Program Code: MSCYBRM
Master of Science
Program Philosophy and Content
Being able to understand various types of risks and assessing the threat that they pose to their organization’s assets and operations and designing strategies to mitigate them is one of the most critical jobs of a manager. Cyber threats are increasingly becoming one of the biggest threats to various organizations given the reliance on computing and networking technologies by various organizations. Managers who understand how cyber criminals threaten various types of organizations and what to do defend organizational assets, monetize cyber risk, and design policies to mitigate it are in extremely high demand. This is, in part, because in traditional academia cyber security and risk management have been taught in isolation from each other. Integrated cyber risk management academic program have simply not existed. Our masters in cyber risk management is a unique-one of a kind- program that fully integrates cyber security and risk management training to train professionals that are in high demand in the world of work in the 21st century.
As a result of globalization and advances in computing and networking technology during the 21st century, various organizations including those in the banking, financial and insurance sectors have come to store information about their customers and business processes in computer networked devices of various sorts. With the growth of internet of things and automated devices such as self-driving cars, an increasingly larger component of the devices owned by individuals as well as organizations are vulnerable to cyber attacks. Managers in the modern organizations (especially those in the banking, financial and insurance sectors) must understand how to identify these risks, how to assess them, and how to design strategies (including various insurance options) to mitigate cyber risks.
The cyber risk management program at Mercyhurst is not just for those with previous training in computer science or management. Instead, our program has been designed to allow students to acquire these fundamental skills as part of the program. An ideal candidate is a working professional who aspires a risk management position in the banking, financial and insurance sectors. Our 36 credit program can be completed in two years by taking one online class at a time. Coursework highlights the technical, legal and business aspects of cyber risk management, with special emphasis on monetizing cyber risk through insurance. Program graduates will be leaders in an emerging field, well positioned for careers as cyber security managers with small and large enterprises, as well as in the insurance industry.
In just five years, students can earn both a bachelor’s and master’s degree at Mercyhurst University through the new 4+1 Cyber risk management program. Undergraduate students in almost any discipline major of study may apply for the 4+1 program. Interested students must apply by April 1 of their sophomore year or after they have 30 credits completed on their Mercyhurst transcripts. Students of the 4+1 Cyber risk management program will take four graduatelevel courses (12 credits) during their junior and senior years. These credits will count toward the master’s degree, but will be billed at the undergraduate flat rate. These credits will only count for the Master of Science degree and students must complete at least 121 undergraduate credits to earn a bachelor’s degree. As a graduate student, students must complete 24 credits during the fifth year, charged at the graduate rate. Completing these requirements in five years may require students to take some courses during the summer.
The program chair shall conduct an annual review of the academic progress of all students enrolled in the program. Students whose GPA falls below a 3.0 or who might otherwise exhibit behavior that is not conducive to ensuring employment in this field will be placed on probation or removed from the program, depending on the outcome of review.
Graduates of the Masters of Science in Cyber Risk Management will be able to:
Computing & Information Science studies the design, application, use, impact, and ethical implications of computational principles and technology. This foundational class prepares students for advanced courses in Data Sciences, Cyber Secutity, and Cyber Risk Management. Topics covered include: computer organization, data structures, computer programming, networking concepts, computer security, and ethics.
This course introduces students to concepts in probability and statistics including sampling distributions, normal theory estimation and hypothesis testing, regression and correlation, exploratory data analysis, logistic regression, discriminant analysis, resampling methods and linear model selection. Learning to do statistical analysis on a personal computer is an integral part of the course.
This foundational course prepares students to better understand today's cyber networks and how they can support the requirements of organizations. It introduces networking basics and demonstrates how networks can support the increasing demands of advanced communications. The course examines networking standards, protocols, architectures, management and security.
Provides a comprehensive overview of essential concepts to better understand syber security. This course explores the risks, threats, and vulnerabilities associated with the digital world and introduces students to the principles of risk management, security standards, access controls, security audits, cryptography, compliance laws and privacy issues.
This course examines the legal aspects of the information security triad of availability, integrity, and confidentiality and prepares students to address areas where law and cyber security concerns meet. Topics include: risk analysis and incident response, intellectual property law, contracts in online transactions, tort law issues in cyberspace, the concept of privacy and its legal protections and the governance of information within organizations.
This course focuses on the security aspects of systems that are compose of components and connections and use software. It addresses the security issues of connecting components and using them within larger systems. It covers the principles, models and techniques of access control, authentication, secure communication and audit, system's virtualization, real-time systems, software and OS security.
Prepares students for planning, conducting, and reporting on research in computing and information sciences. Topics include literature survey to formulate a scientific research question; research methods used in data science, cyber security, and cyber risk management; and scientific writing and publishing. Completion of the course will provide the student with skills needed to undertake supervised thesis or research project work in the area of Computing and Information Sciences.
The capstone course experience is designed to allow students to work under the supervision of a computing and information science faculty member to solve a real world problem and present their findings to the faculty before graduation.