Master of Science in Cyber Security

Overview

In an era in which technology is advancing at an incredible rate, the threat of cyber crime is bigger than ever.

Government agencies, private corporations, and the general public are frequently adopting newer and more advanced technologies that do not always account for adequate security protection. This makes the nation vulnerable to new and constantly evolving cyber attack risks.

There is currently a skills gap in the field of cyber security, and both universities and the government are keen to fill it by offering cyber security master’s degrees. With thousands of cyber security jobs on the market and the number of jobs projected to increase, now is the time to forge a new career in an expanding industry. A Master of Science in Cyber Security degree could help you develop this critical expertise.

What is an MS in Cyber Security?

A cyber security master’s degree focuses on the process of securing and protecting electronic information. The degree is not to be confused with a Master’s of Information Technology, which focuses on the management of information via systems development.

Instead, a Master’s in Cyber Security will concentrate on the detection and prevention of information security risks via a variety of techniques, including data analysis, network administration, and systems engineering.

A Master’s in Cyber Security will provide students with a strong foundation in digital investigations, forensic accounting, fraud prevention and management, information assurance compliance, cryptography, and security risk analysis. These skills can be applied to computer and web systems, networks, cloud-based computing, and digital applications.

Students can also expect to develop their expertise to inform government policies relating to cyber risks and information protection, and address the evolving digital threats and cyber crimes that the nation confronts daily.

Who is an MS in Cyber Security for?

MS in Cyber Security students are typically currently employed in fields related to computer technology and information security [1]. Below, find more common trends of cyber security students.

Demographics of Cyber Security Students

• 81.7% are male
• 56% have a bachelor’s degree
• 26% have a master’s degree
• 17% have an associate degree

Advancing Cyber Security Careers

Master’s in Cyber Security are designed to help prepare professionals in information security to broaden their technical skill set to include the area of cyber security. This is often due to genuine interest and passion for the subject, and to advance their career opportunities and earning potential.

Diversity in Cyber Security Careers

Admission requirements for cyber security programs are relatively open, welcoming students from a wide variety of educational and career backgrounds. This makes the degree an excellent “career changer” path for individuals who are interested in the strong projected financial and advancement opportunities in the field.

Why earn a Master’s of Science in Cyber Security?

Employment Opportunities

Research has found that demand for cyber security professionals will open up an incredible 6 million new jobs worldwide by 2019 [2]. According to the Bureau of Labor Statistics, employment of cyber security professionals in U.S. is expected to grow 18% by 2014 from 2014. This proves that employment opportunities are increasing for those equipped with a cyber security master’s degree.

Additional Cyber Security Career Opportunities

Cyber security master’s programs can provide students with a variety of managerial and leadership skills not typically taught at a bachelor’s level, on top of the technical cyber security skills and knowledge. These skills can be applied to a variety of senior management positions, both within and outside of the information technology and cyber security fields.

Leadership Skills in Cyber Security:

• Business management
• Policy awareness and adherence
• Communication
• Team leadership
• Project management
• Critical thinking
• Data analysis
• Problem solving

Salary Increases in Cyber Security

Cyber security professionals tend to earn on average 9% more than other IT workers, with the median range in salaries $70,000 to $118,000 [3]. The BLS calculates the median salary for an Information Security Analyst to be $90,120 per year. The lowest 10% earn less than $51,280, and the highest 10% earn over $143,770 [4].

The BLS currently reports that typical entry-level education is a bachelor’s degree. As the field of cyber security develops and more specialized education programs are created to support projected growth, degrees such as a Master’s in Cyber Security is expected to become an increasingly sought-after credential [5].

Career Shifts into Cyber Security

The breadth and depth of concentrations taught during a Master of Science in Cyber Security program are valuable for students who want to become highly specialized within a fast-developing and vital field. Popular concentrations relate to homeland security, cyber forensics investigations, and other areas that address government security concerns.

Personal Satisfaction of Earning a Cyber Security Degree

Aside from professional development, students in the field of cyber security tend to be passionate about working in an area of technology that is quickly developing, and which impacts the greater good. With national security an important focus of cyber security, professionals are responsible for protecting confidential data from ever-evolving digital security threats and crimes, and their expertise can be put to good use in a variety of sectors. This helps professionals find a particular niche in a growing field.

Career Advancement Overview

Career paths for cyber security professionals include specialized roles as an engineer, specialist, analyst, or integrator. Each path has different demands, with requirements for degree level and licensure varying, along with income potential.

Cyber Security Job Growth

Cyber security is a rapidly growing field, with the job market expanding at an impressive rate. For those looking to progress their career within IT, a Master’s in Cyber Security could grant access to this thriving job market. Consider these U.S. Bureau of Labor Statistics [6] projections for the period between 2014 and 2024:

• 12% increase in jobs created in core computer and IT
• 488,500 new computer and IT jobs created
• 4,800 new information security manager positions added

What are possible job titles and salaries for cyber security graduates?

Because information security jobs earn higher salaries on average than general IT positions, a Master’s in Cyber Security can help graduates prepare to pursue top-paying jobs within the computer and IT fields. Below, find a sample of possible jobs for cyber security graduates.

Information Security Analysts

Median Annual Salary – $90,120

Highest 10% earn more than $143,770 [7].

Duties include monitoring and investigating their organization’s network for security breaches, managing the protection of sensitive data, preparing reports in relation to breaches of security, and continuously performing penetration testing to analyze system vulnerabilities. Information Security Analysts are also responsible for keeping abreast of current IT security trends in order to reduce the risk of breaches, developing best practices to maintain high standards of security for their organization, making recommendations to senior staff for improving security, and supporting non-IT staff in the use of security products.

