An undergraduate degree is typically all you need to qualify for entry-level cybersecurity positions. However, earning a master's in cybersecurity can deliver higher wages and allow you to compete for more advanced roles in the field. Cybersecurity graduate programs typically take two years of full-time study to complete. The curriculum emphasizes advanced topics usually including cryptology, ethical hacking, and digital forensics. Students can further customize their education by selecting a concentration.
This degree guide discusses common program requirements and provides guidance on choosing a program and applying to schools in addition to other resources to explore. Keep reading to learn more about earning a master's in cybersecurity.
What Is Cybersecurity?
Cybersecurity encompasses the practices and technologies that protect organizations, individuals, and networks from digital attacks. Rather than engaging directly with hackers during a cybercrime event, cybersecurity professionals focus on prevention through a variety of methods, including:
- Protecting personal and financial data from theft
- Preventing unauthorized access of hardware and devices
- Protecting software from damage or compromise
- Ensuring the integrity of computer networks
We increasingly rely on the internet and digital technology for conducting business, handling our finances, and storing and accessing sensitive data. Our need for robust cybersecurity measures is clear -- from protecting a library's free Wi-Fi network to preventing identity theft. This is a field that will continue to evolve to meet new security challenges created by advancing technology, widespread internet use, and increasingly skilled online criminals.
Ready to advance your career? Start your graduate school search with our rankings of the best online master's in cybersecurity programs available in the U.S.
What You Can Do With a Master's in Cybersecurity
- Information Security Analyst
These professionals analyze networks and systems in order to find weaknesses others may exploit. They design, implement, and maintain systems to protect those networks. A master's degree makes these professionals more competitive in the market and allows for greater specialization.
Median Annual Salary: $98,350
Projected Growth Rate (2018-28): 32%
- Computer and Information Research Scientist
These professionals analyze computer technology in order to continue its development, often with specializations with a specific field affected by such technology (e.g., developing new systems to defend against threats or creating ways to track down cybercriminals).
Median Annual Salary: $118,370
Projected Growth Rate (2018-28): 16%
- Computer Network Architect
These professionals design, implement, and maintain information networks. For certain users, these networks must include security measures capable of protecting data and responding to threats, which is where a cybersecurity degree comes in handy. Applied in this career, it would allow architects to build secure networks from the ground up.
Median Annual Salary: $109,020
Projected Growth Rate (2018-28): 5%
- Network and Computer System Administrator
These professionals manage existing networks and help users store and retrieve data, all of which needs to be protected. With a cybersecurity degree, administrators handle security issues alongside other network problems to simplify network maintenance.
Median Annual Salary: $82,050
Projected Growth Rate (2018-28): 5%
- Software Developer
These professionals create new software for several purposes, including security. Developers with a cybersecurity degree might help to improve and design new virus blocking software or other applications for personal users or larger networks intended to detect intrusions and protect data.
Median Annual Salary: $105,590
Projected Growth Rate (2018-28): 21%
Cybersecurity is a growing and competitive field. Take a look at our careers page to discover how a master's degree can help advance your professional opportunities.
What to Expect in a Master's in Cybersecurity Programs
On-campus and online master's in cybersecurity programs offer curricula that build on foundational computer science knowledge. You can customize your degree by selecting a specialization. Take a look at several common cybersecurity courses and concentrations below.
Concentrations Offered for an Online Master's Degree in Cybersecurity
- Network Security
- Network security teaches students the theory and best practices associated with information assurance, especially as it applies to networks. Students explore a variety of security tools to respond to breaches in the network. They may even learn common hacking techniques to help understand their network's vulnerabilities.
- Students who pursue this concentration learn how to design and secure operating systems. The also often learn about Java security and cryptography.
- This track prepares students for careers as intelligence analysts for the government and private corporations. Students enroll in coursework on topics such as cryptology, digital forensics, and hacking. This concentration observes hackers' techniques and debates the ethics of the process.
Curriculum for an Online Master's Degree in Cybersecurity
- Foundations of Information Assurance
This introductory course guides students to a broad understanding of the key principles governing information assurance and data protection. Students also explore the primary types of current cyberthreats, in addition to the functions of various hardware and software products in addressing threats and protecting sensitive, proprietary information.
- Digital Risk Management
Students proceed from foundational to intermediate concepts in the identification, management, and mitigation of threats to digital assets. Course content observes standard and emerging strategies for categorizing the levels of risk to a given system or network, as well as enterprise risk management and business continuity techniques. These competencies are essential to anyone planning to follow a career path involving liaising with executive management.
- Cyberlaw, Regulations, and Compliance
This survey course prepares students for careers that require a detailed understanding of current regulations and compliance standards. Students create risk analysis and cybersecurity solution models that comply with national and international laws while meeting the standards of third-party vendor agreements and specific organizations.
