Now more than ever, organizations are looking for cybersecurity experts. Norwich University’s online Master of Science in Cybersecurity program can help you develop the business acumen and management skills needed to lead the field. Graduates of this program are armed with the skills they need to help ensure that information assets are understood, valued, and protected within the complex business enterprise.
Tailor your learning experience with five concentration options:
Computer Forensic Investigation and Incident Response Team Management
Critical Infrastructure Protection and Cyber Crime
Cyber Law and International Perspectives on Cyberspace
Benefit from enhanced classroom experiences and practical learning, including hackathons, forensics exercises, and summits during residency
Learn from one of the earliest institutions to be recognized as a Center of Academic Excellence in Information Assurance Education* by the National Security Agency and Department of Homeland Security
Benefit from a leader in information assurance instruction for more than a decade
Apply to one of four start dates per year
*Now referred to as a Center of Academic Excellence in Cyber Defense.
Norwich’s 36-credit online cybersecurity program is composed of six-courses, each 11 weeks in length. Students master one course at a time to create a strong foundation of knowledge and context for future topics.
Norwich’s specialized program curriculum blends the management and technical aspects of an information security/assurance program, enabling you to develop the skills required to protect your organization and its critical information.
GI512 – Foundations and Historical Underpinnings of Information Assurance (6 credit hours)
This course explores the historical foundations of information assurance, from the early days of mainframes to the foundations of today’s sophisticated networks and distributed computing systems. You will explore the earliest thinking about data structures and domains, interoperability among various computing platforms, mechanisms for data transfer, and the emergence of encryption as a defense against early forms of computer crime. The course examines privacy, policies, security standards and regulatory requirements, and the underlying models that define information assurance. You will also be introduced to IA architecture.
GI522 – Information Assurance Technology (6 credit hours)
This course focuses on the use of technological defenses against threats and exploitations of vulnerabilities in information systems. Topics include physical security measures, access controls, security elements of operating systems, network security measures, anti-malware tools, anti-spam measures, anti-piracy systems, software development methods supporting security, and security certifications for software products.
GI532 – Human Factors and Managing Risk (6 credit hours)
This course focuses on the ways business objectives, user attitudes, and user activities significantly influence both the development of an information assurance program and its successful implementation. The first week focuses on operations security and why it’s the foundation of an IA program.
During the following five weeks, you will explore security awareness as a component of organizational culture; the process of crafting an information assurance message; ethical decision making as a factor in security; social psychology and how behaviors influence the effectiveness of security activities; the use of employment practices and policies to support information security; and the creation of acceptable use and email policies.
The final four weeks of the course examine elements of risk management from basic principles through application, using the NIST Special Publication 800-30 as a solid foundation for the risk management issues. You will also discuss two popular risk assessment processes and several other processes that help identify risk.
GI542 – Information Assurance Management & Analytics (6 credit hours)
This course covers four general areas of information assurance management and analytics – from the strategic to the tactical level: compliance; management, leadership, and policy development; relationships and adding value; and project management. You will explore the aspects, methods, and alternatives in information assurance management and compare and utilize them with respect to non-IT-related management approaches and styles. The course covers alternatives in building support and consensus for projects and activities and focuses heavily on adding value to the organization. You will examine the development of an information assurance marketing plan and use it to help identify techniques of improving information assurance awareness. Topics also include analytics in terms of both metrics and measuring business impact, and problem solving and project management techniques and alternatives.
Tailor your cybersecurity degree
After completing the core curriculum, you choose a concentration that suits your career and professional goals.
In this course, you will analyze and apply the key points in creating and managing a computer security incident response team (CSIRT), also known as a computer incident response team (CIRT) or a computer emergency response team (CERT). Topics include establishing CSIRTs; responding to computer emergencies; securing the CSIRT; managing the CSIRT with respect to professionalism, setting priorities for triage, and protecting personnel against burnout; and learning from emergencies using the incident postmortem and establishing continuous process improvement within the organization. Students will use their case study to apply their knowledge to real-world situations and will prepare recommendations for the establishment of a new CSIRT or improvement of their existing CSIRT.
This course focuses on the spectrum of tools and techniques used to investigate digital incidents, whether in a civil or criminal environment. The course provides the broad understanding that information assurance professionals must have of the management, investigation, and analysis of digital incidents. It also places that understanding in the context of other information assurance domains. Discussions of digital investigation and forensics cover topics from both technical and management perspectives to increase the information assurance professional’s understanding and application of domain-specific knowledge.
