Master of Science: Cybersecurity

This ten-course Cybersecurity graduate program integrates both technical and non-technical courses in Cybersecurity to prepare Computer Science, Information Systems, and other professionals to fill management, analytical, investigative, operational, and/or technical leadership roles in the Cybersecurity profession. Students are encouraged to select electives based on their individual interests or professional requirements in the discipline. Our program is designed to equip students with the real-world skills that employers are looking for and can be tailored to your individual career goals.

Our Cybersecurity M.S. program is well-established and is designed to accommodate the busy schedules of working professionals.

Important information for Fall 2024 applicants: Starting Fall 2024, the master’s degree in Cybersecurity was updated from a Master of Professional Studies (M.P.S.) to a Master of Science (M.S.). All master’s applications that were received towards the M.P.S. in Cybersecurity for Fall 2024 will instead be considered for admission to the new M.S. in Cybersecurity.

Current M.P.S. students who began the program in Spring 2024 or earlier may finish their current degree or seamlessly transition into the new M.S. program with no disruption to their studies or time-to-graduation.

Master’s Degree in Cybersecurity Program Requirements:

In order to gain a rigorous base of knowledge, students in the Cybersecurity master’s program must complete 10 courses (30 credits). Students are encouraged to tailor their coursework to their interests and career goals. All students must complete 18 credits through our 6 required Cybersecurity courses listed below (18 credits). The remaining 12 credits can be completed by choosing 4 of our elective Cybersecurity course.

Required Core Cybersecurity Courses (18 credits):

(Please note: Some required core courses may be substituted via transfer credits or alternative UMBC courses with approval from the Graduate Program Director)

CYBR 620: Intro to Cybersecurity

This course introduces students to the interdisciplinary field of cybersecurity by discussing the evolution of information security into cybersecurity, cybersecurity theory, and the relationship of cybersecurity to nations, businesses, society, and people. Students will be exposed to multiple cybersecurity technologies, processes, and procedures, learn how to analyze the threats, vulnerabilities and risks present in these environments, and develop appropriate strategies to mitigate potential cybersecurity problems.

Prospective students who have earned the CISSP designation within the past 5 years may, if admitted, substitute another course for CYBR 620 “Introduction to Cybersecurity” in their first semester of the CYBR MS program. Students should provide evidence of successful completion of the CISSP exam within that timeframe (such as a transcript or official documentation from the certifying authority) to UMBC as part of their application.

Prerequisite: Enrollment in the CYBR program or in at least the second semester of graduate study. Other students may be admitted with instructor permission.

CYBR 624: Cybersecurity Project

This is the capstone experience for graduate students in the MS Cybersecurity program. Normally taken in the final semester before graduation, the Cybersecurity Project provides an opportunity for students to carry out an individual piece of research (or project activity) on a specified topic in the cybersecurity or cyber operations domain. Their work should make an original contribution to the body of knowledge in the area of study or otherwise demonstrate the student’s comprehensive knowledge of cybersecurity or cyber operations.

Prerequisite: Enrollment in CYBR MS program and completion of at least CYBR 620, CYBR 623, CYBR 650.

CYBR 650: Managing Cybersecurity Operations

This course takes an operational approach to implementing and managing effective cybersecurity in highly networked enterprises. Topics include an evaluation of government and commercial security management models; security program development; risk assessment and mitigation; threat/vulnerability analysis and risk remediation; cybersecurity operations; incident handling; business continuity planning and disaster recovery; security policy formulation and implementation; large-scale cybersecurity program coordination; management controls related to cybersecurity programs; information-sharing; and privacy, legal, compliance, and ethical issues.

CYBR 652: Enterprise Security

This class will take a technical approach in protection of information assets and systems by integrating technical controls with policies, best practices, and guidelines of cybersecurity. Taking both a policy-based and technical approach, this course examines external and internal security threats in highly connected enterprises and risks to the core business relative to people, processes, data, facilities, and technologies. How to implement and manage effective the major technical components of security architectures (firewalls, virtual private networks, etc.) and selected methods of attacking enterprise architectures also will be addressed.

CYBR 655: Security of Distributed Systems

This course focuses on a broad range of topics relative to securing distributed systems. Students will gain an understanding of the principles and techniques behind the design of distributed systems along with their associated cybersecurity issues and remediation techniques. Cloud computing and the Internet of Things (IoT) will be some of the major types of distributed environments examined.

CYBR 658: Risk Analysis and Compliance

This course focuses the student on a broad range of topics relative to risk-based planning for enterprise cybersecurity. The intent is focusing on creating risk assessment and modeling approaches to solve cybersecurity issues so that organizations can build security framework and sustain a healthy security posture. This course analyzes external and internal security threats, failed systems development and system processes and explores their respective risk mitigation solutions through policies, best practices, operational procedures, and government regulations. Risk frameworks covered include NIST SP 800-12, SP 800-37, SP 800-39, and CERT/CC risk analysis guidelines.

Elective Courses (12 credits)

Students must select four courses (12 credits) of electives. Some elective pathway courses may lead to a post-Baccalaureate certificate, in that plan of study. 

We’re here to help! Stay connected with us.

Map to Term on the Opportunity

Map to Applying To on Application


Cyber M.S./J.D. and Maryland Carey Law

Qualified students at the University of Maryland Francis King Carey School of Law can prepare for a career in cybersecurity and legal fields through an MS in Cybersecurity at UMBC. The dual J.D./M.S. partnership with UMBC and Maryland Carey Law supports a comprehensive understanding of the legal and policy issues in cybersecurity. Each program can be completed in less time and at less cost than if they were completed separately.

Students must apply and meet all application criteria and be admitted to each program before beginning this program. To obtain the MS degree, students must earn 30 credits. Up to 12 credits from the Law School can be used to fulfill this requirements. Up to 9 credits from the MS Program at UMBC can be used to complete the 85 credit requirement for the JD degree.

UMBC accepts the following Maryland Carey Law courses for transfer credit (B grade or better required)

  • Law and Policy of Cybersecurity (3 credits)
  • Law and Policy of Cybercrime (3 credits)
  • National Security, Electronic Surveillance, and the Fourth Amendment (3 credits)
  • International Law and Cybersecurity (3 credits)

Looking for more info?