Computer and Information Systems Managers

Median Annual Salary – $131,600

Highest 10% earn more than $187,200 [8].

This role involves complete management of an organization’s computer needs, from providing recommendations of hardware upgrades, to planning and executing the installation of new software systems. Network security will also be an important part of the role, although this is frequently performed with the support of dedicated information security analysts. Managers typically head a team of other IT professionals, including systems analysts, software developers and support specialists.

Computer Systems Analysts

Median Annual Salary – $85,800

Highest 10% earn more than $135,450 [9].

Systems Analysts focus on analyzing their organization’s current computer needs and developing and implementing new systems to improve the organization’s efficiency. They prepare analyses of costs and benefits to help management understand the financial benefits of upgrading infrastructure and can be expected to oversee the installation of new systems, including the training of end users.

Software Developers

Median Annual Salary – $100,690

Highest 10% earn $153,710 [10]

The primary role of software developers is to design applications or systems that will meet the needs of their client or organization. They oversee each step of the development process, from working with users to determine essential functionality, through planning, designing, testing, developing, and launching new software, usually in collaboration with other IT specialists.

What are the types of careers in cyber security?

Within the field of information security, there is a vast range of highly specialized roles to consider.

Cryptographer: Uses encryption to build security software, secure sensitive information, and develop stronger encryption algorithms.

Network Security Analyst: Analyzes network infrastructure to detect and improve weak points, investigates existing breaches of security, analyzes compliance with security policies and assists in creation, implementation, and management of security software.

Chief Information Security Director: Oversees the overall IT security infrastructure, managing security projects and ensuring they remain in line with their organization’s business goals, budgets, and security policies.

Security Administrator: Provides, installs, configures, operates, and maintains their organization’s systems hardware, software, and any related infrastructure, specifically in relation to cyber security.

Security Architect: Establishes and implements IT security infrastructure, managing both hardware and software to maintain protection against breaches.

Forensics Investigator: Investigates systems after a security breach to establish how the breach occurred and who was responsible, or to retrieve information from data storage devices to aid in criminal investigations.

Security Systems Auditor: Evaluates efficiency of existing IT systems, and designs and helps to implement new systems to improve their organization’s functionality.

Security Engineer: Monitors security systems to detect incidents, investigates breaches, and stays at the forefront of new technology and trends to enhance security standards and prevent incidents.

Security Systems Integrator: Brings together multiple components and subsystems to ensure they function successfully as a whole.

Security Consultant: Provides specialist support and advice to protect all aspects of an organization’s IT, including hardware, software, networks, and data.

Where do cyber security professionals work?

Since information security is a rapidly growing field, cyber security graduates can expect to find work in a wide range of environments and sectors, from private corporations to government agencies.

Government

Cyber security professionals are necessary, not only to protect sensitive government data, but also to help combat cyber crime that puts people at an increased risk of theft and fraud. Both government secrets and the safety of the general public are top priorities for the NSA and Department of Homeland Security, suggesting that their demand for cyber security graduates will not wane as technology continues to develop.

Military

With technology playing an important role in the military’s weaponry, it is essential that it has thorough cyber security measures in place to defend against enemy hacking. Not only that, but sensitive military secrets must be protected via highly secure cyber defense strategies. The more technology evolves, the increased risk there is of warfare occurring in cyber format, meaning that cyber security will continue to be at the forefront of military defense.

Educational Institutions

Institutional resources and data, as well as private student data, must be carefully protected by educational institutions, which find themselves at increased cyber security risks. Not only that, but schools and colleges have a duty to protect their students from cyber crime, meaning that they must invest in new security technologies to do so. Plus, with cloud technology on the rise, education institutes face new challenges in keeping both their own and their students’ information protected.

Healthcare

Sensitive patient information is increasingly being digitized, which means healthcare organizations must invest time and money in developing secure information infrastructures to maintain client confidentiality. With many new treatment methods relying on digital technology, hospitals must also protect themselves from the risk of hacking.

Technology Companies

Organizations that are responsible for developing and managing technologies used by other businesses have increased responsibility to keep their systems running securely – failure to do so could result in vital client information being leaked. Companies at the forefront of technology innovation must also maintain exceptional cyber security to keep their data veiled from the eyes of competitors.

Corporations

Any corporation should want to keep secrets of their business safe from cyber threats, but government policies regarding privacy and public safety also demand high cyber security measures to ensure sensitive public data isn’t leaked. Private corporations of all sizes are therefore increasing their focus on cyber security to ensure they remain ahead of the hackers who could put their business and reputation at risk.

Financial Institutions

Modern technology makes it possible to rob a bank without even stepping foot on the premises. For this reason, financial institutions are under a lot of pressure to protect themselves from cyber crime. They also have a duty to protect their customers from potential cyber crimes, particularly at a time where internet banking is the norm.

Master’s of Science in Cyber Security Curriculum

Potential students should ensure their chosen master’s program has a curriculum which gives a broad overview of cyber security, from both a technical and non-technical perspective, and consider a wide variety of settings, such as business, law, and medicine, each of which faces distinct cyber security challenges. This is in line with the Association for Computing Machinery’s cyber security curricular guidelines [11].

Students may also wish to consider the National Center of Academic Excellence (CAE) programs in cyber defense [12]. These formally recognized degrees have been developed by the Department for Homeland Security to ensure that the curriculum educates students to a level that makes them suitable to fill the DHA’s growing number of cyber security positions.

