Master of Science: Cybersecurity

This ten-course Cybersecurity graduate program integrates both technical and non-technical courses in Cybersecurity to prepare Computer Science, Information Systems, and other professionals to fill management, analytical, investigative, operational, and/or technical leadership roles in the Cybersecurity profession. Students are encouraged to select electives based on their individual interests or professional requirements in the discipline. Our program is designed to equip students with the real-world skills that employers are looking for and can be tailored to your individual career goals.

Our Cybersecurity MS program is well-established and is designed to accommodate the busy schedules of working professionals.

Master’s Degree in Cybersecurity Program Requirements:

In order to gain a rigorous base of knowledge, students in the Cybersecurity master’s program must complete 10 courses (30 credits). Students are encouraged to tailor their coursework to their interests and career goals. All students must complete 18 credits through our 6 required Cybersecurity courses listed below (18 credits). The remaining 12 credits can be completed by choosing 4 of our elective Cybersecurity course.

Required Core Cybersecurity Courses (18 credits):

(Please note: Some required core courses may be substituted via transfer credits or alternative UMBC courses with approval from the Graduate Program Director)

CYBR 620: Intro to Cybersecurity

This course introduces students to the interdisciplinary field of cybersecurity by discussing the evolution of information security into cybersecurity, cybersecurity theory, and the relationship of cybersecurity to nations, businesses, society, and people. Students will be exposed to multiple cybersecurity technologies, processes, and procedures, learn how to analyze the threats, vulnerabilities and risks present in these environments, and develop appropriate strategies to mitigate potential cybersecurity problems.

Prospective students who have earned the CISSP designation within the past 5 years may, if admitted, substitute another course for CYBR 620 “Introduction to Cybersecurity” in their first semester of the CYBR MS program. Students should provide evidence of successful completion of the CISSP exam within that timeframe (such as a transcript or official documentation from the certifying authority) to UMBC as part of their application.

Prerequisite: Enrollment in the CYBR program or in at least the second semester of graduate study. Other students may be admitted with instructor permission.

CYBR 623: Cybersecurity Law & Policy

Students will be exposed to the national and international policy and legal considerations related to cybersecurity and cyberspace such as privacy, intellectual property, cybercrime, homeland security (i.e., critical infrastructure protection) and cyberwarfare, and the organizations involved in the formulation of such laws and policies. Broader technology issues also are discussed to demonstrate the interdisciplinary influences and concerns that must be addressed in developing or implementing effective national cybersecurity laws and policies.

Prerequisite: Enrollment in the CYBR program or in at least the second semester of graduate study. Other students may be admitted with instructor permission.

CYBR 624: Cybersecurity Project

This is the capstone experience for graduate students in the MS Cybersecurity program. Normally taken in the final semester before graduation, the Cybersecurity Project provides an opportunity for students to carry out an individual piece of research (or project activity) on a specified topic in the cybersecurity or cyber operations domain. Their work should make an original contribution to the body of knowledge in the area of study or otherwise demonstrate the student’s comprehensive knowledge of cybersecurity or cyber operations.

Prerequisite: Enrollment in CYBR MS program and completion of at least CYBR 620, CYBR 623, CYBR 650.

CYBR 650: Managing Cybersecurity Operations

This course takes an operational approach to implementing and managing effective cybersecurity in highly networked enterprises. Topics include an evaluation of government and commercial security management models; security program development; risk assessment and mitigation; threat/vulnerability analysis and risk remediation; cybersecurity operations; incident handling; business continuity planning and disaster recovery; security policy formulation and implementation; large-scale cybersecurity program coordination; management controls related to cybersecurity programs; information-sharing; and privacy, legal, compliance, and ethical issues.

Prerequisite: Completion of CYBR 620 and in at least the second semester of graduate study. Other students may be admitted with instructor permission.

CYBR 652: Enterprise Security

This class will take a technical approach in protection of information assets and systems by integrating technical controls with policies, best practices, and guidelines of cybersecurity. Taking both a policy-based and technical approach, this course examines external and internal security threats in highly connected enterprises and risks to the core business relative to people, processes, data, facilities, and technologies. How to implement and manage effective the major technical components of security architectures (firewalls, virtual private networks, etc.) and selected methods of attacking enterprise architectures also will be addressed.

CYBR 658: Risk Analysis and Compliance

This course focuses the student on a broad range of topics relative to risk-based planning for enterprise cybersecurity. The intent is focusing on creating risk assessment and modeling approaches to solve cybersecurity issues so that organizations can build security framework and sustain a healthy security posture. This course analyzes external and internal security threats, failed systems development and system processes and explores their respective risk mitigation solutions through policies, best practices, operational procedures, and government regulations. Risk frameworks covered include NIST SP 800-12, SP 800-37, SP 800-39, and CERT/CC risk analysis guidelines.

Elective Courses (12 credits)

Students must select four courses (12 credits) of electives. Some elective pathway courses may lead to a post-Baccalaureate certificate, in that plan of study. 

We’re here to help! Stay connected with us.






Map to Term on the Opportunity



Map to Applying To on Application

HIDDEN














Cyber M.S./J.D. and Maryland Carey Law

Qualified students at the University of Maryland Francis King Carey School of Law can prepare for a career in cybersecurity and legal fields through an MS in Cybersecurity at UMBC. The dual J.D./M.S. partnership with UMBC and Maryland Carey Law supports a comprehensive understanding of the legal and policy issues in cybersecurity. Each program can be completed in less time and at less cost than if they were completed separately.

Students must apply and meet all application criteria and be admitted to each program before beginning this program. To obtain the MS degree, students must earn 30 credits. Up to 12 credits from the Law School can be used to fulfill this requirements. Up to 9 credits from the MS Program at UMBC can be used to complete the 85 credit requirement for the JD degree.

UMBC accepts the following Maryland Carey Law courses for transfer credit (B grade or better required)

  • Law and Policy of Cybersecurity (3 credits)
  • Law and Policy of Cybercrime (3 credits)
  • National Security, Electronic Surveillance, and the Fourth Amendment (3 credits)
  • International Law and Cybersecurity (3 credits)

Looking for more info?