Foundations of Data Management and Cybersecurity

The cluster aims to provide students with foundational knowledge to understand how data and information are organized, stored, queried, and managed in digital systems, with particular reference to databases and to key aspects of the information lifecycle (data quality, integrity, availability).
In parallel, the cluster introduces the fundamentals of defensive cybersecurity, addressing common threats and vulnerabilities as well as core protection, detection, and response principles. The pathway also includes essential notions of the ethical, legal, and criminal-law framework related to data, security, and artificial intelligence, with the goal of fostering awareness of professional responsibilities and the impact of technological choices.
The cluster is organized into the modules Database, Defensive Security, and Legal and Ethical Aspects of AI and Security, designed in a coherent and coordinated manner. The modules jointly contribute to the intended learning outcomes by integrating data management, risk-aware protection principles, and responsibility/compliance aspects, supporting informed choices in introductory application scenarios.

Knowledge and understanding
At the end of the cluster, the student acquires foundational knowledge of databases, defensive security, and the ethical-legal framework, which is necessary to understand the role of data in digital systems and the main security and responsibility implications.
In particular, the student is able to:
· describe fundamental concepts of databases and database management systems (models, schemas, constraints, transactions at an introductory level);
· recognize essential aspects of data quality, integrity, and information lifecycle management in digital systems;
· describe major categories of threats and vulnerabilities and the general principles of defensive strategies (prevention, detection, response);
· outline essential notions of professional responsibility and introductory ethics and legal principles applicable to data, security, and the use of artificial intelligence.
Applying knowledge and understanding
At the end of the cluster, the student is able to:
· design and query simple databases, formulating queries and correctly interpreting results in guided scenarios;
· apply basic practices and measures for the secure management of data and information systems, consistent with integrity, confidentiality, and availability requirements, in guided case studies and using introductory tools and methods.
· identify, in case studies, appropriate mitigations for common threats.
Making judgements
The student develops the ability to:
· apply introductory risk management concepts (asset/threat identification, qualitative impact assessment, prioritization) to justify basic security choices;
· qualitatively assess trade-offs between security, usability, and operational constraints in basic data protection and management decisions;
· properly frame ethical and legal implications related to data, security, and artificial intelligence, adopting a responsible approach.
Communication skills
At the end of the cluster, the student is able to:
· communicate clearly and in a technically correct manner, also in written form, essential requirements, adopted measures, and their rationale (including limitations and residual risks) in simple data management and security cases.
Learning skills
The student acquires the ability to:
· keep up to date with relevant technical and regulatory developments (vulnerabilities, mitigations, best practices, ethical and legal aspects) by selecting reliable sources;
· independently learn tools and platforms for data management and security (e.g., database systems, access control, logging and auditing) and assess constraints and impacts;
· integrate interdisciplinary knowledge (technical, organisational, legal) to justify design and operational choices in introductory application contexts.