About the Program
Cyber threats are emerging more than ever in today’s digital world, and organizations are faced with constantly staying a step ahead to avoid falling prey to cybercriminal attacks.
In response, the Department of Computer Science at St. Mary’s University offers a master’s program that will provide students with knowledge, skills and best practices on how to monitor, secure and safeguard an organization’s cyber assets.
A uniquely St. Mary's program, the Master of Science in Cybersecurity combines technical rigor with sound ethics and implications to the law.
Students will take courses in risk management, wireless security, computer forensics, mathematics for cryptography, and cyber law to get hands-on experience with protecting networks, computers, programs, and institutional data from attack, damage or unauthorized access.
Program of Study
The Master of Science in Cybersecurity Program consists of 33 credit hours: five required courses, five elective courses and three credit hours of a capstone project.
Students may also choose a thesis option, which consists of 27 hours of course credit and six hours of thesis work.
|Mathematics for Cryptography|
|Advanced Network and Data Communication/Computer Networking|
|Computer Security and Privacy|
|Capstone (One is required)|
|Computer Network Security|
|Cloud Computing Security|
|Risk Management and Mitigation|
|Computer Forensics and Cyber Crime|
|Security Policy and Law|
|Preparation for Security Certification|
Mathematics for Cryptography
The basics of linear algebra, groups, rings, modular arithmetic, polynomials, finite fields, elementary number theory, divisibility, prime numbers, discrete logarithms, elliptic curve arithmetic, point representation, and point arithmetic.
Advanced Network and Data Communication/Computer Networking
The fundamentals of data communications, TCP/IP protocol architecture, media, transmission, encoding, error detection and handling, link control, flow control, multiplexing, local area networks, WAN technology and protocols, circuit and packet switching, IP, routing, wireless networks, and different applications.
Computer Security and Privacy
An introduction to security and privacy issues, cryptographic tools, authentication, access control, database security, malicious software, DoS, intrusion detection, firewalls and intrusion prevision systems, software security, buffer overflow, operating system security, end-to-end system security, trusted computing, multilevel security, and cloud security.
An understanding of CIA triad, potential threats and vulnerabilities in software design cycle, methodologies and tools for identifying and eliminating security vulnerabilities, requirements on engineering practices for secure systems, software architecture and design practices for secure systems, verification practices for secure systems, access control models, threat models, and secure software development life cycle.
An introduction to classical cryptography, encryption algorithms, stream cipher, block ciphers, DES, AES, pseudorandom bit generation, public-key cryptography, Diffie-Hellman key exchange, ElGamal encryption, RSA, elliptic curves, digital signature schemes, hash functions, message authentication codes, key management, deployed cryptography, user authentication, digital payment systems, and cloud data security.
Computer Network Security
An overview of network architecture and protocols, network specific threats and attack types, lower layer security, physical layer security, network layer security, transport layer security, application layer security, email security, remote access security, common network security devices, and security for wireless network.
Designing and implementing security measures in wireless network environments, wireless communications vulnerabilities and threats; methods of creating a seamlessly secure and impenetrable wireless network; knowledge in design, configuration, implementation and full spectrum of wireless network security concepts; and fundamental wireless security concepts such as WEP and EAP, switching protocols, physical layer security, and mobile and cellular network security.
Cloud Computing Security
An overview of cloud computing, cloud services and platforms, Hadoop and MapReduce, cloud application development, cloud security, architecture, authentication, authorization, access control, data confidentiality, key management, provable data possession for static data, provable data possession for dynamic data, integrity verification for multiple static/dynamic data copies over cloud servers, dynamic data, and mutual trust.
Risk Management and Mitigation
Learning fundamentals in risk management, managing compliance, developing a risk management plan, security management and risk assessment, IT security controls, plans and procedures, physical and infrastructure security, human resources security, security auditing, and legal and ethical aspects.
Computer Forensics and Cyber Crime
An overview of computer forensics and cybercrime, traditional computer crime, contemporary computer crime, identity theft and identity fraud, terrorism and organized crime, avenues for prosecution and government efforts, applying the First Amendment to computer-related crime, applying the Fourth Amendment and other legal issues, computer forensics, searching and seizing computer-related evidence, processing of evidence, and report preparation.
Security Policy and Law
An overview of basic legal concepts emanating from the U.S. Constitution, federal statutes, case law, administrative regulations and treaties as they address domestic cyber law with a brief introduction to emerging international cyber warfare.
Preparation for Security Certification
An understanding of security trends and general security concepts; information security and risk management; change management; privilege management; access control; security architecture and design; physical and environment security; telecommunications and network security; cryptography; public key infrastructure, standards and protocols; business continuity and disaster recovery, legal, regulations, compliance, and investigations; application security; operations security; authentication and remote access; wireless security; intrusion detection systems; security baselines; types of attacks and malicious software; email and instant messaging; web components; and computer forensics.
Cybersecurity graduates can provide their expertise in the public and private sectors, benefiting the needs of large and small businesses, the U.S. government and military, contractors, and research organizations.
In San Antonio alone, the cybersecurity field is rapidly growing, with NSA/CSS Texas; the Twenty-Fourth Air Force (Air Forces Cyber); the Twenty-Fifth Air Force (Air Force Intelligence, Surveillance and Reconnaissance); the U.S. Air Force Cryptologic and Cyber Systems Division; and numerous military contractors such as General Dynamics, Raytheon, and Booz Allen Hamilton located in the area.
Additionally, Southwest Research Institute, USAA, Rackspace, Digital Defense and IPSecure represent a few of many private organizations that look to hire cybersecurity professionals.
Admission is granted only to those with high promise for success in graduate study. Applicants demonstrate this potential through previous academic records and testing.
To be considered for admission to the Master of Science in Cybersecurity program, applicants must:
- Have a bachelor’s degree in Computer Science, Computer Engineering, Software Engineering, or a closely related discipline. Applicants who earned a bachelor’s degree in a closely related discipline, such as Electrical Engineering, Mathematics, or Physics may be admitted with the provision that they take the prerequisite courses listed below. The program director will evaluate applicants from other disciplines on an individual basis.
- Have a minimum Grade Point Average (GPA) of 3.00 for their bachelor’s degree.
- Have a minimum GRE quantitative score of 152.
- Applicants who fail to meet any of the above standards may be admitted on a conditional basis. The program director evaluates these cases on an individual basis.
- International students must submit the TOEFL scores and show a minimum of 213 on the computer-based test, 550 on the paper-based test, or 80 on the Internet-based test. As an alternative, international students may take the IELTS test and show a minimum score of 6.0.
- Submit a completed application form, a written statement of purpose indicating the applicant’s interests and objectives, two letters of recommendation concerning the applicant’s potential for succeeding in the graduate program, and official transcripts of all college-level work.
Applicants whose Bachelor of Science degree is not in Computer Science, Computer Engineering or Software Engineering are required to demonstrate proficiency or take the following prerequisite courses: Object Oriented Programming, Data Structure and Algorithms, Discrete Math, and Calculus I and II.
Some other courses are considered a plus to excel in this program. For example, Probability Theory, Operating Systems, and Computer Architecture.
Ayad Barsoum, Ph.D.
Graduate Program Director