Master of Science with a Major in Strategic Cybersecurity and Information Management
The University of West Georgia's STEM-approved Master of Science in Strategic Cybersecurity and Information Management (SCIM) degree combines technical knowledge and vital cybersecurity skills with business management and enterprise leadership principles that drive organizations. Our program focuses on strategically applying cybersecurity best practices by weaving together technical topics such as vulnerability testing, threat detection, and digital forensics with strategic managerial topics such as data protection, privacy, policy, and risk assessment.
The SCIM program's mission is to prepare professionals to be workplace and community leaders in cybersecurity who can understand how cyber threats can affect their organization’s mission, are able to identify and assess cybersecurity vulnerabilities, can communicate cyber threats to stakeholders in terms of risk, can develop feasible, actionable plans to address cyber vulnerabilities, and are be able to implement those plans successfully.
A program sheet, which provides a required coursework sequence, is available for download in the Courses tab below.
Students who earn this degree have many employment opportunities. Employment opportunities may include positions such as Security Engineer, Security Analysts, Project Manager, Forensics Team Lead or Incident Response, Director of Software Security Engineering, Chief Information Security Officer (CISO), Chief Information Officer (CIO), or Chief Technology Officer (CTO).
The SCIM program is tied to Cisco's CCNA and CyberOps certifications, aligned with the Certified Information Systems Security Professional (CISSP) Certification knowledge units, the National Institute of Standards and Technology (NIST) Cybersecurity Framework, the National Institute for Cybersecurity Education (NICE) Framework, and the National Security Agency’s (NSA) CyberDefense knowledge units. Students have the opportunity to earn three Cisco Digital Badges and two Cisco certification vouchers.
This program is offered using a Hy-Flex approach to accommodate both online and face-to-face students. Face-to-face classes will utilize lecture capture that those who attend online-only may watch later, offering maximum flexibility.
Students may complete this program in as little as one year!
Program Location
Carrollton Campus, Online
Method of Delivery
Face-to-Face in Carrollton or Online
Accreditation
The University of West Georgia is accredited by The Southern Association of Colleges and Schools Commission on Colleges (SACSCOC).
Credit and transfer
Total semester hours required: 30
Maximum Hours Transferable into program: 6
A transfer credit evaluation will be completed by the UWG Transfer Team (transfer@westga.edu). Course application to a program is subject to review by the department.
This program may be earned entirely online, entirely face-to-face, or anything in between.
Save money.
UWG is often ranked as one of the most affordable accredited university of its kind, regardless of the method of delivery chosen. In addition, online courses and programs can mean a cost-savings in many non-evident ways: No more high gas charges. No childcare needed. The flexibility can allow one to maintain a job while attending school. Regardless of state residency, out-of-state non-resident students are not charged non-resident tuition for online course credit hours.
Details
- Total tuition costs and fees may vary, depending on the instructional method of the courses in which the student chooses to enroll.
- The more courses a student takes in a single term, the more they will typically save in fees and total cost.
- Face-to-Face or partially online courses are charged at the general tuition rate and all mandatory campus fees, based on the student's residency (non-residents are charged at a higher rate).
- Fully or entirely online course tuition rates and fees my vary depending on the program. Students enrolled in exclusively online courses do not pay non-Resident rates.
- Together this means that GA residents pay about the same if they take all face-to-face or partially online courses as they do if they take only fully online courses exclusively; while non-residents save money by taking fully online courses.
- One word of caution: If a student takes a combination of face-to-face and online courses in a single term, they will pay both all mandatory campus fees and the higher eTuition rate.
- For the cost information, as well as payment deadlines, see the Student Accounts and Billing Services website
There are a variety of financial assistance options for students, including scholarships and work study programs. Visit the Office of Financial Aid's website for more information.
Coursework
Downloads
General
Business and government are facing a rapidly expanding need for information security managers. This course surveys information security program design, networking and application security, the implementation of information security safeguards and information security auditing, disaster recovery, policy development, identity management, and effective threat assessment. Students who have taken CISM 4355 cannot take CISM 5355.
