Apply Now Request Information Schedule a Visit

Cyber Risk Management - MS

Program Codes: MSCYBRM
Master of Science

Availability: online

Program Philosophy and Content
Being able to understand various types of risks and assessing the threat that they pose to their organization’s assets and operations and designing strategies to mitigate them is one of the most critical jobs of a manager. Cyber threats are increasingly becoming one of the biggest threats to various organizations given the reliance on computing and networking technologies by various organizations. Managers who understand how cyber criminals threaten various types of organizations and what to do defend organizational assets, monetize cyber risk, and design policies to mitigate it are in extremely high demand. This is, in part, because in traditional academia cyber security and risk management have been taught in isolation from each other. Integrated cyber risk management academic program have simply not existed. Our masters in cyber risk management is a unique-one of a kind- program that fully integrates cyber security and risk management training to train professionals that are in high demand in the world of work in the 21st century.

As a result of globalization and advances in computing and networking technology during the 21st century, various organizations including those in the banking, financial and insurance sectors have come to store information about their customers and business processes in computer networked devices of various sorts. With the growth of internet of things and automated devices such as self-driving cars, an increasingly larger component of the devices owned by individuals as well as organizations are vulnerable to cyber attacks. Managers in the modern organizations (especially those in the banking, financial and insurance sectors) must understand how to identify these risks, how to assess them, and how to design strategies (including various insurance options) to mitigate cyber risks.

The cyber risk management program at Mercyhurst is not just for those with previous training in computer science or management. Instead, our program has been designed to allow students to acquire these fundamental skills as part of the program. An ideal candidate is a working professional who aspires a risk management position in the banking, financial and insurance sectors. Our 36 credit program can be completed in two years by taking one online class at a time. Coursework highlights the technical, legal and business aspects of cyber risk management, with special emphasis on monetizing cyber risk through insurance. Program graduates will be leaders in an emerging field, well positioned for careers as cyber security managers with small and large enterprises, as well as in the insurance industry.

In just five years, students can earn both a bachelor’s and master’s degree at Mercyhurst University through the new 4+1 Cyber risk management program. Undergraduate students in almost any discipline major of study may apply for the 4+1 program. Interested students must apply by April 1 of their sophomore year or after they have 30 credits completed on their Mercyhurst transcripts. Students of the 4+1 Cyber risk management program will take four graduatelevel courses (12 credits) during their junior and senior years. These credits will count toward the master’s degree, but will be billed at the undergraduate flat rate. These credits will only count for the Master of Science degree and students must complete at least 121 undergraduate credits to earn a bachelor’s degree. As a graduate student, students must complete 24 credits during the fifth year, charged at the graduate rate. Completing these requirements in five years may require students to take some courses during the summer.

The program chair shall conduct an annual review of the academic progress of all students enrolled in the program. Students whose GPA falls below a 3.0 or who might otherwise exhibit behavior that is not conducive to ensuring employment in this field will be placed on probation or removed from the program, depending on the outcome of review.

Program Outcomes:

Graduates of the Masters of Science in Cyber Risk Management will be able to:

  • Analyze various types of cyber threats to individuals and organizations and cyber networks.
  • Perform risk management review for organizations; apply appropriate data analytics in the process.
  • Distinguish among the varying risks that threaten an organization’s business model and strategic plan; and make recommendations on how to identify, assess, manage and monitor those threats.
  • Analyze techniques for assessing, monetizing, and mitigating traditional and cyber risks through insurance.
  • Evaluate the US and international legal, regulatory, policy and ethical issues involved in cyber risk management.

Core Requirements

COMPUTING & INFORMATION SCIENCE CONCEPTS
Course Code:
CIS 500
Active Term:
Fall/Spring
/ All
Course Description:

Computing & Information Science studies the design, application, use, impact, and ethical implications of computational principles and technology. This foundational class prepares students for advanced courses in Data Sciences, Cyber Secutity, and Cyber Risk Management. Topics covered include: computer organization, data structures, computer programming, networking concepts, computer security, and ethics.

Credit:
3
Instruction methods:
Lecture
Total hours: 45
x
CIS 500
COMPUTING & INFORMATION SCIENCE CONCEPTS
3
PROBABILITY & STATISTICS
Course Code:
CIS 501
Active Term:
Fall
/ All
Course Description:

This course introduces students to concepts in probability and statistics including sampling distributions, normal theory estimation and hypothesis testing, regression and correlation, exploratory data analysis, logistic regression, discriminant analysis, resampling methods and linear model selection. Learning to do statistical analysis on a personal computer is an integral part of the course.

Credit:
3
Instruction methods:
Lecture
Total hours: 45
x
CIS 501
PROBABILITY & STATISTICS
3
CYBER NETWORKS
Course Code:
CIS 560
Course Group(s):
Data Science Electives
Active Term:
Summer
/ All
Course Description:

This foundational course prepares students to better understand today's cyber networks and how they can support the requirements of organizations. It introduces networking basics and demonstrates how networks can support the increasing demands of advanced communications. The course examines networking standards, protocols, architectures, management and security.

