Business Cybersecurity Management M.S.

August 21, 2019
Next Start Date
$1,023
Per Credit Hour

Overview

In today's world there is a significant need for cybersecurity professionals in both business and government to combat intellectual property theft, credit card fraud, pirated content, data theft, malware, ransomware, and more. The U.S. Bureau of Labor Statistics indicates that the job outlook in this field through 2026 is growing at a much faster-than-average rate of 28% per year.

 

The online graduate degree in Business Cybersecurity Management, offered through the WVU College of Business and Economics, gives students the skills they need to become cybersecurity professionals and to adapt to growing changes in security technology. The program provides a natural graduate pathway for students in computer science, management information systems and criminal justice.



Accreditation

West Virginia University is accredited by the Higher Learning Commission. The College of Business and Economics is accredited by AACSB - the Association to Advance Collegiate Schools of Business.



Admissions

Applicants must be admitted to WVU as a graduate student using 2140 as the major code.

  1. Enter the WVU Application portal.
  2. Create a username and password.
  3. Once an account has been created, applicants can edit the application at their discretion. Please complete all questions asked.
  4. When selecting a start term, choose "fall."
  5. Upload an up-to-date resume. Your resume should include enough information for the admissions committee to trace your entire professional work history and should indicate any relevant affiliations.
  6. Request 1-3 letters of recommendation through the online portal. Individual letters should not exceed one page. We recommend that your reference provide some information that is not found in the other materials being submitted. Topics regarding to your ability to work with others, your discipline and ambition, leadership potential, etc. should be addressed. Your reference letter(s) should cover aptitudes necessary for your success in the program to which you are applying.
  7. Create a Statement of Purpose (not to exceed one page). Your statement of purpose should be a short, one-page essay which describes your interest in the program, why you wish to pursue the program at WVU, how the program will help you reach your career goals, and any additional information which may be necessary to understanding your candidacy.
  8. Pay application fee.
  9. Submit application.
  10. Applicants will then need to send their transcripts to WVU's Office of Admissions. If the applicant's undergraduate school offers "e-script" (an official electronic copy of transcripts), email the transcripts to GraduateAdmissions@mail.wvu.edu. This will help expedite the admissions process. If they do not offer this service, please have your official transcripts mailed to:
    West Virginia University Office of Graduate Admissions and Recruitment   
    PO Box 6510   
    Morgantown, WV 26506-6510
  11. For applicants submitting GMAT/GRE scores, the program GMAT code is C2S-6D-25 or 5904 for GRE. For applicants requesting a GMAT or GRE waiver based on 5 or more years of relevant professional work experience, please indicate request for waiver in your Statement of Purpose. Graduates from the WVU Management Information Systems (MIS) program with a 3.25 or higher GPA are permitted to waive the GMAT.
  12. International Students are required to submit a TOEFL or IELTS score. The College of Business & Economics TOEFL requirement is higher than the University's—applicants must have a TOEFL score of either 580 (paper), 237 (computer), or 92 (Internet-based). If you have taken the IELTS instead of the TOEFL, the minimum score must be 6.5. English language exam scores should be sent to the Office of Admissions, West Virginia University, PO Box 6009, Morgantown, WV 26506-6009.

Applications will be reviewed on a rolling basis  once all parts of the application are received including transcripts, test scores, and letters of recommendation. Applications received after July 1 will be reviewed based on available space in the class.



Cost

Residents Non-Residents
Tuition and Fees

for academic year 2018-2019

$1,023

Per Credit Hour

$1,023

Per Credit Hour

Financial aid is available. Students are encouraged to file the Free Application for Federal Student Aid (FAFSA) form to determine their eligibility for federal and state funds as well as scholarships. WVU’s FAFSA Code is 003827.



Curriculum

MS in Business Cybersecurity Management Course Plan

 

View Curriculum

 

 

The MS in Business Cybersecurity Management program is 30 credit hours. The program is housed in the Department of Management Information Systems in the College of Business and Economics. Students will complete a 10-course online sequence in a one-year time period.


All students are required to attend an on-campus residency in August of their matriculation, and also are required to attend an on-campus residency to present their capstone project at the conclusion of the program.