Advanced Networking will advance your knowledge of the operation of routers and switches in small networks. It will introduce you to wireless local area networks (WLANs) and network security concepts. By the end of this course you will be able to con gure advanced functionality in routers and switches. You will also be able to perform basic troubleshooting of these components. Using security best practices, you will troubleshoot and resolve common protocol issues in both IPv4 and IPv6 networks.
This course describes the architectures and considerations related to designing, securing, operating, and troubleshooting enterprise networks. This course covers wide area network (WAN) technologies and quality of service (QoS) mechanisms used for secure remote access along with the introduction of software-de ned networking, virtualization, and automation concepts that support the digitalization of networks. Students gain skills to con gure and troubleshoot enterprise networks, and learn to identify and protect against cybersecurity threats. They are introduced to network management tools and learn key concepts of software-de ned networking, including controller-based architectures and how application programming interfaces (APIs) enable network automation. By the end of this course, students will have gained practical, hands-on experience preparing them for the CCNA certi cation exam and career- ready skills for associate-level roles in the Information & Communication Technologies (ICT) industry.
This course examines data and information security, protection, and risk management. The course will help the student identify information security risks, evaluate those risks, and make risk-based decisions given organizational resource constraints. Students will learn foundational concepts in risk management and will be introduced to risk management standards and approaches, both qualitative and quantitative, for risk analysis. This course aims to assist professionals in understanding risk management and enabling them to leverage those principles to make an organization more resilient to operational disruptions and other perils.
Businesses of all sizes need defensive and offensive cybersecurity. Offensive cybersecurity tries to identify and stifle enemy entry points before they have the opportunity to initiate an attack. Offensive includes ethical hacking/penetration testing, vulnerability testing, cloud security testing, and social engineering. Defensive cyber security is the counterpart to the offensive. It is an approach that emphasizes detecting malicious activity, preventing attacks, and responding to cyber incidents in real-time. Defensive includes managed detection and response, remediation support, and dedicated resources.This course provides insights for dealing with security breaches and disasters, compliance, network infrastructure and password management, vulnerability scanning, and penetration testing. Students will gain an overview of existing offensive security techniques, including well-known attacks that break confidentiality, integrity, and availability of computing resources and attacks targeting human weaknesses. Students will learn tools and techniques to help improve security in sensible, manageable chunks.
Confidentiality, integrity, availability, authentication, authorization, and accountability are the most critical security requirements that serve as the basis for deploying and delivering trustworthy I.T. applications and services in enterprises, mobile devices, and via Cloud providers. Adopting cryptography and identity management techniques addresses those security requirements and has become vital to all business applications and electronic transactions. This course provides the ground-up coverage on the high-level concepts, applied mechanisms, architecture, and real-world implementation practices of using cryptography and identity management techniques applied to Blockchain and Cloud hosted applications and services.The course will examine the fundamentals of cryptography, access control principles, identity management and assurance strategies applied to I.T. applications and Cloud infrastructure based services, the use of cryptographic algorithms, mechanisms, and applied technologies intended for encrypting data in transit, use, and at rest, managing cryptographic key operations lifecycle, private blockchain infrastructures (Ethereum/Hyperledger Fabric), integrating public-key infrastructures and certificate authorities, verifying and validating personal, device and host identities with digital signatures, creating directory services, enabling single sign-on authentication, enforcing access control and authorization policies in I.T. resources, monitoring, logging and recording audit trails and leading to meet compliance with industry and regulatory mandates.
This course is designed to help students build and maintain a truly defensible security architecture while guiding them towards implementing Zero Trust principles, pillars, and cloud computing capabilities. Students will learn how to assess and configure existing cybersecurity technologies to significantly improve their organizations' prevention, detection, and response capabilities using cloud-based software (Saas), platform (Paas), and infrastructure (Iaas). The course will also explore some of the latest technologies and their capabilities, strengths, and weaknesses. You will come away with recommendations and suggestions that will aid in building a robust security infrastructure, layer by layer, across hybrid and cloud environments as you embark on a journey towards Zero Trust. Students will gain hands-on experience with secure architecture systems such as Amazon AWS and Google Cloud.