Typical Cyber Security Core Courses

The following core courses are designed to provide students with a solid overview of cyber security, which will prepare them for a wide variety of job roles and industries.

• Digital Forensics and Investigations
• Network Forensics
• Advanced Digital Forensics (Malware Forensic Analysis)
• Developing Secure Systems
• Cyber Security
• Advanced Coding Theory
• Information Theory and Coding
• Managing Information Security

The CAE curriculum incorporates much of the same information, with the emphasis being on aspects of cyber security most relevant to the government and the general public. Educational institutes that have been designated as CAEs can apply to deliver specific focus areas, which focus their core courses on cyber security specializations. These focus areas include:

• Cyber Investigations
• Data Management Systems Security
• Data Security Analysis
• Digital Forensics
• Health Care Security
• Industrial Control Systems – SCADA Security
• Network Security Administration
• Network Security Engineering
• Secure Cloud Computing
• Secure Embedded Systems
• Secure Mobile Technology
• Secure Software Development
• Secure Telecommunications
• Security Incident Analysis and Response
• Security Policy Development and Compliance
• Systems Security Administration
• Systems Security Engineering

Specializations and Electives

Many cyber security programs will allow students to hone their expertise through elective courses. Some electives may focus on the process of administration or operations within cyber security, while others focus on specialized issues and industries, such as law, business, or intelligence. Additional options combine various aspects of cyber security to provide a comprehensive education within highly specialized areas. Examples of popular specializations include:

• Cyber Security and Information Assurance
• Information Security Analysis
• Auditing
• Information Security Engineering
• Intelligence
• Computer Forensics
• Cyber Operations
• Homeland Security Management
• Emergency Management
• Ethical Hacking

What are the most popular concentrations/specializations within Master of Science in Cyber Security programs?

Cyber intelligence: The process of recognizing indicators of threat and carrying out counteractions, often in time-sensitive scenarios [13].

Digital forensics: The investigation of information stored on hard drives or other digital storage devices to assist in the prosecution of crimes [14].

Information assurance: Protection of information and systems by taking measures to maintain their availability, integrity, confidentiality, and authentication [15].

Computer security: Protection of computing systems and the data stored on or accessed by computers [16].

Cyber crime investigation: Aiding in the investigation of cyber crimes by collecting digital evidence such as cellphone data, GPS location services, network servers, and computers [17].

What concentrations or specializations are in high demand in regards to careers and certification?

With a major shortage of cyber crime professionals within the public sector, concentrations relating to government cyber crime priorities are in high demand. This includes:

• Cyber Investigation
• Homeland Security
• Forensics and Network Intrusion
• Cryptography

Private organizations also have increased demand for cyber security professionals who can help protect their systems and information from the increased threat of cyber crime. Concentrations most relevant to careers in the private sector include:

• Information Security
• Information Assurance
• Vulnerability Assessment
• Technology Management
• Disaster Recovery Planning

Certifications

Certificates can allow cyber security professionals to advance their expertise in key areas, which is particularly important in an age in which technology is constantly evolving and posing ever-changing security threats. The certificates demonstrate to potential employers that an individual has tested, verifiable proficiency in the field, and can help professionals to advance their career in the form of promotions and salary increases.

Many master’s degrees in cyber security will prepare students for industry certification exams. Although such certifications aren’t mandatory, they can be very valuable investments for students who wish to concentrate their expertise in specific areas and make themselves more marketable in a fast-growing industry.

Common certification levels include:

• CompTIA A+ [18]
• CompTIA Cyber Security Analyst (CSA+) [19]
• CISSP (Certified Information Systems Security Professional) [20]
• CCSP (Certified Cloud Security Professional) [21]
• SSCP (Systems Security Certified Practitioner) [22]
• CAP (Certified Authorization Professional) [23]
• CCFP (Certified Cyber Forensics Professional) [24]
• HCISPP (HealthCare Information Security and Privacy Practitioner) [25]

Admissions Requirements

Although admissions requirements will vary from one program to the next, you can expect most cyber security schools to require a bachelor’s degree in an IT-related subject. Students with bachelor’s degrees in mathematics or statistics may also be welcomed.

For those who do not hold a bachelor’s degree or have an undergraduate degree in a subject completely unrelated to IT, it may still be possible to be accepted into a cyber security master’s program, particularly if they have significant work experience in a related field. Career changers are typically well-received, but individuals should check policies from individual institutions to discover what additional admissions requirements are needed if they do not hold a bachelor’s degree.

Aside from qualifications, most programs will also require an application fee, an admission essay, letters of recommendation, completion of GRE or GMAT, official transcripts, and copies of licenses that may qualify the applicant for degree credits.

It’s important that you understand the specific admissions requirements for each master’s program you are considering. The level of experience and education required will differ from program to program, and this will give you an idea of which programs you are best suited to and best qualified for.

Program Length

Many Master of Science programs can be completed in less than two years, but this differs from program to program. Be sure to check the length of any master’s degree you’re considering. You should also understand how many courses you should take on average each semester and the time commitment required for each course.

It’s not unusual for colleges to provide options for students who wish to complete the course at a slower pace than what is typically recommended, but you should consult with individual universities to learn their policies.

Alternative Degree/Field of Study Options

Cyber security is just one of many areas within the field of IT and computing. Many aspects of cyber security overlap with different computer-based disciplines, and it can be helpful to learn about alternative degree pathways to ensure that you’re choosing the right path toward your desired career.