Credit:
3
Instruction methods:
Lecture
Total hours: 45
x
CIS 560
CYBER NETWORKS
3
CYBER SECURITY
Course Code:
CIS 561
Course Group(s):
Data Science Electives
Active Term:
Summer
/ All
Course Description:

Provides a comprehensive overview of essential concepts to better understand cyber security. This course explores the risks, threats, and vulnerabilities associated with the digital world and introduces students to the principles of risk management, security standards, access controls, security audits, cryptography, compliance laws and privacy issues.

Credit:
3
Instruction methods:
Lecture
Total hours: 45
x
CIS 561
CYBER SECURITY
3
CYBER LAW & POLICY
Course Code:
CIS 564
Course Group(s):
Data Science Electives
Active Term:
Spring
/ All
Course Description:

This course examines the legal aspects of the information security triad of availability, integrity, and confidentiality and prepares students to address areas where law and cyber security concerns meet. Topics include: risk analysis and incident response, intellectual property law, contracts in online transactions, tort law issues in cyberspace, the concept of privacy and its legal protections and the governance of information within organizations.

Credit:
3
Instruction methods:
Lecture
Total hours: 45
x
CIS 564
CYBER LAW & POLICY
3
SYSTEM & APPLICATION SECURITY
Course Code:
CIS 565
Course Group(s):
Data Science Electives
Active Term:
Spring
/ All
Course Description:

This course focuses on the security aspects of systems that are compose of components and connections and use software. It addresses the security issues of connecting components and using them within larger systems. It covers the principles, models and techniques of access control, authentication, secure communication and audit, system's virtualization, real-time systems, software and OS security.

Credit:
3
Instruction methods:
Lecture
Total hours: 45
x
CIS 565
SYSTEM & APPLICATION SECURITY
3
RESEARCH METHODS
Course Code:
CIS 598
Active Term:
Fall
/ All
Course Description:

Prepares students for planning, conducting, and reporting on research in computing and information sciences. Topics include literature survey to formulate a scientific research question; research methods used in data science, cyber security, and cyber risk management; and scientific writing and publishing. Completion of the course will provide the student with skills needed to undertake supervised thesis or research project work in the area of Computing and Information Sciences.

Credit:
3
Instruction methods:
Lecture
Total hours: 45
x
CIS 598
RESEARCH METHODS
3
RESEARCH PROJECT
Course Code:
CIS 599
Active Term:
Spring
/ All
Course Description:

The capstone course experience is designed to allow students to work under the supervision of a computing and information science faculty member to solve a real world problem and present their findings to the faculty before graduation.

Credit:
3
Instruction methods:
Lecture
Total hours: 45
x
CIS 599
RESEARCH PROJECT
3
CYBER RISK MANAGEMENT
Course Code:
RMGT 520
Active Term:
Spring
/ All
Course Description:
This course covers the introduction to Risk Management to understand and mitigate cyber risk exposures. This course will review the risk management process, cyber risk exposures, cyber insurance, regulatory environment and how cyber risk management applies to the enterprise.
Credit:
3
Instruction methods:
Lecture
Total hours: 45
x
RMGT 520
CYBER RISK MANAGEMENT
3
ADVANCED PROPERTY&LIABILITY INSURANCE
Course Code:
RMGT 530
Active Term:
Spring
/ All
Course Description:
The course goal is for students to learn how risk management techniques can be used to address a commercial operation's property and liability loss exposures. Specifically, this course will provide instruction on industry trends related to all aspects of commercial property and liability insurance including policies, premium structure, constitution of insurable risks, underwriting, cyber risks, and claims.
Credit:
3
Instruction methods:
Lecture
Total hours: 45
x
RMGT 530
ADVANCED PROPERTY&LIABILITY INSURANCE
3
ADVANCED FINANCE&ACCT INS PROFESSIONALS
Course Code:
RMGT 540
Active Term:
Fall
/ All
Course Description:
This course provides students an overview of insurance company financial concepts including the differences between Statutory Accounting Principles and Generally Accepted Accounting Principles, cash flows, investment portfolio analysis, and the underwriting cycle. The students will work on a project that will apply the materials to analysis providing a practical view of insurance company finances.
Credit:
3
Instruction methods:
Lecture
Total hours: 45
x
RMGT 540
ADVANCED FINANCE&ACCT INS PROFESSIONALS
3
ENTERPRISE RISK MANAGEMENT
Course Code:
RMGT 550
Active Term:
Fall
/ All
Course Description:
Enterprise Risk Management involves identifying the risks and opportunities faced by a firm, assessing them, developing and implementing a plan to address them, and then monitoring progress. In this course students will learn the basics of ERM to identify elements of effective ERM systems and progress to analyze how companies can use ERM systematically to advance business objectives. Risk assessment, risk modeling and data analytics can be employed in addressing strategic planning and ERM.
Credit:
3
Instruction methods:
Lecture
Total hours: 45
x
RMGT 550
ENTERPRISE RISK MANAGEMENT
3
Menu