MS in Cybersecurity Program Overview

Cybersecurity professionals are the gatekeepers of information systems and cyber-physical systems. They plan and execute security measures to shield an organization’s computer systems, networks, and networked devices from infiltration and cyberattacks.

Graduates of the Master’s in Cybersecurity program will understand how to prevent, monitor, and respond to data breaches and cyberattacks. The University of Arizona’s online MS in Cybersecurity enables you to bolster your technical and analytical skills, all from the convenience of your home or office.

With our accelerated eight-week courses, you are able to focus on one course at a time and immediately apply the knowledge and skills learned in the course to your job.

The MS in Cybersecurity multidisciplinary curriculum draws courses from the University of Arizona’s programs in Management Information Systems (MIS), Electrical & Computer Engineering (ECE), and Systems & Industrial Engineering (SIE).

The program is designed for working IT, engineering, and other professionals who have three years of work experience and want to boost their skills for a cybersecurity career path.

Designed specifically for those with technical experience, the degree focuses on effectively applying analytical and critical thinking to plan and execute security measures to shield an organization’s computer systems, networks, and networked devices from infiltration and cyberattacks.

Students engage in theoretical and hands-on approaches to learning the critical components of cybersecurity. Cybersecurity courses cover topics such as business intelligence data mining, information security, risk management, systems security management, penetration testing, network security, and system cybersecurity engineering.

As a result of this program, students will:

  • Understand the breadth and scope of security issues on personal, corporate, national, and global levels
  • Assess, prevent, and manage information or systems security related risks
  • Perform system hardening, vulnerability testing, and forensic investigation procedures
  • Apply data analytics to develop threat intelligence for current and future information or systems security endeavors

Program Tracks

The MS in Cybersecurity program offers two different tracks for students: Information Systems and Physical Systems. No matter which track a student chooses they must complete 33 units of coursework, comprised of 12 units of Common Core and 21 units of their selected track. Courses from either track can fulfill elective requirements within both tracks.

COMMON CORE
12 units
MIS 515 Information Security in Public and Private Sectors
MIS 545 Data Mining for Business Intelligence
ECE 578 Fundamentals of Computer Networks
SIE 571 Systems Cyber Security Engineering
TRACKS
Information Systems
21 units
Physical Systems
21 units
Required
MIS 516 Information Security Risk Management
MIS 517 Systems Security Management
MIS 562 Cyber Threat Intelligence
MIS 566 Penetration Testing: Ethical Hacking and Social Engineering
MIS 689 Cyber Warfare Capstone

Electives
MIS 511 Social and Ethical Issues of the Internet
MIS 514 IT Audit
MIS 578 Project Management

Electives
ECE 509 Cyber Security: Concepts, Theory, Practice
ECE 523 Machine Learning and Data Analytics
SIE 530 Engineering Statistics
ECE 535A Digital Communications Systems
SIE 554A Systems Engineering Process
ECE 571 Fundamentals of Information and Network Security

Course Structure

Cybersecurity courses are delivered using a combination of online voiced-over material supplemented by online labs, assignments, projects, reading materials, quizzes, and exams. Each course duration is eight weeks (there are breaks over the holidays) and materials are available online while students are enrolled in a course. Except for instructor-designated materials, students are also able to download material for later personal use or reference.

Assignments are given for each week and must be completed within a designated time frame. Courses are NOT self-paced but are structured in weekly assignments. The course mix includes a variety of active learning opportunities including projects, discussions, chats, labs, extra credit opportunities, quizzes, and exams – all delivered online.

Courses are delivered via a secure online course management system called D2L (Desire to Learn). Students are given access and instructions to D2L upon acceptance into the program. In addition, students upload their assignments and conduct online discussions with the instructor and classmates through the D2L interface.

Course Calendar

MS Cybersecurity courses are eight-week “mini-semesters” and enable students to take two courses within the university’s traditional 16-week semester.

The following course calendar is updated as of June 9, 2017. Courses and dates are subject to change.