The explosive growth of connected IoT devices enables the world's digitization. Architectures and processes of the past are making way for more modern, real-time applications thanks to IoT (Internet of Things) systems. Dynamic data platforms are being built, and our ability to extract data using the latest analytics techniques is growing. However, the data they also collect dramatically increases the number of security threats. You'll use the latest technologies to perform vulnerability and risk assessments, then research and recommend risk mitigation strategies for common security threats in IoT systems.
This course sits at the intersection of security management, computer security, and software development. It provides students with a foundation of security planning and development by applying security principles to software development lifecycle, contingency, and recovery planning principles. Students will learn practical secure software developing and testing skills. Software security is concerned with ensuring that software processes are designed to prevent data and computing resources from becoming lost, unreliable, altered, inaccessible, or corrupt. In this course, students will learn how to identify, categorize, and prioritize the information and other resources software systems use and develop security requirements for the processes that access the data. Students will learn to develop strategies that mitigate security vulnerabilities caused by either non-conformance to software requirements or omissions caused by incorrect requirements. In this course, students will learn to perform software security evaluations, establish security requirements, develop guidelines for security that are applied during the software design, operations, and maintenance processes, evaluate security requirements during software reviews and audits, develop a configuration and process management policy that addresses corrective action for existing software, monitor software modifications to ensure that any changes do not unintentionally create security violations or software vulnerabilities, and develop plans for the physical security of the software.
Joan Deng, Ph.D.
Professor
Brad Prince, Ph.D.
MBA Director, Professor
Gelareh (Ellie) Towhidi, Ph.D.
Associate Professor
Guidelines for Admittance
- All graduate applicants must complete the online Grad Application. A one-time application fee of $40 is required.
- Applicants should also review the Graduate Studies Website for individual program specific requirements and tasks that must be completed prior to admission. See Graduate Studies Application Process.
- International applicants are subject to additional requirements and application deadlines. See Procedures for International Students.
- Official transcripts from all regionally or nationally accredited institutions attended are required and should be sent directly to the UWG Graduate Admissions Office.
Program Specific Admittance Guidelines
Applicants must meet the following criteria for admission:
- Bachelor's degree in a technology-related field, such as computing, management information systems, networking, network administration, computer engineering, computer science, software engineering, computer security, information technology, and information assurance from an institution of higher education with full regional accreditation for that degree.
- International students must have an undergraduate (bachelor's) degree that is equivalent to a four-year undergraduate degree in the U.S.
- Minimum undergraduate grade point average (GPA) of 2.70 on a 4.0 scale.
Application Deadlines
Specific Graduate Admissions Deadlines are available via the Graduate School Deadlines page.
Admission Process Checklist
The Graduate Studies Application Process checklist is available here
One exception: If you will not ever be traveling to a UWG campus or site, you may apply for an Immunization Exemption. Contact the Immunization Clerk with your request after successful admission.
Contact
Graduate Admissions
graduate@westga.edu
678-839-1394
Richard's College of Business
Dr. Hope Udombon
hudombon@westga.edu
678-839-4773
Specific Graduate Admissions Deadlines are available via the Graduate School
* Application, app fee, and document deadline
See The Scoop for more specific deadlines.
- Demonstrate the ability to identify and evaluate enterprise information and networking assets and their security risks, develop and communicate policies and procedures to protect and manage enterprise information and networking security. (CISM5500, CISM 6410)
- Understand, evaluate, utilize, and communicate security systems and techniques with an emphasis on security vulnerabilities and threats, physical security, and human role, including identity and access management, cryptography, and Internet of Things security. (CISM 5355, CISM 6420, CISM 6430)
- Demonstrate the ability to detect, analyze and resolve security threats and incidents in enterprise networks and systems using variety of technologies such as emerging technologies, big data, cloud computing, mobile computing, social networks, and the Internet of Things to secure an IT infrastructure. (CISM 5600, CISM 6440, CISM 6450)
- Design, develop, test, and evaluate enterprise security contingency plans and enterprise secure systems. (CISM 6460)
- Understand cybersecurity and privacy through careful consideration of technology and policy, including economic, human, legal, organizational, and socio-political factors. (CISM 6470)