Master's in Cybersecurity Risk Management
On-Campus Course Schedule for Fall 2024

Capstone

Program staff will manually register eligible students for capstone course. A grade of "B" or higher is needed to pass this course. Core requirement for MPS degree.

Note: This is a core requirement of the degree. Students must earn a grade of "B" or better.

Capstone

Program staff will manually register eligible students for capstone course. A grade of "B" or higher is needed to pass this course. Core requirement for MPS degree.

Note: Capstone proposals must be approved by course instructor before registering in the Capstone course. Program staff will manually register eligible students for capstone course following approval from course instructor. A grade of "B" or higher is needed to pass this course. Core requirement for MPS degree

Comm Strat for Info Sec Profs

This course addresses several leadership considerations, including how to navigate culture and style practices within organizations. Students learn how to deploy continual reinforcement in their communications strategy, especially when addressing the issues of risk and change. The course examines multiple communication approaches as well as tools and techniques that are appropriate for different audiences. Finally, students learn how to plan and implement a workforce cybersecurity awareness communications campaign.

Comp Emgy Resp. and Resilience

This course teaches students the fundamental skills needed to handle and respond to computer security incidents in an information system. This course introduces various underlying principles and techniques for detecting and responding to current and emerging computer security threats. Students learn how to manage a variety of types of incidents, and various laws and policies related to incident response are also covered. The course covers three main types of incidents: data breaches, advanced malware, and targeted attacks. Students learn how to plan for, respond to, and report these incidents.

Note: Online Sync

Cryptography&Network; Security

This fundamental course covers the theory of encryption and standard protocols for data communications and network security. Students will learn the goals of cryptography such as data privacy, authenticity and integrity. Topics that may be covered include PKI, digital signatures, message authentication codes, hash functions, etc. An examination of network security defenses and countermeasures are also covered.

Cyber Threat Intelligence

This course focuses on profiling adversaries in the cyber space (hackers, organized crime, insiders, foreign states) and analyzing techniques, tools and processes they are using to perpetrate attacks against critical assets. Students will be able to develop threat indicators, determine potential implications for existing information systems and exploitation systems, and formulate advice on how to neutralize threats or thwart possible attacks.

Cybersec Governance Frmwrk

This course prepares students to develop governance frameworks for information security management. Students learn how to develop holistic and integrated frameworks that include: (1) strategic planning; (2) security architecture policy and standards; (3) cultural and organizational awareness, training, and change management principles; (4) security operations; and (5) compliance and audit support elements. Students will study existing frameworks that are recognized as best practice in the public and private sectors (federal government, critical infrastructure, ISO 27000 for commercial, etc.).

Disruptive Tech & Org Change

This course explores the impact of disruptive technological innovation on organizations and their ability to adapt to change. More precisely, students learn how to detect and anticipate disruptive technologies and their potential impact on organizational culture, processes, and strategies. The course places an emphasis on understanding organizational values, processes, resources, and migration capabilities. Upon completion of the course, students will be able to identify and apply sustainable solutions to accommodate disruptive innovations and capabilities to cope with organizational and industry changes.

Ethics in Cybersecurity

In the first part of this course, students are introduced to methodologies, principles, values, and frameworks to facilitate the study of ethics. In the second part of the course, students study discipline- and field-specific codes of ethics within the profession. The course explores the ethical responsibilities all cybersecurity professionals have towards themselves, corporations, the government, and the public. Students contrast the roles and responsibilities of security professionals with those of other information technology professionals. In the third part of the course, students apply an appropriate decision-making framework and gain experience navigating ethical issues in decision-making. Course discussions center on issues involving privacy, confidentiality, and sensitive information. During the final project, students codify an individual code of ethics in relation to professional codes of conduct. Students must receive a grade of B or higher to graduate.

Info Assurance & Risk Mgmt

This course provides an overview of enterprise security, privacy and information security assessment and management, and cybersecurity. This course concentrates on tangible and intangible costs and examines concepts of information assurance and security risk assessment. Students learn how to assess information security risks and develop solutions. Students also learn traditional risk treatment options (accept, avoid, remediate/reduce, transfer) and apply them to IA/cyber risk management. Topics covered include social engineering, risk assessment, recovery and response, enterprise security, and formal techniques and policies.

Info Sec. Laws and Compliance

This course introduces students to privacy laws, regulations, and industry guidelines with significant security and privacy impact and requirements. The course primarily examines laws and regulations from the United States, but it also includes some coverage of international laws. The course is divided into four sections. First, students are exposed to broadly-applicable laws and regulations that address information security. Second, students receive an introduction to industry-specific guidelines and requirements (FISMA, NERC, HIPAA, HITECH, PSQIA3 , etc.). Third, students examine key state laws and regulations that impact information security management (such as relevant laws in California, Massachusetts, and New York). Finally, students scrutinize other countries’ laws and regulations related to information security and privacy (such as laws in Canada, Mexico, and the European Union) and international standards such as ISO 27001 and 27032.

Information Security

This course provides theoretical and applied foundations of information security and assurance. Students study various types of cyber-crime and vulnerabilities of government computer systems and information networks. Students learn about strategies for the protection of information and computer systems and how to mitigate and respond to breaches of those systems.

Mobile Device & App Security

This course prepares students to develop a mobile device security strategy by identifying the mobile threat models and creating mobile security policies that establish device enrollment procedures, define permissions on usage and control, enhance connectivity control, and specify acceptable use of mobile devices in a working environment. Students also learn how to evaluate mobile device vulnerabilities, establish mobile device management processes, and design procedures to protect specific technology such as iPhone, iPad, and Android devices (such as secure access solutions and credential safeguards). Finally, students learn how to implement mobile application security measures through the application development process.

Secure Cloud Computing Archit

This course explores the emergence of cloud computing and security architecture deployed to protect data. First, students are introduced to cloud computing, virtualization, legacy hardware and software considerations, approaches to transitioning information technology from legacy systems to a shared managed service model, and various cloud computing models (including private, public, hybrid, and community clouds). After being familiarized with cloud computing, students are introduced to various type of security architectures, standards, protocols, and services used in private and public sectors

Securing Digital Supply Chain

This course examines how organizations are increasing security of their supply chains for critical products, materials, and systems. Students will focus on digital threats and vulnerabilities. The course explores case examples and industry and government best practices related to mitigation tools, strategies, and protective measures of Supply Chain Risk Management (SCRM) programs.

Security Architecture & Design

This course introduces students to fundamental logical hardware, operating system, and software security components, and how to use those components to design, architect, and evaluate secure computer systems. Understanding these fundamental issues is critical to effective information security management. The course is divided into three sections. The first section covers the hardware and software required to have a secure computer system. The second section covers the 9 logical models required to keep the system secure. The third section covers evaluation models that quantify system security.