Some alternate fields of study that may be of interest to you include:

• Computer Science – the general study of the principles and uses of computers
• Computer Information Systems – the gathering, processing and interpretation of data using systems of people and computers
• Business Analytics – the process of continuously analyzing business operations to inform future business plans and decisions
• Health Informatics – the study of resources and methods for managing, processing, and interpreting health information
• Telecommunications – the process of transmitting data with the use of electromagnetic signals
• Data Management – the development of architectures, practices and procedures to manage data within an organization

Accreditation

Regional accreditation is an important consideration, particularly if you think you may pursue an additional degree in the future. Regionally-accredited schools generally only accept transfer credit from other regionally-accredited schools. Not only that, but it gives you peace of mind that a school and program will meet acceptable quality levels in terms of the education they provide.

In regards to cyber security master’s programs, you may wish to consider the National Centers of Academic Excellence Cyber Defense program, a government-approved program sponsored by the Department of Homeland Security and National Security Agency.

Various universities throughout the U.S. have been designated to deliver programs which adhere to focus areas that align closely with CEA-CD’s knowledge units [26]. Designated universities have been deemed to show proficiency in their curriculum with the government’s knowledge units featuring in course syllabi, prerequisite courses and degrees, modules, assignments, and certifications. These programs are often seen as the standard for cyber security and information security courses.

Experiential Learning/Field Placement

Some cyber security schools provide experiential learning and field placement as methods for gaining course credit, with opportunities to work in organizations both on and off campus.

The requirements for this type of field placement will vary from program to program, so be sure to research this when considering any particular Master of Cyber Security program. Many programs provide summer internships to allow students to gain experience, while others allow field placement to run concurrently with other courses. Some may even accept previous work experience as credit toward experiential learning, which is ideal for those who already have some hands-on experience in the field of cyber security.

Universities often have a team dedicated to approving agencies which offer field placement to students. This is to ensure they can provide a high-quality working environment that meets the standards of the degree program and complements the subject matters explored in class. Be sure to check how much support you can expect to receive from any program you’re considering so that you can be prepared to find a placement that aligns best with your personal requirements.

History and Evolution of Master of Science in Cyber Security Studies

Cyber crime and cyber warfare are two of the most serious threats the U.S. faces in the modern world. As organizations have invested in new technologies, they have exposed their information systems to attack while underinvesting in cyber security. The result is a dramatic increase in cyber attacks. Cyber security professionals are therefore needed to analyze weak points in an organization’s infrastructure and develop solutions that will prevent hackers from stealing sensitive data or attacking computer networks [27].

The increase in cyber security degrees available is in direct response to the need for highly specialized professionals which can reduce the vulnerability of the national information infrastructure. The government is so invested in the need for increased cyber security expertise that it has developed its own National Centers of Academic Excellence in Cyber Defense Master’s program with the aim of protecting the nation from cyber attacks.

Tuition and Fees

Typically, a master’s degree in cyber security will cost between $20,000 and $40,000, although tuition varies dramatically according to the institution and a student’s chosen track.

Higher tuition rates may be demanded by government-accredited universities which offer focus areas designated by the NSA and DHA, or if specialized concentrations or experience-based curricula are available. Degrees which include preparation for industry examination may also require higher tuition rates due to the difference in curriculum and credit hours required.

You can expect many programs to require additional fees not quoted in the tuition costs, but which may be essential for successful completion of the degree. This may include laptops, electronic textbooks, software, lab fees, and health fees.

Frequently Asked Questions

Master of Science in Cyber Security overview FAQs

What is the primary focus of an MS in Cyber Security degree?

A high-quality program will give students the foundational knowledge needed to detect and manage cyber crime and to prevent breaches of vital information through the development and implementation of digital security technologies.

What kind of educational/professional background do you need to qualify for an MS in Cyber Security?

Typically a bachelor’s degree in an information technology-based subject is desired, although mathematics-based degrees are also often welcomed. Those without relevant qualifications are still frequently accepted, particularly if they have substantial work experience in a relevant IT-related field.

How can an MS in Cyber Security degree add value to my career?

By providing highly specialized skills in cyber security, a master’s degree can help you progress your career as a security professional in a fast-growing field and can lead to increased earning potential. Business management, policy adherence,t and leadership skills will also be gained, opening up a wide range of managerial and senior career opportunities.

What are the key attributes to look for in an MS Cyber Security degree?

Accreditation: Government-accredited CAE programs are available at some universities and are seen as the benchmark for standards in cyber security master’s degree programs. It may also be important to you to choose a regionally-accredited university, particularly if you plan to transfer college credits to another school in future.

Curriculum: You’ll find some degree programs offer a generalized curriculum based on core courses, and others that feature unique concentrations and specialized studies. The latter may be more useful if you have a very specific career path in mind.

Certification: Although certification is not mandatory to work in the cyber security field, it can open up more career progression prospects. Some schools can help to prepare students for certification exams, which may be an important attribute if you’d like to pursue certification.

Can I take an online cyber security master’s program?

Yes. There are many online programs designed to allow students to complete the degree with greater flexibility than on-campus courses offer. You may also wish to consider hybrid or blended courses, which combine online learning with on-campus classes and meetings.

Are work placements required in Master of Cyber Security degrees?

Some programs require students to embark on experiential learning or field placements, but others do not. When it is required, some schools allow students to use previous employment or work experience to contribute to credit, or earn credit working in their existing position if it is in a relevant field to the area of study.

Career Advancement FAQs

What careers does a Master of Science in Cyber Security prepare me for?

There are a variety of mid- to high-level positions that a Master’s in Cyber Security can help you secure, including Computer Forensics Investigator, Security Systems Analyst, Security Software Development, and Security Systems Engineer. It can also provide the specialist knowledge required to assume roles such as Security Systems Director, which involves heading up an IT team to manage all aspects of an organization’s cyber security.