Fall 1: August 28 - October 22, 2017

Course No. Course Title Information Systems Track Physical Systems Track
ECE 578 Fundamentals of Computer Networks Core Core
MIS 517 Systems Security Management Core Elective

Fall 2: October 23 - December 17, 2017

Course No. Course Title Information Systems Track Physical Systems Track
MIS 515 Information Security in Public and Private Sectors Core Core
SIE 571 Systems Cyber Security Engineering Core Core
MIS 578 Project Management Elective

Spring 1: January 8 - March 4, 2018

Course No. Course Title Information Systems Track Physical Systems Track
MIS 516 Information Security Risk Management Core Elective
MIS 545 Data Mining for Business Intelligence Core Core

Spring 2: March 5 - April 29, 2018

Course No. Course Title Information Systems Track Physical Systems Track
MIS 517 Systems Security Management Core Elective

Summer 1: May 7 - July 1, 2018

Course No. Course Title Information Systems Track Physical Systems Track
MIS 515 Information Security in Public and Private Sectors Core Core

Summer 2: July 2 - August 26, 2018

Course No. Course Title Information Systems Track Physical Systems Track
MIS 516 Information Security Risk Management Core Elective
MIS 545 Data Mining for Business Intelligence Core Core

Course Descriptions

Click the course name or + adjacent to the name to view the course description:

Technical - 3 Credits - Elective

Description: This course provides an introduction to technical aspects of cyber security. It describes threats and types of attacks against computers and networks to enable students to understand and analyze security requirements and define security policies. Security mechanisms and enforcement issues will be introduced. Students will be immersed in the cyber-security discipline through a combination of intense coursework, open-ended and real-world problems, and hands on experiments.

Prerequisite knowledge: Python and statistics

Technical - 3 Credits - Elective

Description: Machine learning deals with the automated classification, identification, and/or characterizations of an unknown system and its parameters. There are an overwhelming number of application driven fields that can benefit from machine learning techniques. This course will introduce you to machine learning and develop core principles that allow you to determine which algorithm to use, or design a novel approach to solving to engineering task at hand. This course will also use software technology to supplement the theory learned in the class with applications using real-world data.

Prerequisite knowledge: Python and statistics, and ECE 503

Technical - 3 Credits - Elective

Description: The purpose of the course is to give students a comprehensive introduction to digital communication principles. The major part of the course is devoted to studying how to translate information into a digital signal to be transmitted, and how to retrieve the information back from the received signal in the presence of noise and intersymbol interference (ISI). Various digital modulation schemes are discussed through the concept of signal space. Analytical and simulation models for digital modulation systems are designed and implemented in the presence of noise and ISI. Optimal receiver models for digital base-band and band-pass modulation schemes are covered in detail.

Prerequisite knowledge: Python and statistics

Technical - 3 Credits - Elective

Description: Shannon's approach to cryptography. Symmetric key cryptography, cryptographic hash functions, and public key cryptosystems. Authentication, key management and key distribution. Wireless and network security.

Prerequisite knowledge: Python and statistics

Technical - 3 Credits – Common Core Course

Description: Introduction to computer networks and protocols. Study of the ISO open systems interconnection model, with emphasis on the physical, data link, network, and transport layers. Discussion of IEEE 802, OSI, and Internet protocols.

Prerequisite knowledge: Python and statistics

Theory/Practical - 3 Credits - Elective

Description: Broad survey of the individual, organizational, cultural, social and ethical issues provoked by current and projected uses of networked computers on the Internet.

Theory/Practical - 3 Credits - Elective

Description: This course covers using controls to protect information assets. Topics include internal and external IT auditing, the role of auditing role in information security, the IT audit process, system independent IT audit processes, system dependent IT audit processes, auditing outsourced IT systems and resources. Controls covered will include desktop computer controls, systems development controls, computer center operation controls, assurance of information related to on-line, client-server, web-based, internet, cloud computing, virtualization and other advanced computer topics. Students will learn approaches to evaluating and addressing technology risk throughout the organization from the perspective of internal and external audit in addition to the view of end users. Topics included in the class will include coverage of all areas to prepare students to take the Certified Information Systems Auditor (CISA) exam.

