Graduate Cybersecurity Education Programs
Students interested in studying cybersecurity can take part in a number of graduate degree programs offered by Virginia Tech's Colleges of Engineering and Business. These degrees include:
- MS/PhD Computer Science (Offered in Blacksburg, VA and Falls Church, VA)
- MS/PhD Electrical and Computer Engineering (Offered in Blacksburg, VA and Falls Church, VA)
- MS Information Systems (Offered in Blacksburg, VA)
- Masters of Information Technology (Offered Online)
Virginia Tech offers the Online Master of Information Technology (MIT) Program to prepare you to be a technological leader in your field or community. This unique interdisciplinary program is offered jointly by the Pamplin College of Business and the College of Engineering.
Ranked #3 by U.S. News & World Report, the VT-MIT program is designed specifically for you as the working professional. The flexible online format will help you to reasonably manage professional, personal, and academic priorities. You can advance your career by earning your degree from a university recognized world-wide for academic excellence.
The MIT program offers the following modules:
- Security
- Cybersecurity Management
- Cybersecurity Policy
Overview
A student can earn a graduate certificate in Cybersecurity Engineering when he/she completes the following 4 courses
Required:
- CS/ECE 5560 Fundamentals of Information Security
Restricted Electives (pick 2):
- ECE/CS 5580, Cryptographic Engineering
- ECE/CS 5584, Network Security
- ECE/CS 5590, System and Software Security
Electives (pick 1):
- CS 5204, Operating Systems
- ECE/CS 5504, Computer Architecture
- ECE 5520, Secure Hardware Design
- CS/ECE 5565 Network Architecture and Protocols I
- CS 5704 Software Engineering
*A 5000- or 6000-level special topics or advanced topics course may be approved as a substitute given prior approval by the CS/ECE department.
Program Requirements
Certificate students must complete an application form for the certificate when they enroll. The application form is similar to a POS listing the CSEC courses to be taken and is signed by the CS/ECE department program director who administers the CSEC program. Then they must submit a separate 'application for conferral of degree' form for the certificate by the deadline for the semester in which they are planning to finish. Grad School staff will check the transcript against the courses on the approved application.
Students who are completing a degree and a certificate at the same time must submit 2 "application for conferral of degree" forms, one for the degree and one for the certificate. If they submit both forms at the same time, they pay only one graduation fee. Certificate recipients are listed in a special section of the Commencement Bulletin and recognized as a special group during the commencement ceremony.
Graduate Certificates appear on the transcript but not on the diploma. Students receive a separate Certificate, similar to a diploma at the same time as their diploma if they are degree students or at the time of the next commencement if they are Commonwealth Campus students.
DESCRIPTION
The Graduate Certificate in Cybersecurity Management is designed to teach students the fundamentals of cybersecurity management, which includes administration and coordination of all activities and personnel required to protect an organization's information systems and computer networks from cyber-threats (e.g., attacks, intrusions, malware) and data breaches. Students will learn the fundamentals of cybersecurity governance and risk management to evaluate and apply security frameworks that align with an organization's objectives and goals. Students will also learn how to use various business and cybersecurity tools and strategies (e.g., security analytics, risk assessment) needed to plan, manage, and assess cyber technologies to secure corporate data and information. Graduates will be able to develop, assess, and manage cybersecurity operations for technology-driven businesses and organizations.
CURRICULUM REQUIREMENTS
The curriculum requires coursework to teach students to assess current security operations and evaluate if existing systems are adequate. Through the coursework, students will learn how to perform risk assessments and enforce security protocols among organizational personnel. Students will learn to design and implement security operations to protect organizational data.
ACADEMIC REQUIREMENTS
9 credit hours of graduate level courses
- ACIS 5624: Cybersecurity Governance and Risk Management (3 credits)
- BIT 5134: Cybersecurity Program Design and Operations (3 credits)
- MGT 5804: Strategic Leadership in Technology-Based Organizations (3 credits)
COURSE DESCRIPTIONS
ACIS 5624: Cybersecurity Governance and Risk Management (3 credits)
Cybersecurity governance and risk management program in organizations. Governance frameworks for cybersecurity and external drivers for cybersecurity. Risk management, including existing frameworks, principles, and strategies related to risk assessment and implementation of cybersecurity policies, controls, and procedures. Budgeting and evaluation of risk management programs. Compliance with organizational cybersecurity programs, including risks of insider threats, management of security-related personnel, and establishment of cyber hygiene. Cybersecurity in relation to cybersecurity regulation.
BIT 5134: Cybersecurity Program Design and Operations (3 credits)
Broad coverage of the enterprise cybersecurity life-cycle. Design of a comprehensive and resilient enterprise cybersecurity program that aligns with the business objectives. Implementation and management of security operations. Security assessments and remediation of deficiencies. Security intelligence, analytics, and incident response. Measurement and communication of program effectiveness.
MGT 5804: Strategic Leadership in Technology-Based Organizations (3 credits)
This course focuses on the role of the leader in crafting corporate and business strategies where technology provides the basis for the firm's competitive advantage.