 

Students must have a cumulative GPA of 3.0 on all relevant coursework to meet graduation requirements.

 

Students will complete ten courses (30 credit hours). Courses will include the following subject matter:

  • Foundations for an understanding of Business Data Analytics, giving an overview of the field by covering key concepts including: foundations and technologies of business decision making, data mining, data warehousing, visual analytics, predictive modeling, text analytics, text mining, sentiment analysis, web analytics, business intelligence decision modeling techniques and solutions, expert systems, knowledge management, and future technologies.
  • Understanding of database design concepts and logic, including data modeling, database design, and the logic of database queries. In order to analyze data, one must be able to access, organize and query databases. The course focuses on relational databases and queries, but also includes object-oriented databases, large volume databases, database performance, scalability and live streaming considerations.
  • Learn effective leadership solutions related to the management of security risks and cyber threats in private- and public-sector organizations including the topics of risk analysis, security controls, risk exposure, risk transfer, quantification of risk such as annualized loss expectancy, attention to insider threat risk identification and reduction, the security auditing role, IT security governance, and security policy management. Computer-assisted audit tools will be introduced, along with aspects of robust electronic commerce funds transfer mechanisms and security.
  • Overview of corporate data communications networks, the TCP/IP model and related technologies of the data communications corporate infrastructure as well as a survey of the essential tools and strategies for the management of secure, effective business networks. Students will understand key concepts related to optimal, cost-effective network architectures, network hardware, and network applications deployment. Requests for Proposal, Service Level Agreements, vendor contracts, issues of web hosting management will be covered. Students will be encouraged to take and pass the Network+ Certification.
  • Managerial and technical aspects of information security in corporate and organizational networks. The course covers security issues in information systems, software development, data center design, disaster recovery planning, business impact analysis, business continuity planning, security technologies, implementation, and security strategy.  Malware, attack vectors, threats and vulnerabilities will be discussed, along with coverage of the tools required to deliver confidentiality, integrity, authentication, non-repudiation and availability. A variety of cryptographic techniques are included here, along with coverage of effective administration of business security operations.  Students will be encouraged to take and pass either the Security +, ISC2 SSCP, or the GIAC certifications (Security Leadership, Systems and Network Auditor or Information Security Professional certifications).
  • Information ethics, including such topics as privacy protection and control, surveillance, link analysis, personally identifiable data, sensitive data, data anonymity, data privacy, data accessibility, data sharing, censorship, intellectual property, accuracy, virtual reality and artificial intelligence. Includes legal procedures and US and foreign laws of data collection and storage, security and law enforcement investigations, as well as compliance management for government, publicly held corporations and the healthcare industry sectors (laws of e-Discovery, compliance for SOX, HIPAA, Gramm-Leach-Bliley Act, CIPA, etc.).
  • Managerial skills to manage, protect, defend, and audit the security of information systems through hands-on vulnerability assessments, statistical analysis, and risk-based decision making. Students will learn to explain Blue Team/Red Team test plans and will work in the virtual lab space to perform independent testing of safety and mission-critical software systems to ensure that systems will not malfunction and will respond in the desired way under adverse circumstances. Students must be able to plan, execute, upgrade, and monitor various security controls such as ACLs for the protection of computer networks and information.
  • Computer-aided data analysis techniques for detecting and investigating fraud cases, issues related to the collection and use of digital evidence, and collection of data from electronic devices.
  • Data and information visualization, including both theoretical and practical aspects. In addition to basic visualization techniques, the course covers the application of multivariate techniques in an environment that includes large data sets. Students are involved in both the creation of visualizations, as well as their interpretation.
  • Experiential learning opportunities through which students can sharpen their Business Cybersecurity skills through teamwork, professional communication, problem solving, and engagement with a real-world business cyber problem. Project work will include working with a client organization to provide an analysis, data collection and recommended solution to a cybersecurity business problem. Involves temporary placement with public or private enterprise for professional competence development.

BUDA 510. Foundations of Business Intelligence. 3 Hours.