Coursework examines the security of information critical to national security and the nature of conflict in cyberspace. This course will also strengthen your knowledge of supervisory control and data acquisition systems (SCADA) in the flow of resources such as electricity, water, and fuel.
GI556 – Cyber Crime (6 credit hours)
This course explores the nature of conflict in cyber space focusing on two major Internet-based threats to the U.S. national security: cyber terrorism and cyber crime. The course addresses questions such as: who is undertaking these cyber activities, what techniques do they use, and what countermeasures can be adopted to mitigate their impact. The course is built around a risk management framework to help information leaders leverage the benefits of Internet technologies while minimizing the risks that such technologies pose to their organizations.
This course examines the security of information in computer and communications networks within infrastructure sectors critical to national security. These include the sectors of banking, securities and commodities markets, industrial supply chain, electrical/smart grid, energy, transportation, communications, water supply and health. Special attention is paid to the risk management of information in critical infrastructure environments through an analysis and synthesis of assets, threats, vulnerabilities, impacts, and countermeasures. Critical consideration is paid to the role of Supervisory Control and Data Acquisition (SCADA) systems in the flow of resources such as electricity, water, and fuel.
Focus on the legal and policy measures related to cyber breaches and learn to implement international cyberspace policies. Strengthen your knowledge of key topics including privacy and intellectual property, electronic contracting, non-repudiation, and fair information practices.
GI557 – Cyber Law (6 credit hours)
This course explores a broad variety of federal statutory, common, and international laws that may impact the information technology professional. Because the overwhelming majority of cyber infrastructure is owned and operated by the private sector, the course focus is on those laws that affect the interaction between government and the private sector information technology industry, including the privacy rights so often implicated in modern data storage systems. The course starts with a look at “cyber law” and whether it is really a distinct legal discipline at all. It then moves into criminal, civil, regulatory, international and common laws with which today’s information technology professional may come in contact. Throughout the course we discuss how public policy and other factors impact the development, implementation, and interpretation of the law. Students read, interpret and apply legal authorities and theories, a valuable skill for future information technology leaders if they are to stay in compliance with the ever-growing “cyber” legal framework.
GI567 – International Perspectives on Cyberspace (6 credit hours)
This course provides an overview of the issues surrounding transnational cyberspace policies, international investment strategies, and implementation of communication and information technologies that affect the global economy and transforms the flow of information across cultural and geographic boundaries. The course will examine various global governance frameworks, and organizations that shape and transform cyberspace such as the International Telecommunications Union, the World Bank Information and Communications Technology Sector and the U.S. Federal Communications Commission.
Learn the key elements of project management, including the project process, scope, time, cost, quality, and schedule management. Students will take Project Management Techniques, Tools and Practices (GB544) and then choose either Project Management Leadership, Communications and Teams (GB554) or Strategic Management in Project Management (GB564).
This seminar focuses on the fundamentals of project management and practices. The key elements of project management from the project management framework, the project life cycle, project process and key project management knowledge areas are discussed. Additionally, the project integration, scope, time, cost, quality, resource and schedule management are studied. Other areas of focus are project management procurement and overall project communications.
GB554 – Project Management Leadership, Communications, and Teams (6 credit hours)
This seminar focuses on project management leadership, effective communications and the management of project teams. Students explore the fundamental principles of good project management, including: leadership skills, winning stakeholder cooperation, writing the rules to manage expectations, project risk management, creating realistic schedules, achieving accurate project estimates, trade-offs between project cost, schedule and quality, building strong project teams, clear communications, measuring progress, problem solving, defining clear requirements and applying lean principles in project management. This seminar discusses project leadership, communication and team management skills integrating them with concepts from previous seminars, resulting in fundamental principles of project management being integrated with leadership, communications and team building practices and challenges.
GB564 – Strategic Management in Project Management (6 credit hours)
Applications from the GB 544 and GB 554 are applied in this seminar using the fundamental principles of project management from the project management framework, the project life cycle, project integration, scope, time, cost, quality, and schedule management. Students synthesize leadership skills, winning stakeholder cooperation, project risk management, building strong project teams, clear communications, measuring progress and problem solving in a proposed project. Prereqs: GB 544 and GB 554, or permission of the Program Director.
Explore how to conduct legal and ethical security tests and vulnerability assessments and learn to use key open source tools such as the Metasploit Framework.
