Learning Outcomes

Within the scope of the M.Sc., students acquire advanced knowledge in the following core areas:

• Data protection principles and regulatory frameworks: Understanding of the fundamental concepts of privacy, the philosophical and legal foundations, the provisions of the General Data Protection Regulation (GDPR), and a comparative analysis with other international frameworks.
• Compliance and governance: Implementation of mechanisms for consent, establishment of legal bases for processing, fulfilment of record-keeping obligations, adoption of procedures in the event of breaches, definition of the roles and responsibilities of the Data Controller and the Data Protection Officer, assurance of accountability, and maintenance of preparedness for audits.
• Risk assessment and impact evaluation: Conducting risk and impact assessments, interpretation of assessment outcomes, and formulation of mitigation strategies.
• Privacy by design and privacy-enhancing technologies: Integration of data protection principles into system design and the application of techniques such as anonymization, differential privacy, and encryption.
• Analysis of technologies and ethical issues: Implications of artificial intelligence for data protection, including profiling, bias, lack of transparency, and appropriate institutional or ethical responses.
• Cybersecurity and risk management: Fundamental principles, applicable legislation and standards, security culture, role of management, and design and operation of information security management systems.
• Network and IoT security: Design of secure infrastructures, protection of communication protocols against threats, device security, conduct penetration testing and threat analysis.
• Digital well-being and human risk factors: Mitigation of technostress and occupational burnout, prevention of cyberbullying, risks of algorithmic manipulation, effects of social networks.
• Security testing and ethical penetration of systems: Open-source intelligence gathering, network reconnaissance, attacks against services for testing purposes, social engineering exercises, penetration testing, and vulnerability assessment.
• Security operations centers and incident management: SOC organization and operation, threat detection, development of detection rules, containment and recovery procedures, threat hunting, and preparation of technical reports.
• Specialized security applications: Protection of autonomous vehicles, industrial installations, and critical infrastructure.
• Advanced protection technologies: Active cyber defense, threat intelligence, digital twins, distributed ledger technologies, artificial intelligence, and machine learning.
• Cyber policy and international relations: Impact of cyber operations on national security, democratic institutions, international diplomacy, and global governance.
• Cyber resilience and emerging threats: Adaptation to new technologies, including quantum computing, and strengthening trust in contemporary digital environments.