This course provides the foundations for an understanding of Business Data Analytics, giving an overview of the field by covering key concepts including: foundations and technologies of business decision making, data mining, data warehousing, visual analytics, predictive modeling, text analytics, text mining, sentiment analysis, web analytics, business intelligence decision modeling techniques and solutions, expert systems, knowledge management, and future technologies.

 

CYBR PURPOSE: Asset security, asset valuation, security of operations, systems architectures, Identification and framing of questions and problems, using results for decision making, plans of action, business overview of information systems and technologies.

BUDA 520. Data Management. 3 Hours.

This course provides an understanding of database design concepts and logic, including data modeling, database design, and the logic of database queries. In order to analyze data, one must be able to access, organize and query databases. The course focuses on relational databases and queries, but also includes object-oriented databases, large volume databases, database performance, scalability, and live streaming considerations.

 

CYBR PURPOSE: Software development security, security models and architecture, computer system architecture, processes and applications, application and system development, user authorization, data queries, logic, algorithms, continuous audit, real time monitoring, process mapping.

CYBR 525. Information Security Assurance Management. 3 Hours.

This course will prepare students to learn effective leadership solutions related to the management of security risks and cyber threats in private and public-sector organizations, including the topics of risk analysis, security controls, risk exposure, risk transfer, quantification of risk such as annualized loss expectancy, attention to insider threat risk identification and reduction, the security auditing role, IT security governance, and security policy management. Computer-assisted audit tools will be introduced, and aspects of robust electronic commerce funds transfer mechanisms and security will be learned in the class.

 

CYBR PURPOSE: Security Management Practices, Risk Analysis, Valuation of Assets, Qualitative vs. Quantitative Risk Methods, Total Risk vs. Residual Risk, Private Industry vs. Military and Government Organizations, Governance, Policy Management, Financial Industry considerations, Budgeting for the Information Security function, Data Center Design, evaluation of Cloud Services security, ROI.

CYBR 530. Business Data Communications. 3 Hours.

Provides an overview of corporate data communications networks, the TCP/IP model and related technologies of the data communications corporate infrastructure, as well as a survey of the essential tools and strategies for the management of secure, effective business networks. Students will understand key concepts related to optimal, cost-effective network architectures, network hardware, and network applications deployment. Requests for Proposal, Service Level Agreements, vendor contracts, and issues of web hosting management will be covered. Students will be encouraged to take and pass the Network+ Certification.

 

CYBR PURPOSE: Telecommunications and network security, OSI model, TCP, IP, Topologies, Protocols, devices, Remote Access, Cryptography introduction, Operations Security, TCP/IP Model and technologies of corporate communications architecture.

CYBR 535. Network Security Management. 3 Hours.

This course focuses on the managerial and technical aspects of information security in corporate and organizational networks. The course covers security issues in information systems, software development, data center design, disaster recovery planning, business impact analysis, business continuity planning, security technologies, implementation, and security strategy. Malware, attack vectors, threats and vulnerabilities will be discussed, along with coverage of the tools required to deliver confidentiality, integrity, authentication, non-repudiation and availability. A variety of cryptographic techniques are included here, along with coverage of effective administration of business security operations. Students will be encouraged to take and pass either the Security +, ISC2 SSCP, or the GIAC certifications (Security Leadership, Systems and Network Auditor or Information Security Professional certifications).

 

CYBR PURPOSE: Cryptography, BCP, DRP, Data Center design, Physical Security, Malware, Access Controls, Networking Security, Segregation, Isolation, Hardening, Directory, Single points of failure, PKI, Key Management, Attacks and Attack Prevention, Recovery, Testing and Drills, Security Strategies and Management.

CYBR 540. Information Ethics and Legal Procedures. 3 Hours.

This course introduces the student to the field of information ethics, including such topics as privacy protection and control, surveillance, link analysis, personally identifiable data, sensitive data, data anonymity, data privacy, data accessibility, data sharing, censorship, intellectual property, accuracy, virtual reality and artificial intelligence. Includes legal procedures and U.S. and foreign laws of data collection and storage, security and law enforcement investigations, as well as compliance management for government, publicly held corporations and the healthcare industry sectors (laws of e-Discovery, compliance for SOX, HIPAA, Gramm-Leach-Bliley Act, CIPA, etc.). Students may wish to take the GIAC certification for Law of Data Security & Investigations or CISA following this course. (3 Hours)

 

CYBR PURPOSE: Law, investigation and ethics, cyberlaw, identification, protection and prosecution, IP law, discarding equipment and software issues, computer crime investigations, incident handling, what is admissible in court, surveillance, search and seizure, transborder information flows, GDPR, privacy, HIPAA, GLB, Espionage Act, Export Control, SOX, Sovereignty, libel, patents, antipiracy law, rights in the workplace, employee monitoring.

