MaconCatalog : The School of Engineering : Degree Programs : Cybersecurity (M.S.)
 
Cybersecurity (M.S.)
The Cybersecurity Master of Science degree is designed to prepare students from various background to develop cybersecurity technology strategies and plans for organizations, to build cybersecurity focused technology operations within organizations, to assist organizations to use data analytics and intelligence, to create strategies for mobile, cloud, and other environments like the Internet of things. The Embedded Computer/IoT courses and the Software Security courses have a strong hardware/software emphasis. The program has four focus areas which allow students with appropriate backgrounds to select from:
a cybersecurity for business core,
a cybersecurity operations core,
an embedded computer/IoT with cybersecurity core,
or a Software Security core.
Students choosing one of these cores may also select electives from one of the others. The Cybersecurity for Business Core and Cybersecurity Operations Core are focused on cybersecurity strategies and operations. The Embedded Computer/IoT and Software Security Core are focused on direct implementation of hardware/software systems, including large and small software systems, and small dedicated sensors and actuators, with cybersecurity built in to the initial design. All four focus areas are intended to help prepare students for broad cybersecurity certification, and the Software Security path is intended to help students prepare for certification in software security. Students will choose their focus area based on their background (technical or non-technical) and their interests. Note that CYS 603 Cybersecurity Experimentation is a hands-on laboratory course and is required for all cybersecurity MS students.
The Master of Science in Cybersecurity is a joint program between the School of Engineering, the College of Liberal Arts and Sciences, the Eugene W Stetson-Hatcher School of Business, and the Center for Professional Advancement. The degree itself is awarded by the School of Engineering, however the program was co-operatively developed and is taught and maintained across departments in these academic units.
Distance Learning
All of the required courses for this program (CYS 5xx or CYS 6xx) may be taken in live, mostly evening, classes on campus in Macon, or may be taken either entirely or partly on-line. CYS 6xx courses are available on-line. The exception to on-line availability is that some elective CYS 5xx courses may be available only in live off-line daytime classes on the Macon campus.
Admission Requirements
Although the program is designed as a graduate path for students with an undergraduate degree in business, computer science, information technology, cybersecurity, or engineering, students with other backgrounds should be comfortable in the program. Some of the focus areas do not require a technical background and are focused on operations and management of cybersecurity systems. Other core areas require a background in engineering or computer science. Academic requirements for admission to programs in the School of Engineering are listed in the engineering section of the Mercer graduate catalog.
Curriculum
The Master of Science in Cybersecurity curriculum requires that a total of 30 semester hours of graduate coursework be completed. Students choosing the thesis option are required to do a full research program (6 hours of SSE 699), and to write a master’s thesis in partial fulfillment of the degree requirements. Details of master’s program requirements for the School of Engineering are given in the Engineering section of the Mercer University Graduate Catalog.
The Master of Science in cybersecurity curriculum requires a total of 30 credits, and that at least 18 of the 30 credits be at the 6XX level. In addition, the Master of Science in cybersecurity curriculum requires that the 30 credit hours meet the following constraints:
Three foundation courses (9 hours)
Four courses from one core area (12 hours)
Three elective courses, including thesis or other approved courses (9 hours)
 
I. Three Foundation Courses
CYS 601. Information Security and Assurance
CYS 602. IT Principles and Applications
CYS 523. Cybersecurity Law, Ethics, and Policy
 
II. Four Core Courses from one Core area
Cybersecurity for Business Core
CYS 621. Cybersecurity Governance and Risk Management
CYS 603. Cybersecurity Experimentation
CYS 653. Business and IT Service Strategy
CYS 623. Cybersecurity Program Design and Management
 
Cybersecurity Operations Core
CYS 621. Cybersecurity Governance and Risk Management
CYS 603. Cybersecurity Experimentation
CYS 654. Virtualization and Cybersecurity
CYS 622. Cyber Intelligence and Threat Hunting
 
Embedded Computer Systems/IoT with Cybersecurity Core
CYS 621. Cybersecurity Governance and Risk Management
CYS 603. Cybersecurity Experimentation
CYS 573. Secure Hardware and Embedded Devices
CYS 572. Mobile Computing and Security
 
Software Security Core
CYS 621. Cybersecurity Governance and Risk Management
CYS 603. Cybersecurity Experimentation
CYS 664. Software Security
CYS 685. Software Analysis and Security Testing
 