What is the average salary for Master of Science in Cyber Security graduates?

Graduates can expect to earn in the region of $80,000 to $100,000 in professional cyber security positions.

What is the career outlook for the Master of Science in Cyber Security?

As technology continues to develop, the risk of cyber crime develops with it. Organizations in a vast range of industries are in need of cyber security professionals to protect their information systems. Demand for cyber security professionals is expected to grow by 12% between 2014 and 2014, which is higher than the average growth rate for other industries.

How does a graduate degree in cyber security impact salary potential?

Entry-level professionals typically only need a bachelor’s degree in computer science or information science, or relevant work experience [28]. However, 15% of professionals currently working in the industry have a master’s degree [29]. With more than 209,000 cyber security jobs currently unfilled in the US and demand for cyber security professionals up by 75% in the past 5 years [30], a graduate degree could make for a worthwhile investment for those who wish to advance their career and remain competitive for new opportunities.

How do opportunities vary from state to state?

States with the highest employment for information security analysts are [31]:

• Virginia (11,010)
• California (8,090)
• Texas (7,740)
• New York (4,820)
• Florida (3,690)

States with the highest paying salaries for information security professionals are [32]:

• District of Columbia ($116,100)
• New York ($111,170)
• New Jersey ($109,940)
• California ($109,110)
• Virginia ($106,320)

Curriculum FAQs

What are the typical Master of Science in Cyber Security core courses?

Most programs will aim to give a general overview of both technical and non-technical aspects of cyber security and will feature courses such as:

• Security, Policy, Ethics, and Legal Environment
• Information Assurance
• Incident Response and Recovery
• Cryptography
• Application Security
• Systems Security
• Algorithm Analysis
• Network and Internet Security
• Vulnerability Analysis and Detection

Are there any programs that have unique core courses? If so, how would those core courses benefit career advancement or certification?

The National Centers of Academic Excellence is a U.S. government-recognised course sponsored jointly by the Department of Homeland Security and the National Security Agency. With each CAE designated within a specific focus area, the core courses for each college may differ to concentrate on more specialized aspects of information security. The focus areas are designed to be most relevant and important to government security, and CAE master’s programs may, therefore, be of most value to individuals who are interested in pursuing a cyber security career in the public sector.

How is the curriculum structured?

Aside from the core courses outlined above, many master’s programs will offer a series of elective and specialized courses that allow students to gain expertise in highly specialized areas, such as Intelligence, Ethical Hacking, and Homeland Security Management.

Are there any prerequisite courses?

There are no prerequisites required to study for a Master’s in Cyber Security, although some programs may require certain core courses to be completed before certain elective or specialization subjects can be taken. This varies from program to program.

How are programs with concentrations different from those that do not offer them?

Some master’s programs may structure courses by foundational requirements (also known as core courses), while others structure the course by track or specialization (known as concentration-focused programs). Other programs may provide opportunities to take specialized courses alongside the foundational requirements, though these tend to be independent studies listed separately from the main program. Programs with concentrations can be valuable for students who have a particular interest in key areas of cyber security, or who have specific career pathways in mind.

What should I look for when it comes to curriculum?

You’ll want to choose a curriculum covering topics that are most relevant to your desired career, but you should also ensure that you acquire a solid understanding of foundational cyber security knowledge. A good resource is the Association of Computing Machinery’s curricular guidelines for cyber security which says programs should provide courses in:

• Algorithms and Complexity
• Computational Science
• Graphics and Visual Computing
• Information Assurance and Security IS Intelligent Systems
• OS Operating Systems
• Parallel and Distributed Computing
• Software Development Fundamentals
• Systems Fundamentals
• Architecture and Organization
• Discrete Structures
• Human-Computer Interaction
• Information Management
• Networking and Communication
• Platform-based Development
• Programming Languages
• Software Engineering
• Social and Professional Issues

Is an online Master of Science in Cyber Security the same as a campus-based program at most universities?

Online cyber security master’s programs are often identical to campus-based programs, particularly if provided from accredited universities.

What are the asynchronous and synchronous elements of an online cyber security program?

Asynchronous elements of a cyber security degree online may include:

• Pre-recorded lectures
• Downloadable reading materials
• Discussion boards

Synchronous elements of an online program may include:

• Live seminars delivered via chat rooms or virtual meeting spaces
• Scheduled video conferences with fellow students or course leaders
• Live one-on-one chat with instructors

Are there hybrid Master of Science in Cyber Security programs?

Yes, some schools offer hybrid courses that blend online classes with campus-based classes so that students can enjoy the flexibility of distance learning with the immersive experience of on-campus classes.

What’s the difference between a general Master of Science in Cyber Security and one with concentrations?

A general master’s in cyber security combines all core focuses of the field into a comprehensive education, giving students a solid foundation that applies to different career paths. Master’s degrees with concentrations usually require more credit hours, since students are expected to take part in more detailed study in highly specialized areas. We recommend investigating both generalized and concentration-focused programs to find the best fit.

Do I have to take a concentration if I want to be certified as a cyber security professional?

No. It is not necessary to complete a master’s degree in any specialty to take certification exams. However, programs with specializations can help students to prepare for various certification exams, which may be useful if you feel that certification will be valuable for your career progression.

What are the learning goals?

With the DHS and the NSA striving to achieve a standard level of education among cyber security professionals [33], you should expect master’s programs to provide you with strong knowledge of:

• Information security fundamentals
• Cryptography
• Basic scripting
• Networking concepts
• Database management
• Network defense
• System and data classification criteria
• Attack strategy assessment
• Vulnerability detection

Certificates FAQs

Do you need a Master of Science in Cyber Security to obtain a certification?