Theory/Practical - 3 CreditsCommon Core Course

Description: This course exposes the student to a broad range of computer systems and information security topics. It is designed to provide a general knowledge of measures to insure confidentiality, availability, and integrity of information systems. Topics range from hardware, software and network security to INFOSEC, OPSEC and NSTISS overviews. Components include national policy, threats, countermeasures, and risk management among others. Students completing this course are awarded the NSA-CNSS certificates numbers 4011 - CNSS 4011 – Information Systems Security Professionals & CNSS 4012 – Senior Systems Managers.

No textbook needed.

Theory/Practical - 3 Credits - Core (for Information Systems Track)/Elective (for Cyber Physical Systems Track)

Description: The objective of our MIS 516 course is to provide students a thorough and operational knowledge of information security so that this critical area is recognized as a management issue and not an I.T. issue. As the course topics within our MIS 516 syllabus have been directly "mapped" against the U.S. National Security Agency (NSA) certification requirements for National Training Standard for Information System Security for professionals, students completing the current MIS 516 course are awarded the NSA-CNSS certificate number 4016. (NTSISS 4016 - Risk Analyst).

Technical - 3 Credits - Core (for Information Systems Track)/Elective (for Cyber Physical Systems Track)

Description: The information security arena contains a broad array of multi-level models for assessing, planning, implementing and monitoring the mitigation of security risks. At the very core of this information security spectrum are the actual system and network devices which store, manage, transmit and secure information. This course is designed to provide a working knowledge of issues and techniques surrounding the proper safeguarding of operating systems and related components. Filled with Information Assurance topics, this course offers a solid base for system administrators and technical managers. Students completing this course are awarded the NSA-CNSS certificate number 4013 - System Administrators.

No textbook needed.

Technical - 3 Credits – Common Core Course

Description: Corporations today are said to be data rich but information poor. For example, retailers can easily process and capture millions of transactions every day. In addition, the widespread proliferation of economic activity on the Internet leaves behind a rich trail of micro-level data on consumers, their purchases, retailers and their offerings, auction bidding, music sharing, so on and so forth. Data mining techniques can help companies discover knowledge and acquire business intelligence from these massive datasets. This course will cover data mining for business intelligence. Data mining refers to extracting or “mining” knowledge from large amounts of data. It consists of several techniques that aim at discovering rich and interesting patterns that can bring value or “business intelligence” to organizations. Examples of such patterns include fraud detection, consumer behavior, and credit approval. The course will cover the most important data mining techniques --- classification, clustering, association rule mining, visualization, prediction.

No textbook needed.

Technical - 3 Credits - Core (for Information Systems Track)/Elective (for Cyber Physical Systems Track)

Description: This course is designed to provide students with a hands-on introduction to the fundamental concepts and tools of modern cyber threat intelligence. Students will become familiar with the cyber threat intelligence lifecycle, identifying, collecting, and integrating intelligence feeds, common intelligence formats, and standard cyber threat intelligence technologies (e.g., CIF servers, TAXII servers, SIEM's etc.).

Prerequisite: MIS 545: Data Mining for Business Intelligence and Python

Technical - 3 Credits - Core (for Information Systems Track)/Elective (for Cyber Physical Systems Track)

Description: This course introduces students to the principles and techniques of the cybersecurity practice known as penetration testing (pen testing), or ethical hacking, and covers the full pen test life cycle. Students discover how system vulnerabilities can be exploited and learn how to avoid such problems. Students will review various tools and methods commonly used to compromise information and control systems. Ethical hacking, also known as penetration testing, is the act of breaking into a system with the permission and legal consent of the organization or individual who owns and operates the system, with the purpose of identifying vulnerabilities to strengthening the organization's security. Students will conduct hands-on penetration tests in a lab environment to practice the concepts presented and tools reviewed in the course. This course is an ethical hacking course and students will learn hacking techniques within a controlled environment for the goal of better securing the IT resources of their rightful owners.

