The request to establish Master of Science in Cybersecurity

Date: April 18, 2016
To: College of Computing & Informatics
From: Office of Academic Affairs
Approved On: March 23, 2016
Approved by: Graduate Council
Implementation Date: Spring 2017


Note: Deletions are strikethroughs. Insertions are underlined.


Summary

The Board of Governors approved at its July 26, 2016 meeting effective Spring 2017.

Catalog Copy

The Master of Science in Cybersecurity is designed to equip students with the latest knowledge and skills in cybersecurity and privacy. Graduates of the program will be employable by both businesses and governments that have important information assets to be protected from increasingly sophisticated cyber-attacks.

Specific educational objectives of the program include:

  • A fundamental understanding of:
    • common vulnerabilities of computing and networked systems,
    • cyber-attacking methods,
    • human and organizational aspects of cybersecurity,
    • methods for compromising privacy, and
    • risk assessment of cyber-attacks.
  • Able to apply security techniques to analyze and evaluate the security risk of information systems and networks.
  • Able to design information systems and networks with security controls to minimize security risks.

The program requires students take four core courses, three concentration courses, and three elective courses. The core courses are designed to prepare students with fundamental knowledge and skills in cybersecurity and privacy protection that are essential to all cybersecurity professionals. The concentration courses give students an opportunity to specialize in network security, secure software development, or emerging technologies. Elective courses give students an opportunity to further broaden their knowledge and skills in areas that are of particular interest to them. Together these three components will equip students with necessary skill sets in specific areas in cybersecurity and privacy where they wish to pursue their professional careers.

Students entering the Master of Science in Cybersecurity program are required to have completed a baccalaureate degree from an accredited institution of higher learning and have acquired substantial experience in studying, applying, or developing information and computing technology. Such experience may be developed by completing an undergraduate major in a discipline related to information technology, including but not limited to: business information systems, computer engineering, computer science, data communication, information management, information technology, mathematical and physical sciences, and software engineering. For applicants who have an undergraduate major not directly related to computing, the experience may be acquired through work, professional training, or further education such as graduate certificates or post baccalaureate studies

Admissions Requirements

Admission requirements specific to the program include:

  1. Applicants must have completed undergraduate or equivalent coursework in (a) data structures, (b) object-oriented programming in C++, C#, or java, (c) databases, (d) computer networks and (e) web application development, all with a minimum GPAs of 3.0 on a 4.0 scale. Applicants who have substantial work experience in applying or developing computing and information technology may be able to substitute their work experience for the above specific requirements, subject to review by the Program Coordinator.
  2. All applicants must have an undergraduate GPA or equivalent of at least 3.0 on a scale of 1.0 to 4.0, and a Junior/Senior GPA of at least 3.0.
  3. Applicants are required to demonstrate a satisfactory score on the aptitude portion of the Graduate Record Examination (GRE) or the Graduate Management Admission Test (GMAT).
  4. All applicants are required to submit a statement of purpose as well as letters of recommendation.

Degree Requirements

A student in the Master’s program must maintain a minimum GPA of 3.0 for continued enrollment in the program. Accumulation of three C grades will result in the suspension of the student’s enrollment in the program. Accumulation of one unsatisfactory (U) grade will result in the suspension of the student’s enrollment in the program.

Students are required to complete 30 credit hours for the Master’s degree, of which (a) 12 are for 4 common core courses, (b) 9 are for depth in a particular area of cybersecurity, and (c) 9 are for electives in security and computing and information technology.

Core Courses (12 credit hours)

Students are required to complete the following four common core courses (12 credit hours):

  • ITIS 5250 Computer Forensics (3 credit hours)
  • ITIS 6167 Network Security (3 credit hours)
  • ITIS 6200 Principles of Information Security and Privacy (3 credit hours)
  • ITIS 6240 Applied Cryptography (3 credit hours)

Concentration Courses (9 credit hours)

Students are required to complete one of the following concentrations (9 credit hours). Students pursuing a MS thesis will use 6 credit hours towards their concentration in place of coursework.

Network Security Concentration:

  • ITIS 6230 Information Infrastructure Protection (3 credit hours)
  • ITCS 6166 Computer Communications and Networks (3 credit hours)
  • Three credit hours of security elective

Secure Software Development Concentration:

  • ITIS 5221 Secure Programming and Penetration Testing (3 credit hours)
  • ITIS 6150 Software Assurance (3 credit hours)
  • ITCS 6114 Algorithms and Data structures (may be substituted by a security elective based on an approved undergraduate CS algorithm course)

Security for Emerging Technology

  • Nine credit hours of courses to achieve a clearly defined security theme. Must be under the direction of a member of CCI graduate faculty with program approval.

Elective Courses (9 credit hours)

Students are required to complete two additional courses as security electives from the following list.

  • ITIS 5221 Secure Programming and Penetration Testing (3 credit hours)
  • ITIS 6150 Software Assurance (3 credit hours)
  • ITIS 6210 Access Control and Security Architecture (3 credit hours)
  • ITIS 6220 Data Privacy (3 credit hours)
  • ITIS 6230 Information Infrastructure Protection (3 credit hours)
  • IT IS 6250 Open Source Security Systems (3 credit hours)
  • ITIS 6320 Cloud Data Storage (3 credit hours)
  • ITIS 6362 Information Technology Ethics, Policy, and Security (3 credit hours)
  • ITIS 6420 Usable Security and Privacy (3 credit hours)
  • ITIS 6880 Independent study for a security topic (may be repeated but only 3 credit hours can count towards the degree).
  • ITIS 6999 SFS Research (may be repeated but only 3 credit hours can count towards the degree)

CCI Elective

Students may complete any additional course offered by the College of Computing and Informatics for their remaining elective.

Three of the nine credit hours for electives may be substituted by an approved IT Internship, which also serves as a capstone project.

Capstone Experience

Students have three options to complete the 30-credit hour program:

  1. Coursework + Master’s Thesis: 24 hours of course work plus 6 hours of Master’s research thesis project,
  2. Coursework + Internship: 27 hours of course work plus 3 credit hours of an approved IT Internship, or
  3. Coursework + capstone report: 30 hours of course work and a capstone report.

The thesis option requires the formation of a program committee. The thesis option requires students to perform research under the supervision of an academic advisor, submit a written thesis and orally defend their work before their program committee.

The internship option requires approval by the program director of an internship location and preceptor, and the submission of a written internship report.

All students selecting the capstone report option are required to complete 30 credits of coursework and successfully complete a report describing a project experience in cybersecurity to fulfill the requirements of a culminating experience for the Master’s degree. The report will be submitted to and approved by the Graduate Coordinator.