Master of ScienceCybersecurity Operations and Control Management

Information networking lays the groundwork for analysis of concepts that form the foundation to study Cybersecurity. The Internet contains a constant flow of information in the form of packets over interconnected network devices. This topic covers protocols, software, hardware, and functions that support networking services, such as switching/routing, virtual networking concepts, domain name services, directory services, and other Internet required protocols.

To understand security architecture, you must first understand architecture in general. At first glance, security and architecture are diametrically opposed. Security is freedom from, or resilience against, potential harm. Architecture is meant to build things up to make them more useful. Security architecture is the design, development, and implementation of resilient networks and systems to protect the information that is stored, transmitted, and processed.

This course provides guidelines for data security utilizing cloud computing by determining the boundaries of the cloud service provider (CSP) responsible for ensuring that customer data is properly secured. Depending on the cloud services (i.e. IaaS, PaaS, SaaS), the security of the data is the responsibility of the Cloud Service Consumer (CSC) themselves. For example, in some cases the CSP may be responsible for restricting access to the data, while the CSC remains responsible for deciding which cloud service users (CSUs) should have access to it, and the behavior of any scripts or applications with which the CSU processes the data. This course identifies the security controls protecting CSC data that can be used in the different stages of the full data lifecycle.

Cybersecurity for applications and software provides the security architecture as it applies to the continuous development and deployment of application and software. This course demonstrates the techniques to improve the organization’s security at every level, including the application and software layer. By combining development operations and security with consideration for cloud services, an integrated approach is used to ensure the cyber protections are implemented at all levels of the infrastructure. This course will provide the skills to implement security at each layer, such as web application, cloud infrastructure, communication, and service delivery. Topics include exploring core security aspects of blocking attacks, fraud detection, cloud forensics, and incident response. Additionally, cybersecurity topics on extending development operations (DevSecOps) security practices, risk assessment, threat modeling, and continuous security monitoring.

In this course, the student will explore leadership and ethical business decision making as related to the use of technology. Ethical obligations have both a professional and a personal dimension. Each are essential to consider; without a sense of personal ethics, one would be indifferent to their effect on the lives of others in circumstances where one’s professional code is silent. Personal leadership helps us to be sure that we take full responsibility for our moral choices and their consequences. This course addresses professional leadership and ethics in information technology as it applies to practical business managers and systems. This course teaches the student how to gain knowledge and understanding of a number of aspects, including: the types of harms the public can suffer as result of misuse of information technology; the importance of an individual privacy of information; legal and constitutional rights to protect information; and obligations of organizations to protect the public and ethical decision making.

The course introduces the student to the interdisciplinary field of cybersecurity. Topics include the evolution of information security into cybersecurity and exploring the relationship of cybersecurity to organizations and society. Analysis of the threats and risks to/in these environments are examined. The ultimate goal of this course is for the student to acquire the advanced knowledge required to develop the skills needed to integrate knowledge from this course into a workplace environment. Cross-listed with CISC 661.

This course integrates cyber risk management into day-to-day operations. Additionally, it enables an enterprise to be prepared to respond to the inevitable cyber incident, restore normal operations and ensure that the enterprise assets and the enterprise’s reputation are protected. This course focuses the student on a broad range of topics relative to the tools used to protect the enterprise from today’s cyber-threats. The intent is to focus on creating risk-based assessment tools for modeling approaches to solve cybersecurity issues, so organizations can build security framework and sustain a healthy security posture. This course analyzes external and internal security threats, failed systems development and system processes, and explores their respective risk mitigation solutions through policies, best practices, operational procedures, and government regulations. Cross-listed with CISC 662.

This course integrates knowledge accumulated from the prerequisites and serves as a capstone for the concentration in Computer Security. Attention is focused on the techniques for protecting critical information infrastructures and the process of identifying the risk to data and information using case studies, application development, and systems assessment. Cross-listed with CISC 663.

This course explores a topic or collection of topics of special interest that is timely and in response to critical or emerging topics in the broad field of Cybersecurity Operations and Control Management.

This course explores a topic or collection of current topics that are timely and in response to critical or emerging topics in the broad field of Cybersecurity Operations and Control Management.

This course allows the student to pursue an area of interest that is within the broad scope of Cybersecurity Operations and Control Management. A faculty member will supervise this study.

This course guides the student to develop and finalize a selected research problem and to construct a proposal that effectively establishes the basis for either writing a thesis or launching an experiential capstone project. The course provides an overview of strategies for effective problem investigation and solution proposal. Research methodology is studies and applied as part of suggesting a solution to a problem. Writing and formatting techniques are also explored and applied as a communication tool for cataloging the investigation and recommending the solution.