III. Three Elective Courses
Students choosing the thesis option will take 6 credits of thesis research as two of their elective courses. Students may optionally complete a Software Engineering or Software Systems minor with these three elective courses. Any of the core courses not already taken may be chosen as elective courses so they are included in the list below. With permission, other Mercer graduate courses (such as graduate courses in business, engineering, or software engineering) may be selected as elective courses. Such courses should be consistent with the student’s professional goals and should be acceptable to the faculty of the cybersecurity program.
CYS 521. Cyber-Crime Investigation and Digital Forensics
CYS 522. IoT, Cloud, and Mobile Security
CYS 523. Cybersecurity law, Ethics, and Policy
CYS 525. Enterprise Security Management
CYS 572. Mobile Computing and Security
CYS 573. Secure Hardware and Embedded Devices
CYS 622. Cyber Intelligence and Threat Hunting
CYS 623. Cybersecurity Program Design and Management
CYS 642. Malware Design, Analysis, and Reverse Engineering
CYS 653. Business and IT Service Strategy
CYS 654. Virtualization and Cybersecurity
CYS 664. Software Security
CYS 672. Introduction to Neural Networks Application in Cybersecurity
CYS 674. Introduction to Genetic Algorithms Application in Cybersecurity
CYS 676. Introduction to Fuzzy Logic Application in Cybersecurity
CYS 683. Secure Software Design
CYS 685. Software Analysis and Security Testing
CYS 691. 692, 693. Special Topics in Cybersecurity
CYS 698. Professional Seminar
CYS 699. Thesis Research
Graduate courses in business, engineering, or software engineering (with permission)
 
