At the end of the course, students will have developed foundational competence in - analyzing and managing business decisions related to technology and innovation management in cybersecurity, recognizing it as a key enabler of business development at both strategic and operational levels; - explaining the theoretical foundations of technology & innovation management in cybersecurity, including risk society framing and socio technical systems; - identifying and describe the main sociological and communicative factors that influence cybersecurity decisions and organizational resilience; - integrating technical, managerial, sociological, and communicative analyses to evaluate cybersecurity scenarios and formulate evidence based solutions; - collaborating in multidisciplinary teams, presenting clear, data driven arguments and recommendations.

For an easier acquisition of the course content, it might be useful for students to know the fundamentals of Economics and Business Organizations, as well as the basics of Business Strategy.

The course will comprise both theoretical and practical lessons in English and will be composed of two main modules: Module I –Technology and Innovation Management - Fundamentals of the theory of the firm - Fundamentals of the economics of innovation: the linear model of innovation, the actors involved in the innovation process, technological trajectories and paradigms, taxonomies of innovation and their impact on industries - Dynamics of innovation: technology cycles, dominant designs and standards - Fundamentals of strategy and the determinants of competitive advantage - Entrepreneurial and managerial innovation models - Decision making in cybersecurity (Make or buy & business cases) - Profiting from innovation - Open and collaborative innovation: practices and paradoxes - Barriers to innovation - IP management, diffusion of innovation and appropriation strategies - Creativity management Module II – CyberRisk SocioLab: Creative Communication for a Proactive Cyber Risk Culture - Risk society & socio technical framing of cyber risk: interactive lecture; key topics: systemic vs individual risk, public perceptions, trust and social legitimacy, latent socio-communicaiton factors in cybersecurity. - Technoscience controversies & epistemic authority: debate & role play; key topics: tacit norms, roles, power; open vs proprietary security. - Interpersonal communication, persuasion and social engineering: phishing role play and micro analysis; key topics: Palo Alto axioms, Cialdini’s principles, knowledge deficit model and alternatives. - Leadership communication & cyber risk literacy: mini workshop and self assessment; key topics: leadership cultures and the semiotic informational model, training practices.

The first module of the course will consist of in-presence interactive lectures (40 hours), with extensive use of examples, case studies and integrative reading materials. Company testimonials will be invited as part of the course for practical lessons based on real-life cases. The second module of the course will account for 20 hours of in-class exercises (EA) and 30 hours of dedicated tutoring, supervised by the instructor and carried out by an external tutor. During the second module, students will be required to carry out a group-based project work onsite. The organization of these activities can be divided into three main components: A. Theoretical framing interactive sessions aimed at reconstructing the sociological and communicative foundations of cybersecurity, providing students with the conceptual tools needed to frame their projects. B. Methodological workshops in-class exercises where the instructor introduces methodological guidelines and oversees key activities, while the tutor simultaneously works side-by-side with groups, facilitating their progress and problem-solving. C. Tutoring outside class hours conceived as an innovative and flexible support system. Besides assisting groups during the activities in B, the tutor will provide: o collective or individual check-ins (in presence or online), o feedback on draft materials (also asynchronously), o short troubleshooting sessions focused on specific issues. Groups will be asked to deliver one kick off and one mid-term checkpoint (e.g., a short concept note or slide outline) to receive structured feedback before starting and before the final submission. The tutoring activity is therefore conceived not only as assistance, but as an integral component of the experimental didactic approach of the course. Additional details follow. Purpose: Connect business decision making and theory of the firm competences in cybersecurity with sociological and communicative insight by analysing a real world phenomenon and producing a contemporary, public facing communication artifact. Brief: 1. Topic & Case Study - Each team selects one or more course topics. - At least one empirical case study must be analysed as a situated lens through which the broader issue is made visible. 2. Expected Output The final deliverable may take any creative form provided it is methodologically rigorous, argumentatively clear and well documented. Non exhaustive examples: o Mini documentary (7–10 min). o Podcast pilot (≤10 min) with narration, interviews or data interludes. o Advanced digital infographic or interactive data story. o Mock up advocacy/educational campaign (visual, textual or video). o Micro site or digital prototype (e.g., an interactive gamified demo that entertains while raising cyber-risk awareness and literacy across a company’s workforce). 3. Accompanying Dossier Either a written report (max 2 000 words) or a slide deck (15–20 well structured slides) that clearly states: • theoretical relevance and social significance of the topic; • intended audience(s) for the artefact; • theoretical framework, sources and methodology (including case study design); • division of tasks among team members. 4. Assessment Criteria • Integration of managerial and sociological knowledge. • Critical analysis of the case study. • Alignment of communication strategy with declared audience. • Evidenced use of reliable sources with transparent methodology. • Creative quality and production value of the artefact. 5. Methodological Tips • Combine technology and innovation management theory and sociological lenses; they are complementary, not alternative. • Curate sources meticulously and be transparent about every step of the process, including limitations.

Shilling, M. Strategic Management of Technological Innovation McGraw-Hill Education Cantamessa, M., Montagna, F. 2016 Management of Innovation and Product Development Springer Piccoli, G., Pigni F. 2019. Information systems for managers with cases. 4.0 Edition. Wiley Selected chapters from the textbooks, readings and other teaching materials will be uploaded during the course

Lecture slides; Text book; Multimedia materials; Student collaboration tools;

Exam: Optional oral exam; Group project; Computer-based written test in class using POLITO platform;

Written test (90 minutes, max 20 points) The written test will be held using students’ personal computers and Respondus Lockdown Browser. The test will be designed to assess the following objectives a)evaluate the degree to which students have learned and understood theoretical concepts ;b) evaluate the degree to which students are able to apply to real-life cases; c) evaluate the degree to which students are able to take informed management decisions based on knowledge acquired during the course. The written test will be based on a mixture of closed questions, open questions and/or a short commentary to a text. The written test will lead to a maximum score of 20/30. For the closed questions (2pt each) penalties will be applied for incorrect answers (-0.5pt) while no penalties will be applied to unanswered questions. The use of any study or reference teaching materials (i.e., books, slides, students’ notes) during the test is not permitted. Group project work (max 10 points) The group-based project work allow to evaluate the degree to which students are able to apply theoretical concepts in practice. The group project work, to be conducted onsite during the teaching semester, will lead to a maximum score of 10/30, based on the assessment criteria highlighted in the section above. Students who achieve a total score (Written text + Group project work) of at least 18/30 will be eligible to take an optional oral exam, based on the contents of the first module of the course.

In addition to the message sent by the online system, students with disabilities or Specific Learning Disorders (SLD) are invited to directly inform the professor in charge of the course about the special arrangements for the exam that have been agreed with the Special Needs Unit. The professor has to be informed at least one week before the beginning of the examination session in order to provide students with the most suitable arrangements for each specific type of exam.