Cybersecurity at the post-grad level
- By William Jackson
- Jul 28, 2011
George Mason University has added a multidisciplinary Master of Science degree in management of secure information systems to its offerings, joining a growing number of universities making cybersecurity a part of their curricula..
“This isn’t just a technical cybersecurity program,” said Daniel Menasce, a senior associate dean and computer science professor in the Volgenau School of Engineering. “Cybersecurity is not just a technical problem, it is also a policy and management problem.”
The program, recently approved by the State Council of Higher Education in Virginia, will begin in the spring semester and will be a cooperative effort of the university’s schools of engineering, management and public policy.
Cybersecurity is hot on campus
Future cybersecurity workforce heads to summer camp
Implementing an effective cybersecurity program requires a lot of internal management across departments, and that is where many security programs fail, said Menasce, a member of the program’s steering committee.
“Attacks succeed because of a lack of awareness at the executive level,” he said. The premise of the program is that security cannot be left solely to the geeks. Executives must understand what the technology can do. They will not be configuring routers and firewalls, but must manage the teams that do.
The growing demand for cybersecurity professionals and the shortage of trained personnel has led to a number of public/private initiatives to identify students with the proper interests and abilities in high school or even earlier and to provide them with educational opportunities and career paths.
Colleges and universities have offered computer science programs since the days of punch cards, but the integration of computer science with security, law, law enforcement, public policy and all things cyber is only just getting under way.
At the university level, the National Security Agency and the Homeland Security Department have established the National Centers of Excellence program to identify and support schools with information assurance education and research programs. Students attending designated schools are eligible for scholarships and grants through the Defense Department’s Defense Information Assurance Scholarship Program.
GMU and the University of Maryland, Baltimore County are National Centers of Excellence for both education and research. University of Maryland University College has established three cybersecurity degree programs to help fill the demand for tens of thousands of professionals in Maryland, which is home not only to the NSA but also to the Pentagon’s new Cyber Command.
Menasce said the new GMU program is the first of its kind in the Washington area. Although there are other MBA programs that include some information security component, they do not focus on the technology. But this is not a computer science degree. GMU offers a master’s in information security and assurance, and the management program will not compete with that.
“There is no requirement to have technology expertise to come into the program, because it is self-contained,” Menasce said. It is intended to give executives the technical background to communicate on cybersecurity issues. “They have to be able to speak the language,” he said. “If you don’t know what you’re talking about you are going to be failing.”
It is a cohort program with no electives and the entire class will work together through the period, and will be taught on Saturdays over a 14-month period. The degree will require 36 credits: 15 credits in technical subjects from the engineering school, 12 credits from the management school, four credits in public policy, two credits for a one-week residency abroad, and three credits for a capstone project on which all students will collaborate.
The application period for the first class, which begins in January, closes Oct. 1. Menasce said the class will include 25 to 30 students.
William Jackson is freelance writer and the author of the CyberEye blog.