CYS Courses
CYS 521. Cyber-Crime Investigation and Digital Forensics (3 hours)
Prerequisite: Graduate Standing and Permission of the Instructor.
This course will introduce students to digital forensics as used to analyze both corporate security incidents and criminal evidence in computer systems and digital media. Forensic tools and techniques for storage and memory analysis of Windows/Linux, network traffic, mobile devices, and documentation are covered and reinforced with hands-on exercises run in a virtual machine environment. Students will learn how to collect, process, analyze, and report evidence that is legally admissible to support the investigation of cyber-crimes. (Every two years)
CYS 522. IoT, Cloud, and Mobile Security (3 hours)
Prerequisite: Graduate Standing and Permission of the Instructor.
Students will understand the vulnerabilities associated with the use of cloud computing technologies, internet of things, and mobile devices. Students will learn how to securely provision, operate, and maintain technology to support cloud-based systems, internet of things, and mobile devices. Students will also be introduced to industrial networks and SCADA systems and gain an understanding into the security, reliability, and stability requirements of such systems. (Every two years)
CYS 523. Cybersecurity law, Ethics, and Policy (3 hours)
Prerequisite: Graduate Standing and Permission of the Instructor.
Students will learn about laws, regulations and ethics that apply to all aspects of information security. Introduce Students to the fundamental concepts of security policy, audit and compliance process in different IT environments. Introduce students to code of practice for security controls and tools to perform audit, assessment, and compliance analysis of security controls. (Every two years)
CYS 525. Enterprise Cybersecurity Management (3 hours)
Prerequisite: Graduate Standing and Permission of the Instructor.
Students will learn concepts in the design, implementation, and management of an information management system program. Topics covered in this course will include; enterprise and security architectures, risk management frameworks, cybersecurity frameworks, and cybersecurity guidelines. (Every two years)
CYS 572. Mobile Computing and Security (3 hours)
Prerequisite: ECE 323 or equivalent.
Assessment of vulnerabilities and threat vectors associated with mobile computing devices. Mitigation techniques including security configurations as well as security software. Organizational mobile device security policy requirements. This course is available only to students enrolled in a graduate program and contains activities consistent with a graduate level engineering course. (Every two years).
CYS 573. Secure Hardware and Embedded Devices (3 hours)
Prerequisite: ECE 323 or equivalent.
Security and trust of hardware and embedded devices, with a particular focus on the emerging security challenges facing the Internet of Things (IoT) technology. Principles of trusted computing. Industry standard solutions for securing IoT devices. This course is available only to students enrolled in a graduate program and contains activities consistent with a graduate level cybersecurity course. (Every two years).
CYS 601. Information Security and Assurance (3 hours)
Prerequisite: Graduate standing or permission of the instructor.
This course introduces students to the fundamental principles and concepts of cybersecurity and how they are used to provide system security. Students will understand how threats, risks, policies, and controls impact cybersecurity; analyze common security failures and identify specific design principles that have been violated; understand the interaction between security and system usability and the importance of minimizing the effects of security mechanisms. (Every year)
CYS 602. IT Principles and Applications (3 hours)
Prerequisite: Graduate standing or permission of the instructor
This course covers networking and operating systems basics necessary for the understanding of cybersecurity. This course will cover protocols, hardware and software components, tools, and technologies of modern computing environments and their individual functions and security implications. (Every year)
CYS 603. Cybersecurity Experimentation (3 hours)
Prerequisite: CYS 601 and CYS 602.
Students will build virtual networks of increasing complexity, and will gain experience using common network security tools to identify, verify, and remedy security vulnerabilities. (Every year)
CYS 621. Cybersecurity Governance and Risk Management (3 hours)
Prerequisite: CYS 601 and CYS 602.
This course focuses on the development of a good cybersecurity governance strategy based on cybersecurity risk management and organizational/business goals. This course will cover programs, frameworks, best-practices, and guidelines used in cybersecurity governance and risk management. (Every two years)
CYS 622. Cyber Intelligence and Threat Hunting (3 hours)
Prerequisite: CYS 601 and CYS 602.
Proactively detect and isolate advance threats through the collection of intelligence from open-source intelligence sources, social media, human intelligence, technical intelligence or intelligence from the deep and dark web. (Every two years)
CYS 623. Cybersecurity Program Design and Management (3 hours)
Prerequisite: CYS 601 and CYS 602.
Develop cybersecurity programs. Identify security controls, goals, objectives, and metrics required to implement an organization-wide security program. Understand the people, process, and technology requirements for an effective security program. Topics to include supply-chain management, asset management, vulnerability management, configuration management, incident management, and employee onboarding and off boarding. (Every two years)
CYS 642. Malware Design, Analysis, and Reverse Engineering (3 hours)
Prerequisite: CYS 601 and CYS 602.
Analyze software applications for malicious behavior. Malware behavior and hiding techniques, disassembling and decompiling of malware. Develop malware detection algorithms. (Every two years)
CYS 653. Business and IT Service Strategy (3 hours)
Prerequisite: CYS 601 and CYS 602.
Understand the impact of cybersecurity in delivering business goals and objectives through IT services. Concepts and strategy to maximize security and minimize service disruptions due to security controls. (Every two years)
CYS 654. Virtualization, Automation, and Cybersecurity (3 hours)
Prerequisite: CYS 601 and CYS 602.
Virtualization concept, Containers, VMs, virtual network, automation, and orchestration, DevSecOps, microservices, Emerging topics. (Every two years)
CYS 664/SSE 664. Software Security (3 hours)
Prerequisite SSE 550 or equivalent.
Topics in software security. (Every two years)
CYS 672. Introduction to Neural Networks Application in Cybersecurity (3 hours)
Prerequisite: Graduate Standing.
Course provides an introduction to concepts in neural networks and provides hands on experience of using neural networks to solve real world problems in a context of a cybersecurity project. Neural Networks, which include Deep Learning, are a part of computational intelligence, which are a rapidly growing area of artificial intelligence. Topics include classification, pattern recognition, regression, data mining, parallel distributed processing, and learning algorithm. Course will introduce real neural networks engines/tools for hands on experience with design, calibration, and implementation of neural networks in a cybersecurity project setting. (Every two years)
CYS 674. Introduction to Genetic Algorithms Application in Cybersecurity (3 hours)
Prerequisite: Graduate Standing.
Course provides an introduction to concepts in Genetic Algorithms and provides hands on experience using Genetic Algorithms to solve real world cybersecurity problems in a context of a project. Genetic Algorithms are a part of computational intelligence, which is a rapidly growing area of artificial intelligence. This course will emphasize application of Genetic Algorithms engines/tools for hands on experience with design, calibration, and implementation of Genetic Algorithm in a cybersecurity project setting. (Every two years)
CYS 676. Introduction to Fuzzy Logic Application in Cybersecurity (3 hours)
Prerequisite: Graduate Standing.
Course provides an introduction to concepts in Fuzzy Logic and provides hands on experience using Fuzzy Logics to solve real world cybersecurity problems in a context of a project. Fuzzy Logics are a part of computational intelligence, which is a rapidly growing area of artificial intelligence. This course will emphasize application of Fuzzy Logic widely used for addressing real-world problems related to decision making, control, image processing, etc. Fuzzy Logics can deal with incompleteness and lack of expert knowledge of the data, contrary to other Artificial Intelligence which requires exact knowledge. Course will introduce Fuzzy Logic engines/tools for hands on experience with design, calibration, and implementation of Fuzzy Logic in a programming setting. (Every two years)
CYS 683. Secure Software Design (3 hours)
Prerequisite SSE 550 or equivalent.
Methodologies, best practices, and architectural techniques that lead to the development of secure software. Establishment of trusted interfaces. Secure software lifecycle design concepts. Architectural risk assessment. (Every two years)
CYS 685. Software Analysis and Security Testing (3 hours)
Prerequisite SSE 550 or equivalent.
Development of test plans, vulnerability assessments, resolving software problems. Functional security testing, testing techniques. (Every two years)
 
Special Courses: ECE 691, 692, 693, 699 may be taken for variable credit and may be repeated for credit with permission of advisor. (Occasionally)
CYS 691, 692, 693. Special Topics in Cybersecurity (1-6 hours)
CYS 698. Professional Seminar (1-6 hours)
CYS 699. Thesis Research (1-6 hours)
A maximum of 6 hours of research may be counted toward the degree. Only grades of satisfactory or unsatisfactory will be assigned.