Prerequisite knowledge: Python

Theory/Practical - 3 Credits - Elective

Description: Project Management is the application of knowledge, analytical skills, software tools and techniques related to various project activities in order to meet project requirements. It is increasingly recognized as an essential business skill. With a variety of exercises, demos, simulations and lectures, this course will present to you a systematic approach to project management that complements common sense with discipline.

Textbooks for MIS 578 are:

  • Timothy Kloppenborg, “Contemporary Project Management,” 3rd Edition, 2014, ISBN-10: 1285433351 | ISBN-13: 978-1285433356
  • Rachel Biheller Bunin, “New Perspectives on Microsoft Project 2010: Introductory (New Perspectives Series,)” 1st Edition, 2011, ISBN-10: 0538746769 | ISBN-13: 978-0538746762

Technical - 3 Credits - Core (for Information Systems Track)

Description: The focus of this course is the usage of common tools used during penetration assessments and hardening system defenses. Students will draw from previous classes to combine skills in online defense and penetration exercises of systems in a virtual environment. Along with course labs, this course will apply theory and techniques to provide the following learning base - knowledge, comprehension, and application.

Prerequisite: MIS 545, MIS 515, ECE 578, SIE 571, MIS 562, MIS 566, MIS 516, MIS 517 and Python

Technical - 3 Credits - Elective

Description: Statistical methodology of estimation, testing hypotheses, goodness-of-fit, nonparametric methods and decision theory as it relates to engineering practice. Significant emphasis on the underlying statistical modeling and assumptions.

Prerequisite knowledge: Statistics

Technical - 3 Credits - Elective

Description: Process and tools for systems engineering of large-scale, complex systems: requirements, performance measures, concept exploration, multi-criteria tradeoff studies, life cycle models, system modeling, etc.

Technical - 3 Credits – Common Core Course

Description: The purpose of this course is to introduce selected topics, issues, problems, and techniques in the area of System Cyber Security Engineering (SCSE), early in the development of a large system. Students will explore various techniques for eliminating security vulnerabilities, defining security specifications / plans, and incorporating countermeasures in order to achieve overall system assurance. SCSE is an element of system engineering that applies scientific and engineering principles to identify, evaluate, and contain or eliminate system vulnerabilities to known or postulated security threats in the operational environment. SCSE manages and balances system security risk across all protection domains spanning the entire system engineering life-cycle. The fundamental elements of cyber security will be explored including: human cyber engineering techniques, penetration testing, mobile and wireless vulnerabilities, network mapping and security tools, embedded system security, reverse engineering, software assurance and secure coding, cryptography, vulnerability analysis, and cyber forensics. After a fundamental understanding of the various cyber threats and technologies are understood, the course will expand upon the basic principles, and demonstrate how to develop a threat / vulnerability assessment on a representative system using threat modeling techniques (i.e. modeling threats for a financial banking system, autonomous automobile, or a power distribution system). With a cyber-resilience focus, students will learn how to identify critical use cases or critical mission threads for the system under investigation, and how to decompose and map those elements to various architectural elements of the system for further analysis. Supply chain risk management (SCRM) will be employed to enumerate potential cyber threats that could be introduced to the system either unintentionally or maliciously throughout the supply chain. The course culminates with the conduct of a realistic Red Team / Blue Team simulation to demonstrate and explore both the attack and defend perspectives of a cyber-threat. The Red Team will perform a vulnerability assessment of the prospective system, with the intention of attacking its vulnerabilities. The Blue Team will perform a vulnerability of the same system with the intention of defending it against cyber threats. A comparison will be made between the outcomes of both teams in order to better understand the overarching solutions to addressing the threats identified.

Upon completion of the course, students will be proficient with various elements of cyber security and how to identify system vulnerabilities early on in the system engineering lifecycle. They will be exposed to various tools and processes to identify and protect a system against those vulnerabilities, and how to develop program protection plans to defend against and prevent malicious attacks on large complex systems.