GI562 – Vulnerability Management and Penetration Testing I (6 credit hours)
This course introduces students to the penetration testing of computer networks. Students will utilize a virtual lab to gain experience through hands‐on lab exercises, and learn to use the well‐known open‐source Metasploit computer security project to understand security vulnerabilities. Students will apply this tool for penetration testing, testing the control tools, and learn how to conduct monitoring of an enterprise. Topics explored in this course include system security and vulnerability analysis, the most common system exploits and vulnerabilities, along with system “pivoting” and client‐side exploits. This course also introduces open‐source tools, in particular, the Metasploit Framework (MSF). Students will learn how to assess enterprise security controls and system vulnerability, and learn to document their findings. The course is designed for penetration testers, system security, and network administrators.
GI563 – Vulnerability Management and Penetration Testing II (6 credit hours)
This course introduces students to advanced open-source tools used to conduct penetration testing of computer networks. Students will learn the rules of engagement, and how to conduct legal and ethical security tests and vulnerability assessments. Students will utilize a virtual lab to gain experience through hands-on lab exercises. Students will learn to use the well-known open-source tools (Metasploit , John the Ripper, Wireshark) to understand security vulnerabilities and how to use this tool for penetration testing, testing the control tools, and how to conduct monitoring of an enterprise.
The online Master of Science in Cybersecurity program ends in a residency at the historic Norwich University campus in Vermont. During this time you will have the opportunity to meet with fellow students, faculty, and program staff in both formal classroom and informal settings. Academic recognition ceremonies and commencement cap off the week, and family and friends are encouraged to attend.
Norwich covers the cost of students' meals and accommodations on campus.
A bachelor's degree from a regionally or nationally accredited U.S. institution, or an equivalent degree from a foreign institution, as evaluated by WES, IERF, SpanTran, or CED
If English is not your first language, proof of English language proficiency is required. This can be demonstrated in one of three ways:
TOEFL – A minimum score of 550 (paper-based test) or 80 (Internet-based test) is required*
IELTS – A minimum composite score of 6.5 is required*
The applicant holds a baccalaureate or master’s degree from a college/university/institution in which the primary language of instruction was English
Please note: All eligibility requirements are expected to be met unless noted in specific articulation agreements or memoranda of understanding (MOUs).
Tuition and fees
Norwich provides a top-notch educational experience and works hard to help make it affordable. There are many ways to get financial aid and several strategies to help you finance your education. Norwich is committed to making this often-difficult process easier for you.
Credit hours: 36
Cost per credit hour: $850
Norwich University offers a range of opportunities to help you lower your overall tuition costs. Please note that scholarships are not additive. In addition to the below scholarships, students may also be eligible for discounts if their organization partners with Norwich University.
Recognizing your past academic and professional achievements, the Achievement Scholarship is for newly enrolled students. You could receive a $4,200 scholarship, which will be distributed equally over the courses of the program. To be considered for this scholarship opportunity, submit your application package (application form, resume, letter of intent, and essay (if applicable)) for your program of interest at least one week prior to the upcoming application deadline. The Scholarship Selection Committee will review all application materials and select the recipient.
Norwich Alumni Scholarship
Norwich University alumni and their spouses, parents, and children are eligible to receive the Alumni Scholarship. The scholarship is award for each term of enrollment at $425 per term.
Active Duty Military Scholarship
Active duty, National Guard, and Reserve personnel are eligible to receive a $250 award for each term of enrollment in an online master’s degree program.
About Norwich University
Founded in 1819, Norwich University is a small, private, not-for-profit university in Vermont that offers professional and liberal arts programs to military and civilian students. The College of Graduate and Continuing Studies builds upon over 200 years of Norwich University traditions while offering a variety of degree programs online in a rigorous academic environment. By enrolling at Norwich University, you can join a long tradition of public service education and leadership that goes all the way back to its founding as the nation’s first private military college.
Accreditation and ranking
Norwich University is accredited by the New England Commission of Higher Education (formerly the Commission on Institutions of Higher Education of the New England Schools and Colleges, Inc.)
Recognized for academic excellence, U.S. News & World Report ranks Norwich University in the top 100 for Regional Universities in the North. Rankings are based on undergraduate programs.
Norwich University has been designated as a Center for Academic Excellence in Cyber Defense Education by the National Security Agency and Department of Homeland Security.
The Master of Science in Cybersecurity program is led by dedicated faculty and staff members who are available to help you reach your academic, professional, and personal goals.
Norwich faculty members hold advanced degrees and industry certifications and are subject matter experts and practitioners in topics including organizational governance, cybersecurity threats, risk management, and cyber crisis management.
Norwich has an in-house instructional design team that works hand-in-hand with program faculty and staff to ensure a world-class, efficient, and interactive online learning experience in each course.