No, although a Master’s in Cyber Security often helps professionals to prepare for certification exams.

What is the difference between a general Master of Science in Cyber Security program and one that offers certification exam preparation?

Degrees which offer preparation for certification can be beneficial for students who wish to invest in certificates that may improve their expertise and make them more profitable for the job market. The curriculum for these degrees will incorporate courses to prepare you for certification exams.

What are the steps required to achieve certification?

Usually certification exams require a certain amount of training and a subsequent examination to verify expertise, but some certifications will require individuals to have worked in the cyber security sector for a certain number of years or hold other certifications to prove experience or knowledge. The requirements vary from certificate to certificate, so it is essential that individuals research the steps required for each one.

How much do certifications cost?

Certifications vary in price but can be expected to cost between $200 and $600 for each certificate [34].

Are other accreditations required or accepted to obtain certificates?

Many certifications recommend cyber security professionals to log a certain number of hours or years in the workplace to prove their expertise. They may also request a submission of a resume to demonstrate work experience. However, these are higher-level certifications, and there are many entry-level certifications suitable for Master’s in Cyber Security graduates who have limited workplace experience.

What benefits and career opportunities are available to cyber security professionals with and without licensure?

Individuals who obtain certification will be able to demonstrate to employers their level of knowledge within specific sectors of cyber security, which could lead to better career advancement opportunities, including promotions and salary increases.

Are there any certification requirements for individual states?

No. Since certification is not mandatory to work within cyber security, there are no state-level requirements for certification.

Admissions FAQs

What are the reasons that some Master of Science in Cyber Security programs accept work experience toward college credit?

Some master’s programs acknowledge the importance of hands-on learning, particularly those which are concentration-focused. They may require students to work in the field to apply the academic knowledge they learned in class, for which they will earn college credit. For this reason, work experience earned before enrolling in a program may be accepted as college credit.

What are the reasons that some Master of Science in Cyber Security programs require the GRE?

The Graduate Record Examination is designed to test a variety of reasoning, analytical, and critical thinking skills. Since all of these skills are vital in the field of cyber security, programs can rely on GRE scores to assess whether potential students will be suited to the course. Often, they focus on the analytical and critical thinking aspects of the test, as these skills are most relevant to cyber security.

Why do some Master of Science in Cyber Security programs require a personal statement and why is it important?

Cyber security professionals are expected to constantly keep up with the latest technological developments in order to provide the top levels of security within their organization. They’re also expected to understand their duty of care when dealing with sensitive information and understand that their choice of career can contribute to the greater good. A personal statement can help to showcase these attributes in an individual.

What are the reasons that some Master of Science in Cyber Security programs accept bachelor’s degrees from unrelated programs?

Although technology and computing is a major aspect of cyber security, a wider understanding of how it fits into the world around us is also essential. For this reason, career-changer applicants are frequently welcomed as their experience in other areas can be very beneficial. Not only that, but cyber security professionals are in high demand, and many colleges are keen to encourage fresh talent to join a field with a severe skills shortage.

What types of work experience are accepted for a Master of Science in Cyber Security program?

Any work experience within the general IT field tends to be accepted for Master of Cyber Security programs, although if you’re planning on applying for a concentration-focused course, you may be expected to have more specific work experience. Mathematics- and analytics-related work experience are also often welcomed.

Will students still be accepted into a Master of Science in Cyber Security program without work experience?

This depends on the program, as demands differ between colleges and courses. Traditional programs that cover core courses may be less likely to demand work experience compared to concentration-focused programs.

If someone is changing careers and does not have a Master in Science in Cyber Security, what are the things they should consider when looking for a degree or certificate program? Are there certain courses they should have on their transcript? Should they have a certain background or type of work experience?

Ideally, an individual looking to change careers will have some experience in an IT-related field, or a mathematics- or science-based field. Certifications in other areas of computing may be helpful. Requirements for career changers who don’t hold a relevant bachelor’s degree can vary from program to program, so be sure to check out the admissions requirements and contact program leaders for more information.

Program Length FAQs

How long does a Master of Science in Cyber Security typically take to complete?

As with most other traditional degrees, a Master’s in Cyber Security usually takes around 2 years to complete when studying on a full-time basis, although some can take up to 3 years.

How many courses are typically required per semester?

Students will typically take two to three courses per semester when studying for a Master’s in Cyber Security, but this can vary from program to program.

How many hours are typically required for each course?

Most courses require 3 credit hours.

Do any Master of Science in Cyber Security programs offer self-paced options?

Online cyber security master’s degrees are more likely to offer self-paced study options, which makes them suitable for individuals who would like to study at a slower pace while continuing to work, or for those who would prefer to complete a master’s program at a faster, more intensive pace.

Do any Master of Science in Cyber Security programs allow you to stop taking courses and start back up again?

Many universities offer solutions for students who need to take a break from their studies, but policies differ between programs, so it’s important to research this with each program you’re considering applying to. Completing a cyber security degree online often gives more flexibility to work on the degree at your own pace.

What’s the difference between fully online, blended, and on-campus Master of Science in Cyber Security degrees?

With fully online courses, all materials are delivered digitally. Frequently, classes and courses can be taken when your schedule allows or at least with an increased degree of flexibility than on-campus programs, which require you to attend each seminar in person. Coursework and assessments will also be submitted digitally with online programs. Blended courses combine online learning with a certain amount of on-campus seminars or practical classes. This can offer flexibility with the added benefit of hands-on learning where necessary, which may be important for some concentration-based courses that require a more practical learning approach.