Graduate students will be given an additional assignment to write a draft Program Protection Plan (PPP) for the system that the class performed the threat analysis for. Program protection planning employs a step-by-step analytical process to identify the critical technologies to be protected; analyze the threats; determine program vulnerabilities; assess the risks; and apply countermeasures. A PPP describes the analysis, decisions and plan to mitigate risks to any advanced technology and mission-critical system functionality.

Prerequisite knowledge: Python

Certificates

In the process of earning the Master’s in Cybersecurity, students could also earn the Department of MIS’s Enterprise Security Certificate, which leverages the department’s designation – by the National Security Agency and the Department of Homeland Security – as a Center of Academic Excellence in Information Assurance Education. Students may also earn individual certificates as part of the Master’s in Cybersecurity curriculum.

Committee on National Security Systems
U.S. Department of Homeland Security
U.S. National Security Agency

 

Courses in the Enterprise Security Certificate and additional National Security Agency Committee on National Security Systems (CNSS) certificates offered by those courses are:

Course Title

Additional Certificate(s) Earned

Enterprise Security Certificate Courses
Each course is 3 credits

MIS 515 Information Security in the Public and Private Sectors CNSS 4011 - Information Systems Security Professionals
CNSS 4012 - Senior Systems Managers
MIS 516 Information Security Risk Management CNSS 4016 - Risk Analyst
MIS 517 Systems Security Management CNSS 4013 - System Administrators

With the completion of the courses above, students are also eligible for:

  • CPE units for CISSP, ISSAP, ISSEP, ISSMP, CAP and SSCP designation(s). These designations are offered by (ISC)².
  • CPE units for CISM and CRISC designations which are offered by ISACA.
  • One year of qualified work experience towards the Certified Information Security Manager® (CISM®) designation.*

* As of May 17, 2012, the University of Arizona, Department of Management Information Systems, Eller College of Management, Security Graduate Certificate as submitted to ISACA was found to be in alignment with the ISACA® Model Curriculum for Information Security Management, 2nd Edition. Graduates of this program qualify for one year work experience toward the Certified Information Security Manager® (CISM®) designation.

Computer Requirements

MS Cybersecurity students use a variety of online applications including discussion boards, chats, and virtual labs. Suggested hardware and software requirements include:

Hardware

PC or Mac*

  • Intel i5 or i7 processor
  • 8 gigabytes system RAM
  • 500 megabytes hard drive space
  • Preferred minimum 3 Mbps upload/download speeds or faster
  • Web cam and microphone

Required Software

For accessing course content:

Macs: Parallels or equivalent solution which allows running of Windows OS to run on Mac. We recommend VirtualBox.

Expected Student Computing Environment

  • Windows 10, or Mac OS 10.12 or higher with Parallels or equivalent solution for allowing Windows OS to run on Mac; we recommend VirtualBox
  • Microsoft Office or another compatible Office program
  • Internet Explorer, Mozilla Firefox, Safari, or other web browser supporting the above required software

For more information on Eller recommended configurations see https://it.eller.arizona.edu/guidelines.

* Some courses require software that will only run on Windows. It is common to find specific business applications only available on the Windows platform. Mac users should have a Parallels or equivalent solution for allowing Windows OS to run on a Mac.

Meet the Advisors

The MS in Cybersecurity program has three advisors:

Bryn Pallette

520.621.0193
cybersecurity@email.arizona.edu

Bryn works closely with our enrolled and potential MISonline and Master’s in Cybersecurity students to ensure their academic needs are met from registration to graduation. She advises students on policies, procedures, and academic requirements for graduation and assists students in course scheduling and planning to achieve academic success.

Tami Whalen

520.621.6195
cybersecurity@email.arizona.edu

Tami works closely with Electrical and Computer Engineering graduate students. She advises students on policies, procedures, and academic requirements for graduation and assists students in course scheduling and planning to achieve academic success.

Linda Cramer

520.626.4644
cybersecurity@email.arizona.edu

Linda works closely with Systems and Industrial Engineering graduate students. She advises students on policies, procedures, and academic requirements for graduation and assists students in course scheduling and planning to achieve academic success.

TOP