- Fundamentals of Network Security
All cybersecurity professional require sound, detailed understandings of network architecture security principles. Coursework examines the application of both logical and physical architecture strategies for wired as well as wireless networks, and it challenges students to adopt network design techniques that minimize risks and vulnerabilities while optimizing performance.
- Forensics and Network Intrusion
Students interested in careers in threat detection, threat mitigation, and digital forensics study the foundational principles of these cybersecurity topics. Learners discover automated and manual techniques for detecting and neutralizing cyberattacks, as well as professional tools for recovering, cataloging, and documenting hidden and deleted data for internal and external investigations.
Interview with Daniel Basile
Daniel Basile has been in the security industry for more than 18 years and currently leads the security operations center for the Texas A&M University System. He started this group with a very limited budget and has grown the team exponentially to now serve over 250,000 people and protect billions in expenditures. Over his career, Dan has worked in roles like security software tester, information security officer, and HIPAA security officer. He graduated in 2009 from Texas A&M University and recently received a master's degree in cybersecurity from the University of Maryland University College.
- Why did you choose to earn a master's degree in cybersecurity? Did this field always interest you?
I have worked in the cybersecurity field for over 18 years and currently work in higher education, running a security operations center. I chose to pursue a master's degree in cybersecurity as an advanced degree would open up more doors for my future career in this industry.
Cybersecurity is a field I have always found interesting and have enjoyed working in. The environment is always changing, and your skill sets need to be continually improved in order to be effective.
- What are some of the most crucial skills you gained in your master's degree program that apply to your job on a day-to-day basis?
One of the most crucial skills that I gained was not a technical skill, but rather being able to research information and deliver distilled information that can be used. In this field, there is a constant stream of information being shoveled at us that could potentially impact the business. Being able to quickly identify the critical points and write them up quickly is easily the most crucial skill that I use daily.
- What was the job search like after completing your master's degree? Did you feel fully prepared to make the transition from school to the workplace?
While I had a job already, the cybersecurity workforce is experiencing a job market with millions of open jobs. It is incredibly easy to find a job, and if the applicant is willing to move to where the jobs are, [they] will probably have a hard time choosing between the open jobs.
- Of all the positions you've held within the cybersecurity field, which did you prefer the most, and why?
I have enjoyed all of the roles I have held in the cybersecurity field, but my current one has been the best as it has allowed me to build something that is creating change. The security operation center I started protects multiple universities and state agencies, but we also use it to train undergrads in how to be the next generation of cybersecurity analysts. It is very rewarding to create this next generation while pushing the edge in how to effectively protect these organizations.
- What are some of the challenges you face in your work on a day-to-day basis?
From combating new security threats, helping to fix vulnerable devices, or even working on project management documentation, every day is different. The largest challenge I face every day is staying on top of the changes that occur constantly. There are always new tools or methods to learn about and new risks to reduce.
- How do you think the field of cybersecurity will change in the coming years?
The field of cybersecurity has always been about reducing risk. We have been watching for the past few years the introduction of more advanced machine learning, allowing for more effective time management by reducing the number of false positives. We will continue to see machine learning used in new and inventive ways to identify threats and allow the people working in the field to dedicate their time to remediating them.
The next big shift I think we will see is better information sharing between groups. The federal government is working hard to deliver actionable cybersecurity intelligence to groups willing to partner with them. As everyone who is connected to the internet is under nearly constant attack, it is only through sharing information with others that we will be able to stay on top of the constantly changing threat landscape.
- What advice would you give to students who are considering a master's degree in cybersecurity?
There are a lot of potential options within this field. Many people only think about the groups defending against hackers, but there are auditors, management, policy, and many other aspects that are non-technical. These areas can be just as rewarding and potentially more fruitful than those working in operations. It is all about finding the part of cybersecurity that interests you the most.
How to Choose a Master's in Cybersecurity Program
As you research master's in cybersecurity degrees, be sure to examine each program's accreditation, faculty qualifications, curriculum details, learning format, and cost.
Accreditation from a recognized regional or national accrediting body certifies that an institution has undergone rigorous vetting. This ensures both the quality of your education and the value of your degree.
- Faculty Qualifications and Experience
Before choosing any school or program, review the qualifications and experience of the faculty in the computer science department and related departments. Look for educators with terminal degrees and real-world experience in cybersecurity. Attend a graduate fair for the opportunity to meet professors in person.
- Curriculum and Learning Outcomes
During your search, keep both your educational and professional priorities in mind. Some programs require you to write a thesis while others may require additional coursework. Your ability to specialize in a specific aspect of cybersecurity will vary based on available program concentrations. Popular options include compliance, computer security, cyber intelligence, digital forensics, or information assurance.
