Master of Science (MSc) in Cybersecurity

Program Overview

The Master of Science in Cybersecurity equips IT graduates with advanced knowledge and skills in cybersecurity, focusing on practical application and research capacity. The program covers core technical content, legal and ethical aspects, and prepares graduates for leadership roles in the field. Through a combination of on-campus and online activities, students engage in authentic learning and assessment to demonstrate their knowledge and competence in cybersecurity.

Program Outline

Degree Overview:

The Master of Science in Cybersecurity is a postgraduate program designed for IT graduates seeking to advance their careers in cybersecurity. The program equips learners with advanced knowledge, skills, and competencies, along with research capacity, to support them in securing leadership roles upon graduation. The program focuses on practical application, requiring learners to engage in authentic learning and assessment activities to demonstrate knowledge application. In addition to core technical content, learners are exposed to the legal and ethical aspects of cybersecurity.

Program Objectives:

• Demonstrate advanced skills and competence in designing, implementing, and evaluating secure systems and networks based on recent and emerging threats/risks.
• Undertake research, synthesize, and apply knowledge acquired from multiple sources, including academic and professional literature, to inform approaches to real-world scenarios and the development of new technologies and applications.
• Critically evaluate the impact of different security incidents and breaches on an organization's reputation and operation.
• Formulate strategies to mitigate the risk, responding to threats, and the normalization of operations.
• Evidence expert knowledge of the concepts, theories, and practices of current and emerging trends in cybersecurity, including Cryptography, Security Frameworks, Forensic Principles and Analysis, Incident Analysis and Response, and Data and Application Security.
• Critically evaluate and justify the selection of security policies, procedures, and standards (SOC, CSO, GDPR, ISO, NIST, NIS2) and identify potential weaknesses and vulnerabilities based on different security solutions.
• Work autonomously and collaboratively in leading or contributing to resolving cybersecurity challenges or projects, engaging effectively with all stakeholders.
• Take responsibility for progressing own learning through critical self-analysis, peer interaction, feedback or input from others, professional development, and undertaking preliminary research.
• Act with integrity and professionalism, evidencing a sound knowledge of legal, ethical, and data issues related to cybersecurity, and the ability to use this knowledge to determine cybersecurity measures and solutions.
• Undertake independent research to develop an innovative design of a potential cybersecurity solution, develop and implement this, employing emerging or current industry practice.

Outline:

Stage 1 (Taught Stage)

• Cryptography Theory and Practice (5 ECTS credits): Provides an in-depth understanding of cryptography fundamentals, techniques used in modern cryptographic systems, and the practical implementation of cryptographic algorithms.
It covers cryptography applications in various domains such as e-commerce, banking, healthcare, and government.
• Security Frameworks and Compliance (5 ECTS credits): Explores Governance, Risk, and Compliance in relation to legal, regulatory, and best practice requirements as well as effective governance models and how these interact to achieve business objectives while maintaining and ensuring digital security.
• Secure Programming and Scripting (10 ECTS credits): Introduces students to secure software development and testing.
Scripting is introduced as a tool to facilitate testing for coding errors, vulnerabilities, and exploits in real-world scenarios. The roles of security policies, models, and assurance methodologies in producing secure software are also explored.
• Forensic Principles and Analysis (10 ECTS credits): Provides students with an understanding of digital forensics principles and techniques and equips them with the skills and knowledge necessary to conduct a digital forensic investigation of a cyber incident.
It covers identifying and collecting digital evidence using appropriate tools and techniques, analyzing and interpreting digital evidence to identify potential sources of compromise, and determining the extent of the incident. Students evaluate the strengths and weaknesses of different forensic tools and techniques and choose the appropriate approach for a specific inquiry.
• Data and Application Security (10 ECTS credits): Equips students with advanced knowledge of data and application security vulnerabilities and the capacity to prevent, detect, and mitigate against or respond to attacks.
• Research and Professional Ethics (10 ECTS credits): Equips students with the skills and knowledge needed to recognize research gaps in their chosen area of research and identify a research idea that incorporates an innovative component.
Students perform a critical analysis of the literature, select an appropriate framework for methodology, and write a thorough research report to support and illustrate their research ideas.
• Penetration Testing and Malware Analysis (10 ECTS credits): Provides students with an understanding of penetration testing and malware analysis principles and practices and equips them with the skills and knowledge necessary to analyze different types of attacks and threats faced by organizations.
It covers identifying and classifying malware based on its behavior, analyzing its code, and understanding its potential impact on systems and networks. Students also plan and execute penetration tests using appropriate tools and techniques and provide a comprehensive report of the findings based on malware analysis.
• Incident Analysis and Response (5 ECTS credits): Equips students with a thorough understanding of the concepts, techniques, and applications involved in incident inquiry and response.
It provides learners with the knowledge and abilities necessary to identify, assess different types of cyber threats and attacks, and take appropriate action by managing and organizing incident response procedures in challenging and complex cybersecurity situations. Students gain technical skills to investigate and analyze cybersecurity incidents, including log analysis, network forensics, and memory analysis.

Stage 2 (Capstone Project)

• Capstone Project (30 ECTS credits): Provides students with the opportunity to coalesce and apply their knowledge from the taught elements of the program into a coherent real-world project in a cybersecurity context.
It facilitates the investigation and integration of insights gained throughout the course of study and disseminates these findings to diverse audiences. The module also aims to facilitate the formation of a personalized world view of the students' own learning through reflective techniques, identifying skill and knowledge gaps, and actively seeking out new knowledge to enhance their professional development and self-efficacy. Learners identify, source, retrieve, and analyze information independently, from a variety of sources and by a variety of techniques. They also work independently to create novel and unique solutions to technically challenging cybersecurity problems in a research context.

Assessment:

The program employs a combination of formative and summative assessments. Summative assessments are completed during taught modules and through end-of-module assessments. The program engages an authentic assessment approach to provide learners with an insight into real work tasks, scenarios, and challenges. Opportunities for integrated assessment are maximized to better reflect authentic work-based problems and scenarios. The program uses a mix of continuous assessment, examination, and research project assessment methodologies. The project stage culminates in a peer presentation and solution demonstration. Students have the opportunity to present their work in a poster presentation to industry representatives to informally evaluate and discuss solutions with learners, further enhancing their professionalism and engaging industry in the program. This module incorporates learning from all modules in the taught components and aims to ready learners for industry and/or academic Cybersecurity work.

Teaching:

As a blended learning program, students engage in a combination of on-campus and online activities. All students are introduced to the CCT online learning environment upon program induction and have access to further support as needed. Online activities include live or pre-recorded lectures, independent learning and assessment activities such as research tasks, discussion forums, simulations, quizzes, and e-portfolio work, along with online group activities such as live classes, group project work, virtual labs, and tutorials. Completing the online elements of the program each week is essential for successful completion. On-campus activities include small group tutorials, labs, project supervision, problem-solving case studies, library research, and seminars.

Careers:

The program has been designed to produce graduates with the attributes required of cybersecurity specialists and analysts today and the ability to continue developing knowledge, skill, and competence to remain competitive and employable in an ever-advancing discipline. Upon successful completion of the MSc in Cybersecurity, graduates are well-placed to progress to further study, including level 10 doctoral studies, subject to the requirements of the institution to which they apply. Graduates of the MSc in Cybersecurity should be able to secure professional roles at intermediate and advanced positions in data analysis across all sectors of the economy and progress to leadership or research roles using skills related to those learned in the program curriculum. Potential roles include but are not limited to: Information security analyst, secure application developer, cybersecurity tester, risk advisory on information security and forensics, cloud security analyst.