Key information
Next application deadline: September 25, 2026
Next course starts: October 5, 2026
Format: Fully online, asynchronous and synchronous
Course duration: 12 months
Language: English
EQF Level: TBC
Delivered by: TBC
Awarding Institution: TBC
Certification: 5 ECTS (~125 hours of study workload, including course activities and self-directed learning)
Fees: 350
Module Information
This module equips learners with the knowledge, skills, and competencies to bridge the gap between technology and human behaviour.
Key Details
Effective cybersecurity is not just about technology – it’s about communication. This module equips learners with the knowledge, skills, and competencies to bridge the gap between technology and human behaviour.
Integrating insights from psychology, communication theory, design, and cybersecurity, students learn to translate complex security concepts for diverse audiences, while countering manipulation tactics used by attackers. The course covers communication frameworks, cognitive biases, design methodologies, and stakeholder engagement techniques, alongside case studies on phishing, social engineering, and crisis response. Participants refine their ability to craft clear and actionable security messages using approaches such as legal design thinking, multimodal communication, and real-time security monitoring.
Hands-on exercises include presenting cybersecurity strategies to executives, honing both presentation skills and the ability to argue effectively in complex leadership and management debates. Advanced techniques such as motivational interviewing, cognitive reframing and design thinking help participants not only convey their messages effectively, but also extract key insights from stakeholders to improve security practices.
Additionally, the course explores how communication strategies can drive cybersecurity innovation in an organization, and participants examine the role of design in fostering cybersecurity awareness.
By the end of the module, participants will be able to design impactful cybersecurity communication, combat misinformation, and cultivate a security-conscious culture within and beyond their organizations.
Approximate Total workload: 125 hours
Contact hours / Directed e-Learning Activities: 24 hours
Project Work: 48 hours
Private study including examination preparation: 53 hours
Grading Breakdown:
40% Weekly Submissions: Hands-on exercises that apply key concepts from the weekly topics.
60% Proctored Examination: A comprehensive evaluation consisting of:
30% Written Examination: Covering core topics from all input weeks, testing knowledge and application.
30% Communication Design: A detailed communication strategy and design for a cybersecurity business case, chosen by the participant, developed in partnership with an organization that verifies the student’s identity.
Reassessment Strategy: The reassessment for this module will be designed to evaluate all Learning Outcomes, ensuring that students can demonstrate a thorough understanding and application of the course material.
Apply nowSubjects covered
Week 1: Getting Started
• Overview: This week is dedicated to familiarising participants with the course structure and facilitating a smooth start to the course.
• Module Information: Weekly topics, learning outcomes, assessments, their timing and grading weight, and the schedule of live sessions with the lecturer.
• Introduction to:
o The lecturer
o Design Thinking and Innovation
o The course design centred around the participant’s real-life communication project
• How to Benefit Most from the Course and What to Expect:
o Designed for Flexibility: How to choose the learning materials that best suit your needs
o Designed for Passion: How to choose a project that matters to you
o Designed for Collaboration: How to connect within and beyond the module
Week 2: Introduction to Implication Design
• Overview: Communication in cybersecurity goes beyond just text messages. This week explores the broad scope of cybersecurity communication, emphasizing the crucial role that communication design plays in crafting effective messages.
• Definitions of Communication and Design
• Communication Media: Language, visuals, sounds, smells, tastes, and much more
• Implication Design Concept: Using design elements to raise awareness and foster intuitive user behaviour that is security-aware.
• Case Studies:
o Eyecam and its implications on privacy perception.
o Alias for enhanced control over smart assistants.
• Ethics in Cybersecurity Communication: Prioritising security empowerment rather than manipulation, fostering trust, responsible behaviour, and compliance through understanding.
Week 3: Anticipation & Implication Design Workshop
• Overview: Building on the previous introduction to implication design, this week introduces tools for anticipating future risks and benefits in cybersecurity. Focus is placed on proactive approaches to risk mitigation through implication design.
• Anticipation Tools
o Needs-Based Outcome Assessment (NOA)
o Tarot Cards of Tech (TCT)
• Workshop: Using forecasting tools (TCT, NOA) to identify likely cybersecurity pitfalls in an organisation and create pro-active redesigns using implication design methods.
Week 4: Communication Frameworks
• Overview: Why communication is crucial in cybersecurity leadership.
• Case Example: Colonial Pipeline Cyberattack
• Stakeholder Mapping & Persona Method: Identifying different cybersecurity audiences (including executives, IT teams, employees, regulators, customers, business partners).
• Communication Models and their Application in Cybersecurity Communications: Shannon & Weaver’s Transmission Model, Schulz von Thun’s Quadrat-Modell, Grice’s Maxims of Communication, McKim’s Perceive-Imagine-Express Model and Internal vs. External Communication, Reeves’ & Nass’s Media Equation, Rogers’ Protection Motivation Theory, Watzlawick’s Pragmatics of Communication.
• Hands-On: Stakeholder-specific communication exercises using different models.
Week 5: Malicious Cybersecurity Communication
• Overview: How attackers use communication maliciously to exploit human psychology and system vulnerabilities.
• Communication Barriers & Cognitive Biases: Why and when people ignore security risks; strategies for raising awareness and prompting action.