Alternative Fields of Study FAQs

What are alternative fields of study to cyber security?

• Computer Science
• Computer Information Systems
• Business Analytics
• Health Informatics
• Telecommunications
• Data Management

What are the main things I should consider as differences between alternative fields of study?

Some of the programs outlined above can offer preparation for certification exams, which may be valuable for certification in key areas.

How will the different degree types of fields of study affect my career options?

Most of the alternative courses can lead to very similar job opportunities as mentioned above in relation to cyber security master’s programs. Degrees such as health informatics are more specialized and valuable for those who wish to pursue careers in health or medicine-based IT roles, while business analytics and data management may better suit those who are working toward senior IT management positions.

How will the different degree types of fields of study affect my certification?

Some degrees may help you to prepare for key certification exams. This preparation may not be necessary for you to earn cyber security certificates, which may also require work experience in the field. You may be able to use credits earned during your degree to help maintain your cyber security certification where applicable.

Accreditation FAQs

How important is regional accreditation in the cyber security field?

Regional accreditation is just as important in regards to cyber security programs as it is in any other field of study. If you’re considering further education or transferring schools, you may only be able to transfer credit from regionally-accredited schools.

What are other accreditations related to the Master of Science in Cyber Security?

The National Centers of Academic Excellence accredits universities that provide cyber security master’s programs that align with the government’s cyber security standards. Degrees from these institutions may be held in even higher regard by potential employers than regionally-accredited programs.

How will a Master of Science in Cyber Security from an accredited program advance my cyber security credentials and career?

Degrees from accredited universities give potential employers confidence that you have been educated to a high standard and have the knowledge necessary to perform your role. They may, therefore, provide you with more options for career progression.

How will choosing a Master of Science in Cyber Security that is not accredited prevent me from furthering my career or obtaining certifications/licenses?

Getting your master’s from an unaccredited program may not directly stop you from achieving certification or licenses, but you may be deemed to have weaker credentials when being considered by potential employers. It may also be more difficult to pursue further degree studies if you are unable to transfer credit from an unaccredited program.

Can I do anything in the information security field without earning a degree from an accredited undergraduate or graduate program?

There are no regulations to stop you from working in information security with an accredited degree, but the industry is leaning toward higher standards in cyber security due to the need for highly-specialized talent. Due to an increased number of master’s programs available, employers may come to expect candidates to hold degrees from accredited universities, and without one, you may find it more difficult to progress to higher-level, higher salary positions.

If someone earns a Master of Science in Cyber Security when the program was accredited, but the program loses its accreditation at some point after graduation, what are the repercussions to career, credentials, and licensure?

There should be minimal impact on your career and credentials if the master’s program you completed loses its accreditation after you graduate. You can explain to potential future employers that the school was accredited during your study, and accreditation agencies tend to have records of previous accreditations should you be required to provide proof.

Do regionally-accredited Master of Science in Cyber Security programs cost more than those that aren’t?

Yes, typically regionally-accredited programs are more expensive, but they are deemed worthwhile investments due to the credentials they provide. Plus, it may offer you peace of mind that you’re achieving the best level of education possible.

What are the standards used by regional accreditation to evaluate programs?

There are a variety of standards set for accredited universities, but the primary focus is on the establishment’s level of support in helping its students benefit from earning the degree. Universities are expected to provide degree programs of good quality with thorough procedures for accurately assessing student achievement, providing faculty and staff that ensure continuity [34].

Why is CAE the industry standard?

CAE is deemed the industry standard because it is endorsed by the DHS and NSA, both of which are highly-specialized in cyber security and striving to expand excellence in the education of cyber security professionals.

Are all CAE programs created equally?

No. Each designated CAE can specialize in a focus area, which means the curriculum will be tailored to a particular facet of cyber security. This can allow you to choose a program that best matches your interests or your desired career progression plans. Some designated CAE schools also provide their programs online, whereas others are campus-based, allowing you to choose a learning style which best fits your lifestyle.

Field Placement FAQs

What is field placement/experiential learning?

It is the process of learning through experience within a professional cyber security environment. It is frequently offered on-campus and off-campus, and may last for several days or weeks.

Is field placement different for those in general track versus a concentration-focused track?

Programs that follow a concentration-focused track may be more likely to require field placement for gaining credit since they are designed for students to develop more in-depth knowledge of specialist aspects of cyber security. Some programs may require students to gain field placement experience before they undertake a specialized course or elective to better understand the course materials.

Will field placement help me with my career?

Work experience on your resume could enhance your chances of securing a good job after graduation, as it proves that you have applied the knowledge learned in your degree to a real world environment. There is also the possibility that internships or field placements could develop into more permanent jobs if you make a good impression and the organization you worked with has an opening. Field placement could also help you to make valuable connections within the industry to gain recommendations.

Do all Master of Science in Cyber Security programs require field placement?

No, and online cyber security schools are less likely to require field placement than those delivered on-campus.

How many hours do programs require for field placement?

The number of field placement hours required varies, so be sure to check with individual programs.

Can I be paid for my field placement work?

Some internships and work experience may be paid, particularly if they are offered on a long-term basis, but this entirely depends on the program, its requirements for work experience, and the organizations that offer placements. You should research this thoroughly when considering a program.

Does the supervisor of my field experience receive compensation for monitoring me?

Typically, supervisors are not compensated for monitoring students, although this may vary between programs and placements.

Can my manager be my supervisor?

If you already work in the cyber security field, it may be possible for your existing manager to become your field placement supervisor, but be sure to check with individual program requirements for more information.

