AMSCY - Cybersecurity

Program Director: Henry Collier
 

The Cybersecurity (M.S.) program delivers state-of-the-art, high-quality, and convenient education to busy professionals committed to furthering their careers in information security and assurance. In particular, the program appeals to chief information, technology, and information security officers of business and governmental organizations and is designed for security administrators, network administrators, information technology specialists, and professionals in the information technology field, including military personnel. Cybersecurity graduates are leaders and innovators in information security and assurance, bringing sound interdisciplinary perspectives to the field.

The program balances academic rigor with convenience. This combination maintains and respects Norwich University’s long educational heritage while it meets the needs of today’s working students. The program hires instructors who are academically and professionally qualified in their respective fields of expertise. Please note that a case study is a required part of the program.

Throughout the program, students:

• Study various aspects of information security and assurance

• Analyze the situation at their workplace or case study site

• Complete written assignments

• Use research findings to prepare a report with recommendations

• Students who do not have a degree in Computer Science, Information Technology,  or Cybersecurity need to demonstrate that they have a baseline knowledge in the following areas:

  Computer Networking

  Computer Science/Cybersecurity

  Linux operating system

  Scripting and Programming

  Microsoft Operating Systems

  Database systems (SQL)

  This knowledge can be achieved through college credit, industry training, industry certification, or professional experience.

• A bachelor's degree from an accredited institution recognized by the U.S. Department of Education, or an equivalent degree from a foreign institution, as evaluated by WES, IERF, SpanTran, or CED.

  • Undergraduate GPA of 2.75 or higher

• If English is not your first language, proof of English language proficiency is required. This can be demonstrated in one of three ways:

  • TOEFL - a minimum score of 550 (paper-based test) or 80 (Internet-based test) is required.

  • IELTS – a minimum composite score of 6.5 is required.

  • The applicant holds a baccalaureate or master’s degree from a college/university/institution in which the primary language of instruction was English.

All eligibility requirements are expected to be met unless noted in specific articulation agreements or memoranda of understanding (MOUs).

Up to 12-semester graduate credits for study conducted elsewhere may be awarded. Norwich complies with VA regulations and guidelines as it pertains to transfer credits.

In addition to core courses, one concentration is required.

Project Management Concentration

The Project Management concentration uses a sequential approach to provide a thorough understanding of all aspects of project-management theory and practice. The academic objectives of this program are mapped to A Guide to Project Management Body of Knowledge (PMBOK® Guide). Students enrolled in this concentration will be taking advantage of the experience of the Project Management faculty in conjunction with Cybersecurity faculty members who specialize in cybersecurity and information assurance. More importantly, the Project Management students establish a firm foundation in project management tools, techniques, and practices. Courses in this concentration offer in-depth study, specifically addressing each project management process area from a project leadership perspective.

Computer Forensic Investigation/Incident Response Team Management Concentration 

In this concentration, students learn to analyze and apply the key points in creating and managing a computer security incident response team (CSIRT) also known as a computer incident response team (CIRT) or a computer emergency response team (CERT). Students use the case study developed in the four required core courses to apply their knowledge to real-world situations and prepare recommendations for the establishment of a new CSIRT or improvement of their existing CSIRT. This concentration also provides the broad understanding that information assurance professionals need for the management, investigation, and analysis of digital incidents. 

Critical Infrastructure Protection and Cyber Crime Concentration

This concentration explores the nature of conflict in cyberspace focusing on two major Internet-based threats to the U.S. national security: cyber terrorism and cybercrime, and the security of information in computer and communications networks within infrastructure sectors critical to national security. These include the sectors of banking, securities and commodities markets, industrial supply chain, electrical/smart grid, energy, transportation, communications, water supply, and health. The seminars in this concentration provide a risk management framework to help information leaders leverage the benefits of internet technologies while minimizing the risks that such technologies pose to their organizations. Special attention is paid to the risk management of information in critical infrastructure environments through analysis & synthesis of assets, threats, vulnerabilities, impacts, and countermeasures. A critical consideration is given to the role of Supervisory Control and Data Acquisition (SCADA) systems in the flow of resources such as electricity, water, and fuel.

Vulnerability Management Concentration

The basics of penetration testing constitute the core of this concentration. Students utilize a virtual lab to gain experience through hands-on lab exercises. Students learn to use the well-known open-source Metasploit computer security project to understand security vulnerabilities, study to use this tool for penetration testing, testing the control tools, and learn to conduct monitoring of an enterprise. Students are introduced to system security and vulnerability analysis, the most common system exploits and vulnerabilities, the system “pivoting” and client-side exploits. Students learn how to assess enterprise security controls and system vulnerability, and to document their findings. Students study the rules of engagement, and how to conduct legal and ethical security tests and vulnerability assessments using known open-source tools (Metasploit, John the Ripper, Wireshark) to understand security vulnerabilities as well as to use this tool for penetration testing, testing the control tools, and how to conduct monitoring of an enterprise. This concentration is designed for penetration testers, system security, and network administrators.

Cyber Law and International Perspectives on Cyber Space Concentration

This concentration presents a comprehensive overview of ethical issues, legal resources and resources, and public policy implications inherent in the evolving online society. The complex and dynamic state of the law as it applies to behavior in cyberspace is introduced, and the pitfalls and dangers of governing in an interconnected world are explored. Ethical, legal, and policy frameworks for information assurance are addressed. Various organizations and materials that can provide assistance to operate ethically and legally in cyberspace are examined. Topics include intellectual property protection, electronic contracting and payments, notice to consent from e-message receipts, non-repudiation, and cybercrime, and the impact of ethical, moral, legal, and policy issues on privacy, fair information practices, equity, content control, and freedom of electronic speech using information systems. It also provides an overview of the issues surrounding transnational cyberspace policies, international investment strategies, and the implementation of communication and information technologies that affect the global economy and transforms the flow of information across cultural and geographic boundaries. The concentration examines various global governance frameworks, and organizations that shape and transform cyberspace such as the International Telecommunications Union, the World Bank Information and Communications Technology Sector, and the U.S. Federal Communications Commission.

Procurement and Government Contract Management

After completing this concentration, students will have the ability to analyze data and craft plans to conduct and actively engage in public procurement, contracting, and contract management processes from a functional and management vantage.