• Identifying Malicious Communication Techniques that Exploit Human Biases: Authority Bias, Bandwagon Effect, Scarcity & Urgency Bias, Reciprocity & Freebie Bias, Cognitive Load / Decision Fatigue, Default / Status Quo Bias, Overconfidence Bias, Dunning-Kruger Effect, Consistency Bias, Availability Heuristic, Halo Effect, Unfinished Task Bias.
• Bias and Risk even without Attackers: Searching under the Street Lamp.
• Hands-On: Analysing phishing attempts and crafting organizational counter-strategies.
Week 6: Media in Cybersecurity Communication
• Overview: This week explores opportunities for cybersecurity communication through designs across diverse media – beyond conventional, language-based cybersecurity messaging.
• Multimodal Design:
o Media Framework
o Data Displays across Different Media
o Non-linguistic Cybersecurity Communication – examples from large to small: organisational architecture and lunch design for enhanced cybersecurity
o Artistic and Functional Displays
o Sonification: Using sound to signal real-time cybersecurity states and anomalies.
• Hands-On: Design cybersecurity communication beyond language, such as a cybersecurity monitoring studio as an ambient room, embodied team exercises, or cybersecurity messaging through cakes and cookies.
Week 7: Advanced Communication for Cybersecurity Professionals
• Overview: Cybersecurity leaders need to communicate with impact – especially when facing skepticism or resistance. This week focuses on persuasive, psychologically attuned strategies for engaging executives and employees alike.
• Psychological Techniques:
o Validation: Acknowledge concerns (cost, friction) to reduce defensiveness.
o Motivational Interviewing: Use open-ended questions and reflective listening to foster change.
o Cognitive Reframing: Shift security from a burden to a value-add.
o Storytelling & Narrative Framing: Make cybersecurity relatable and identity-driven.
o Improvisation: Master the spontaneity of live interaction.
• Hands-On: Practise interactions using validation, reframing, and conflict de-escalation techniques; recognise (dys)functional interaction dynamics and learn how to get unstuck in challenging conversations.
Week 8–10: Design Thinking and Innovation
• Overview: Creative problem solving involves two phases: (1) exploring the problem space and (2) exploring the solution space. The first focuses on identifying key problems and defining criteria for good solutions; the second on generating and evaluating solutions. Innovation thrives on broad exploration of both spaces, selecting excellent options in each rather than settling for the first ideas that come to mind.
• Key Concepts & Frameworks:
o Creativity and Innovation: The Problem-Solving Process
o Double Diamond Model
o Problem and Solution Space
o Problem Reframing Canvas
• Hands-On: This section of the course transitions to the participant’s own Communication Design Project. Design thinking provides structure and facilitates reflection throughout the participant’s individual communication design journey. The goal is not merely to apply methods from the course or produce professionally refined yet conventional communication artefacts, but something more ambitious: to develop communication solutions that are original and more effective than conventional approaches within the respective domain.
Week 11-12: Project and Exam
Overview: This final phase focuses on consolidating the key concepts introduced throughout the course. Participants will submit a final Communication Design Project based on a self-chosen real-world case. In addition, a final examination assesses participants’ understanding of the key topics covered throughout the course and their ability to apply them.
Learning objectives
LO1: Specialized Knowledge in Cybersecurity Communication:
Demonstrate well-developed knowledge of communication theories, frameworks, and design techniques to effectively address cybersecurity challenges and enhance stakeholder engagement.
LO2: Designing Advanced Communication Strategies:
Develop and implement advanced communication strategies that bridge the gap between technical cybersecurity concepts and human behaviour.
LO3: Critical Analysis of, and Response to, Cybersecurity Communication Barriers: Critically evaluate the reasons for cybersecurity reluctance in an organization; analyse psychological tactics used by cyber attackers to manipulate behaviour; devise organizational counter-strategies to strengthen cybersecurity resilience.
LO4: Strategic Leadership in Cybersecurity Communication:
Demonstrate leadership and manage organizational cybersecurity communication, prioritizing critical messages, aligning with business objectives, and developing strategies to engage employees, executives, and external stakeholders.
LO5: Innovation in Cybersecurity Communication:
Develop novel cybersecurity communication solutions by identifying needs and opportunities at the intersection of technology and psychology; explore a broad range of possibilities, including innovative approaches such as implication design methods and multimodal cybersecurity data displays.
LO6: Communication for Cybersecurity Innovation
Leverage communication strategies, such as those from design thinking, to facilitate and drive cybersecurity innovation within organizations; support the community in understanding security challenges and developing effective solutions through clear, strategic, and collaborative communication.
Module leaders
Radu Marin is an Assistant Professor at the National University of Science and Technology POLITEHNICA Bucharest, within the Computer Science and Engineering Department. Having earned his PhD in 2021 with his thesis on opportunistic computing, Radu’s research interests are centered around mobile computing, mobile security, decentralized systems and designing secure decentralized applications. Recently, he has shifted his focus towards the utilization of AI in cybersecurity, as well as in fighting against disinformation. Passionate about teaching, mentoring and coaching, Radu has been actively involved in guiding both students in starting their tech careers, and engineers throughout their career paths. In addition to his research, Radu also contributes to extracurricular activities, such as summer schools and hackathons, centered around modern and secure mobile application development, the integration of AI into mobile systems, clean coding principles and defensive programming.
Apply nowMaking Europe cyber-aware
Our digital world is under constant attack. Master the advanced skills to defend critical data and infrastructure. Become a sought-after expert in one of today’s most vital and in-demand career fields.
Download prospectusFAQs
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.