How do I know what my field requirements are for the program I choose?

Programs will usually list field placement requirements within their curriculum guides. Contact individual programs for more details.

Do I have to set up my field placement or does the university? Will my school help me get a field experience?

The level of support offered in securing field placements differs from program to program. Some schools have dedicated staff who approve organizations and can help to connect you with suitable learning experiences. Some may directly match you with placements, while others may offer recommendations and leave the application process up to you. Be sure to find out what level of support a program offers before applying.

If I have to set up my field placement, are there companies that can help?

The Department of Homeland Security offers a Cyber Student Volunteer Initiative which can help to match students with summer internship opportunities throughout the U.S. To be eligible for the program, students must be enrolled in an accredited bachelor’s or master’s degree program in a field related to cyber security [35]. Recruitment agencies may also help you tind a work placement.

Do any graduate programs allow students to leverage their current position as their field placement? If not, will those programs allow students to leverage a different position within the same agency for their field placement?

Some master’s programs offer college credit to students already working in the field or with previous experience. This may only apply if the work is relevant. It may also be possible to fulfill work placement requirements by taking up a different position within your existing organization.

What if I cannot get a field placement?

If you struggle to find a field placement, you may request extra support since program directors may have contacts within the field that can help. If you cannot find a field placement, you may have to delay completion of certain courses within the program, which may delay your graduation. Consequences vary from program to program, so discuss these concerns with individual schools before applying.

How difficult is it to get a field placement?

Cyber security is a rapidly growing field, with available jobs expecting to grow by 12% by 2024. Due to a high demand, many businesses may be keen to welcome new talent to their organization. However, the demand for cyber security professionals varies from state to state, which may make it more difficult to find placements in some locations than others.

Do I have to pay for a field experience?

Students are not usually expected to pay for field experience, but there may be expenses associated with the placement, such as buying new hardware or software, and travel and accommodation costs.

How will my school know that I am actually completing the field experience?

Organizations that provide placements are usually expected to coordinate with schools to deliver feedback on student performance.

Can I complete my field placement as part of my current job?

Yes. Some programs may allow you to gain field placement credit through your existing job.

References

[1] https://datausa.io/profile/cip/111003/#demographics
[2] https://www.forbes.com/sites/stevemorgan/2016/01/02/one-million-cybersecurity-job-openings-in-2016/#8ff300a27ea2
[3] http://burning-glass.com/wp-content/uploads/Cybersecurity_Jobs_Report_2015.pdf
[4] https://www.bls.gov/ooh/computer-and-information-technology/information-security-analysts.htm#tab-8
[5] https://www.bls.gov/ooh/computer-and-information-technology/information-security-analysts.htm#tab-4
[6] https://www.bls.gov/ooh/computer-and-information-technology/information-security-analysts.htm#tab-6
[7] https://www.bls.gov/ooh/computer-and-information-technology/information-security-analysts.htm#tab-5
[8] https://www.bls.gov/ooh/management/computer-and-information-systems-managers.htm#tab-5
[9] https://www.bls.gov/ooh/computer-and-information-technology/computer-systems-analysts.htm
[10] https://www.bls.gov/ooh/computer-and-information-technology/software-developers.htm
[11] https://www.acm.org/education/TowardCurricularGuidelinesCybersec.pdf
[12] https://niccs.us-cert.gov/formal-education/national-centers-academic-excellence-cae
[13] https://www.sans.org/reading-room/whitepapers/analyst/cyberthreat-intelligence-how-35767
[14] https://www.nij.gov/topics/forensics/evidence/digital/Pages/welcome.aspx
[15] http://www.snia.org/sites/default/education/tutorials/2009/spring/security/EricHibbard-Introduction-Information-Assurance.pdf
[16] http://its.ucsc.edu/security/training/intro.html
[17] http://www.iacpcybercenter.org/chiefs/cyber-crime-investigations/
[18] https://certification.comptia.org/certifications/a
[19] https://certification.comptia.org/certifications/cybersecurity-analyst
[20] https://www.isc2.org/cissp/default.aspx
[21] https://www.isc2.org/ccsp/default.aspx
[22] https://www.isc2.org/sscp-why-certify.aspx
[23] https://www.isc2.org/uploadedfiles/credentials_and_certifcation/cap/cap-web(3).pdf
[24] https://www.isc2.org/ccfp-resources/default.aspx
[25] https://www.isc2.org/hcispp/default.aspx
[26] https://niccs.us-cert.gov/sites/default/files/documents/pdf/mapping_nsa_dhs_knowledge_unit_to_nice_fw_2.0.pdf?trackDocs=mapping_nsa_dhs_knowledge_unit_to_nice_fw_2.0.pdf
[27] https://www.bls.gov/ooh/computer-and-information-technology/information-security-analysts.htm#tab-6
[28] https://www.bls.gov/ooh/management/computer-and-information-systems-managers.htm#tab-4
[29] https://www.onetonline.org/link/summary/11-9199.07#JobZone
[30] http://peninsulapress.com/2015/03/31/cybersecurity-jobs-growth/
[31] https://www.bls.gov/oes/current/oes151122.htm#st
[32] https://www.bls.gov/oes/current/oes151122.htm
[33] https://www.nsa.gov/resources/educators/centers-academic-excellence/cyber-defense/
[34] https://www.isc2.org/uploadedfiles/certification_programs/exam_pricing.pdf
[35] https://www.dhs.gov/homeland-security-careers/cybersecurity-internship-program
[36] https://www.msche.org/documents/EntryRequirements.doc