- Program Format
Modern graduate education offers a variety of learning options to fit the diverse needs of working professionals. You can study on campus, online, or through a blend of both methods. Online courses may be available in synchronous (scheduled) or asynchronous (self-paced) formats. Some online programs place learners into a cohort, allowing for more peer interaction, while others facilitate independent, self-paced learning.
- Financial Commitment
Graduate school typically requires a significant financial investment, but costs can vary considerably, so research tuition and related expenses carefully. You don't want to enroll in a program that you can't afford to finish. Ask officials at prospective schools about financial aid opportunities and take the time to apply for third-party scholarships and funding opportunities.
Master's in Cybersecurity Program Admissions
The sections below detail general prerequisites, admission requirements, and application procedures common to most cybersecurity master's degrees. Keep in mind that the application process may vary slightly from one school or program to another.
- Bachelor's Degree: Applicants typically need an undergraduate education to qualify for graduate school. A master's in cybersecurity program may prefer or require you to hold a bachelor's degree in an engineering, computer science, or IT discipline. Programs may accept students with degrees in other fields who also demonstrate competency in IT fundamentals.
- Minimum GPA: In addition to the base requirement of a completed bachelor's degree from an accredited institution, colleges typically require graduate school applicants to provide transcripts showing a 3.0 or higher undergraduate GPA. Depending on the program, GPA requirements might refer to cumulative scores or apply only to courses in the major.
- Work Experience: Prospective master's in cybersecurity students should have relevant work experience in computer science, IT, or a closely related field. Some schools accept applicants without a formal undergraduate education who have several years of related work experience. Other schools prefer applicants with both a degree and professional experience.
How to Apply
- Test Scores
Similar to ACT and SAT testing requirements for undergraduates, prospective graduate students often take the GRE or GMAT before applying for a master's. Not every school requires standardized testing, but you can provide your scores as additional information if you believe their inclusion improves the strength of your overall application.
- Letters of Recommendation
Letters of recommendation are a common application requirement for prospective graduate learners. Specifics vary by program, but you should be prepared to supply up to three letters from individuals who can speak to your character and abilities. Ideal recommendation sources include your undergraduate professors, coworkers, managers, and mentors.
All college applicants must provide transcripts detailing their prior education. For a master's in cybersecurity, this may entail undergraduate transcripts from a bachelor's degree, associate degree, and/or non-degree certificate program. Transcripts provide details about your attendance dates, major, courses, grades, and academic honors.
- Testing: If you take the GRE or GMAT, your test scores remain valid for five years. This means you can schedule, study for, and take exams well in advance of program admission deadlines. If you know you will eventually apply to a program that requires test scores, consider taking care of this requirement early.
- Application Materials: Graduate school applicants typically need to supply a variety of admission materials, including official undergraduate transcripts, letters of recommendation, a resume, and an essay or personal statement. You should start gathering these documents at least a month in advance of your application deadline -- the earlier, the better.
- Application Deadlines: Graduate programs commonly accept applications before the start of each fall, spring, or summer semester. Some schools offer rolling admissions, where students can apply any time throughout the year. Confirm how each of your prospective schools handles the admission process and note all firm deadlines in a calendar.
Resources for Master's in Cybersecurity Students
SANS is a U.S.-based organization specializing in training and certification for information security and cybersecurity professionals. The institute offers training through instructor-led classroom sessions and self-paced online programs. The SANS website provides a wealth of information security resources, including thousands of original research papers.
ISSA is a nonprofit membership association for information security professionals around the world. The ISSA community represents professionals at all career stages, including pre-professional, entry-level, midcareer, and senior-level members. Members receive access to local and global networking opportunities, on-demand web conferences, and a monthly industry journal.
SecurityWeek is a leading online resource for global internet security news, research, and expert analysis. Website visitors can access extensive coverage of topics including malware and threats, cybercrime, risk and compliance, and security strategy. Since its launch in 2010, SecurityWeek has been a trusted source of information for internet security professionals across the globe.
Cybersecurity Ventures is a global leader in cybersecurity industry research, utilized by working professionals, executives, and venture capitalists. This well-respected company conducts original research, synthesizes information from other credible sources, and publishes annual and quarterly reports covering cybercrime, cyberwarfare, industry employment, market forecasts, spending predictions, and more.
CyberSN is a talent-matching platform focused on connecting local, national, and global cybersecurity professionals and employers. CyberSN offers support for 35 industry jobs in technical, nontechnical, and leadership categories. Job seekers can begin engaging with potential employers by completing a free, in-depth profile.