to Business Impact Analysis: Understanding the Organisation through Business Continuity Management.

Optional