DESCRIPTION
The Graduate Certificate in Cybersecurity Policy is designed to teach students how to develop policy to protect organizational information from external threat. Students will learn how to use cyber threat research to write policy that support organizational business information and transactions (e.g., electronic payment systems) across the internet in a secure manner. Students will also learn how to incorporate national and international legal, ethical, and privacy standards in policy and procedures (e.g., standard operating procedures, intervention plans). Graduates will be able to create action plans, write policy, and implement policies and procedures governing the protection of organizational operations from cyber threat.
CURRICULUM REQUIREMENTS
The curriculum requires coursework to teach students to write and implement policy and procedures specific to an organization's cyber security matters. Students will explore policies and strategies for protecting cyberspace. Students will learn the fundamentals of managing the policy aspects of information technology and security. Coursework will educate students in privacy laws and standards. Students will gain an understanding of how to implement organizational policies and minimize cyber threats.
ACADEMIC REQUIREMENTS
9 credit hours of graduate level courses
- BIT 5114: Crime and Conflict in Cyberspace (3 credits)
- BIT 5124: Cyber Law and Policy for Information Technology (3 credits)
- BIT 5594: Web Applications and Electronic Commerce (3 credits)
COURSE DESCRIPTIONS
BIT 5114: Crime and Conflict in Cyberspace (3 credits)
In-depth exploration of the cyber threat landscape and the motives, methods, and mechanisms, that shape it. Complex and evolving nature of security, privacy, policies, and safety in cyberspace. Consequences posed by cyber threats at the individual, corporate, and national, and societal levels. Cyber threat research, governance and analysis. National and international policies and strategies for protecting cyberspace.
BIT 5124: Cyber Law and Policy for Information Technology (3 credits)
Key legal, ethical, and policy cyber governance and cyber security topics for managers and information security officers. Legal rights, remedies, and limitations related to cybercrime, computer intrusion, national security, and data breaches. Privacy laws and standards, impact assessments, privacy and security by design as policy and legal requirements. Comparison of international approaches to relevant laws and policies. Fundamentals of managing legal and policy aspects of information technology and security.
BIT 5594: Web Applications and Electronic Commerce (3 credits)
An examination of the concepts, technologies, and applications of electronic commerce. Topics include the World Wide Web as a platform for electronic commerce; intranets; electronic data interchange; electronic banking and payment systems; security and firewalls; software agents; and the social, legal, and international issues of electronic commerce.
DESCRIPTION
The Graduate Certificate in Cybersecurity Technologies is designed to teach students about the technology necessary to collect and assess threat data to protect computers, networks, and organizational information from external intrusion. Cybersecurity technologies include techniques and tools such as digital logic (e.g., software to identify abnormal file movements, bioprinting), smart grid technologies (e.g., encryption gateways), and system application hardening (i.e., reduces vulnerability of computer data by removing redundant or unnecessary account functions, access, ports). Students will learn how to assess and protect computer systems with data elements (e.g., data that includes personal information stored on a cloud) that are vulnerable to a threat. Graduates will be prepared to complete risk analyses of computer systems, identify vulnerabilities/intrusions, and use protective and/or countermeasure technologies to defend organizational data from cybersecurity threats.
CURRICULUM REQUIREMENTS
The curriculum requires coursework to teach students how to assess and protect computer systems. Students will learn about intrusion detection techniques (e.g., firewalls, notifications systems). Courses will provide students with an understanding of the tools and skills of cyberthreat assessment (e.g., intrusion detection systems, computer forensics) and response (e.g., data encryption). Students will learn how to perform risk analyses on computer systems, identify potential/actual cybersecurity threats, and use protective technologies to safeguard against data breaches.
ACADEMIC REQUIREMENTS
9 credit hours of graduate level courses
- ECE 5484: Fundamentals of Computer Systems (3 credits)
- ECE 5585: IT Security & Trust I (3 credits)
- CHOOSE ONE:
- ECE 5586: IT Security & Trust II (3 credits) OR
- ECE 5480: Cybersecurity: Internet of Things (3 credits)
COURSE DESCRIPTIONS
ECE 5484: Fundamentals of Computer Systems (3 credits)
Fundamental principles and concepts of computer systems. Computer hardware, Boolean logic, number systems and representation, design and operation of digital logic, analysis of instruction set architectures and computer organization, and specification of data communication and networking standards.
ECE 5585: IT Security & Trust I (3 credits)
Fundamental Internet and computer security principles and applications, legal and privacy issues, risk analysis, attack techniques, intrusion detection concepts, basic computer forensics, and system application hardening techniques.
ECE 5586: IT Security & Trust II (3 credits)
Advanced security and trust concepts and implementation in wired and wireless computer networks and computer systems, malware defenses, impact of channel fragility, node mobility, cooperative functionality, and resource constraints on security and trust at the different layers of the internet protocol stack.
ECE 5480: Cybersecurity: Internet of Things (3 credits)
Cybersecurity principles and technologies motivated by the evolving ecosystem of the Internet of Things (IoT): devices, operating systems, sensors, data storage, networking and communication protocols, and system services. Io T device and system security and privacy vulnerabilities, analysis and attach mitigation techniques.