CYBR 545: Business Cybercrime Management

Learn the managerial skills to manage, protect, defend, and audit the security of information systems through hands-on vulnerability assessments, statistical analysis, and risk-based decision making. Students will learn to explain Blue Team/Red Team test plans and will work in the virtual lab space to perform independent testing of safety and mission-critical software systems to ensure that systems will not malfunction and will respond in the desired way under adverse circumstances. Be able to plan, execute, upgrade, and monitor various security controls such as ACLs for the protection of computer networks and information. Upon completion of the course, students should be able to ensure that appropriate, cost-effective business security controls are in place to safeguard digital files and critical electronic infrastructure. Students will learn Incident Response techniques to technological security breaches/viruses as well as to compile required documents for internal and external IT security audits. Students may wish to take the CISA (ISACA Certified Information Systems Auditor) certification.

 

CYBR PURPOSE: Respond to problems and incidents, minimize operational impact, investigate incidents, track systems performance, analyze user behavior, identify risks and attacks and execute necessary actions to avoid and reduce the threats from these risks and attacks, maintain CIA, managerial and technical aspects of complex cybersecurity topics, porn and spam filters, tracing and information gathering, file integrity, injection attacks, and pen testing.

ACCT 582 Fraud Data Analysis. 3 Hours.

Digital prevention and deterrence, digital evidence, digital detection and investigation, including data mining, digital presentation and reporting tools, cyber-crime and electronic case management tools.

 

CYBR PURPOSE: Security Management Practices, Security Administration and Controls, CIA, Security Intrusion and Detection, Computer Crime Investigations.

BUDA 550. Business Data Visualization. 3 Hours.

This course introduces students to data and information visualization, including both theoretical and practical aspects. In addition to basic visualization techniques, the course covers the application of multivariate techniques in an environment that includes large data sets. Students are involved in both the creation of visualizations, as well as their interpretation.

 

CYBR PURPOSE: Managerial-level analysis of security operations and trend management and observation, managerial presentation, analytical tools via data visualization toolkit, graphics, charts, interactive visuals, pattern determination, building custom dashboards for CYBR management.

CYBR 555. Cybersecurity Management Practicum. 3 Hours.

This course provides students the opportunity to engage in a full-scale cybersecurity experiential learning program, to be planned, supervised, and evaluated for credit by faculty and field supervisors. The intent of the course is to provide experiential learning opportunities through which students can sharpen their Business Cybersecurity skills through teamwork, professional communication, problem solving, and engagement with a real world business cyber problem. Project work will include working with a client organization to provide an analysis, data collection and recommended solution to a cybersecurity business problem. Involves temporary placement with public or private enterprise for professional competence development.

 

CYBR PURPOSE: This capstone class will pull together the student’s curriculum into a holistic summary, enabling the development of a full-scale cybersecurity business analysis report and project summary, with formal presentation to a client sponsor. Communication of results to top management.



Career Information

Students who graduate from WVU Online with the Business Cybersecurity Management M.S. degree may be prepared for the following careers. These are only a few examples of some of the many opportunities that will be open to you with this degree. Advanced degrees or certifications may be required for some positions.

 

Computer Systems Analysts

Projected Growth: 5-9%

Computer & Information Systems Managers

Projected Growth: 10-14% *Bright Outlook

Security Management Specialists

Projected Growth: 5-9% *Bright Outlook

Information Security Analysts

Projected Growth: 15% or higher *Bright Outlook

Business Continuity Planners

Projected Growth: 5-9% *Bright Outlook

 

 

Information about careers on this list comes from the Occupational Information Network (O*NET) of the U.S. Department of Labor/Employment and Training Administration (USDOL/ETA).