Man working at a Computer Lab The Professor's Gate on the GWU Campus outdoor graduation ceremony at GWU soldier in uniform watching an online lesson on a tablet Informal stand-up meeting in a technology office space cherry blossoms surrounding a gazebo on the GWU Campus

Curriculum

The online Master of Engineering in cybersecurity and cloud computing programs at George Washington University are designed for working professionals— blending live class sessions with coursework that can be completed around other obligations. Students who are employed full-time are able to complete the program in approximately 2.5 years, while applying course learning material directly to their current and future jobs.

Each program requires a minimum of 30 credit hours of graduate-level coursework.


Master of Engineering in cybersecurity policy and compliance

Program Learning Objectives

GW faculty and other industry experts collaborated to create a master’s program in cybersecurity policy and compliance that meets the challenge of constantly evolving global threats. The curriculum is designed to ensure graduates will be able to:

  • Analyze cyber incident forensics; forecast cyberattacks using predictive analytics modeling; and devise specific, actionable solutions that exceed traditional IT practices to emphasize cyber intelligence and mitigate risk by managing threat vulnerabilities.
  • Formulate cybersecurity policies by developing cybersecurity situational awareness procedures, identifying laws and applying processes to safeguard sensitive data while sustaining enterprise operations.
  • Design an organization’s mobility solution that integrates mobile device management with industry best practices.

M.Eng Cybersecurity Policy and Compliance Required Courses

CSCI 6012 Cybersecurity and Privacy

Overview of cybersecurity and privacy, including cryptography, authentication, malware, viruses, network security, anonymity, privacy and online privacy, risk management. Common cyberattacks and techniques for detection and defense. Policy and legal perspectives for managing cybersecurity missions supporting the private sector and government. Cyber technologies as applied to the stability of global information and communications infrastructure; government cybersecurity policies.

CSCI 6532 Information Policy

Roles, issues and impacts of computer-based information systems in national and international arenas, focusing on privacy, equity, freedom of speech, intellectual property and access to personal and governmental information. Professional responsibilities, ethics and common and best practices in information use.

EMSE 6540 Management of Information and Systems Security

Development and management of effective security systems. Includes information, personnel and physical security. Emphasis on risk analysis for information protection.

CSCI 6013 Security in Mobile Computing

Relationship between security strategic plan and business strategic plan. Mobile Device Solutions (MDS) to access enterprise corporate data. Bring Your Own Device (BYOD) paradigm. Mobile Device Management (MDM) best practices, policies, network controls to identify countermeasures and risk mitigation strategies against common threats. Overview of mobile security solutions for classified processing and communications. Prerequisite: CSCI 6012.

CSCI 6534 Information Security in Government

Information assurance policies and standards in the federal government as mandated by legislation; security processes following NIST standards; technical tests and validation methods used in the federal government; review of federal threats and vulnerabilities; and government positions in information assurance.

ECE 6132 Secure Cloud Computing

Security and privacy issues in cloud computing systems. Confidentiality, integrity and availability of data and computations. Examination of cloud computing models, threat models, outsourcing and security issues. Practical applications of secure cloud computing.

EMSE 6542 Cybersecurity Risk Management and Compliance

Cybersecurity threats and other risks to an organization’s core business relative to people, processes, data, facilities, technology. Risk-based planning and risk management of cybersecurity at the enterprise level. Creating risk assessment and modeling approaches to cybersecurity issues that enable an enterprise to build security structures, sustain healthy cybersecurity posture, satisfy compliance with risk frameworks such as NIST’s. Prerequisite: EMSE 6540.

EMSE 6543 Managing the Protection of Information Assets and Systems

Advanced topics in protection of information assets and systems, including authentication, asset control, security models and kernels, physical security, personnel security, operational security, administrative security, security configuration management and resource control. Prerequisite: EMSE 6540.

EMSE 6544 Auditing, Monitoring and Intrusion Detection for Information Security Managers

Methods for detecting problems with unauthorized activity in information systems and management challenges associated with those activities. Prerequisite: EMSE 6540.

EMSE 6546 Cybercrime for Information Security Managers

Legal issues regarding information security actions related to and in response to criminal activity, including industrial espionage, back-hacking, cracking and cyberterrorism. Transnational issues, cybercrime treaties and conventions and cyberwar issues.

Master of Engineering in cybersecurity analytics

Program Learning Objectives

The cybersecurity analytics master’s degree has been designed to equip graduates with a blend of technical and business skills to utilize for identifying cybersecurity problems and creating realistic business solutions. The following learning objectives outline the design and structure of the program:

  • Lead organizations in cybersecurity, data analytics and forensics
  • Conduct vulnerability assessment of network applications and operating systems
  • Master fundamentals in upcoming issues in hardware security and address system security holistically
  • Become proficient in developing resilient and defendable networks and emerging IT systems
  • Identify and defend against emergent and advanced persistent threats
  • Demonstrate technological proficiency in secure system/hardware design and cyber resilience
  • Understand the key security components of cloud computing

M.Eng Cybersecurity Analytics Required Courses

CSCI 6015 Cyber Forensics

Covers basic and advanced concepts in the field of cyber forensics, which is concerned with acquiring, preserving and analyzing digitally stored information while ensuring that this information is admissible as evidence in a court of law. Principles and techniques for cyber forensics investigations are explored using industry-standard forensic tools, techniques and procedures in the digital forensic process. Addresses the societal and legal impact of computer activities including computer crime, intellectual property theft, privacy issues and legal ramifications. Covers special rules of evidence that apply to cybercrime investigations including chain of custody, search and seizure, forensic imaging. In addition to the incident-handling process, relevant state, federal, and/or regulatory frameworks governing such activities within different industry sectors are explored in detail. Methods and standards for extraction and preservation of legal evidence, uncovering illicit activities, recovering information left on hard drives and extracting files from intentionally damaged media are also addressed.

CSCI 6016 Applied Network Defense

Apply theory and practice of computer security, focusing specifically on the protection aspects of the Internet. It reviews cryptographic tools to provide security, such as shared key encryption (DES, 3DES, RC and more), public key encryption, key exchange and digital signature (Diffie-Hellmann, RSA, DSS and more). It then reviews how these tools are utilized within the internet protocols and applications like SSL/TLS, IPSEC, Kerberos and more (including wireless). By leveraging case studies and reading seminal research papers, students will learn about network attacks and vulnerabilities as well as current defenses. Topics covered include cryptography, confidentiality and authentication protocols, botnets, firewalls, intrusion detection systems and communication privacy and anonymity. This course also covers offensive and defensive information warfare operations, simulation of various attacks on and defenses of computer systems, laws related to information warfare and history and literature related to information warfare attacks. Prerequisite: SEAS 6014.

EMSE 6132 Secure Cloud Computing

Security and privacy issues in cloud computing systems. Confidentiality, integrity and availability of data and computations. Examination of cloud computing models, threat models, outsourcing and security issues. Practical applications of secure cloud computing.

EMSE 6540 Information Security

Development and management of effective security systems. Includes information, personnel and physical security. Emphasis on risk analysis for information protection.

EMSE 6544 Auditing, Monitoring and Intrusion Detection for Information Security Managers

Methods for detecting problems with unauthorized activity in information systems and management challenges associated with those activities. Prerequisite: EMSE 6540

EMSE 6547 Cyber Resilience

Resilience planning for cybersecurity; assessment and modeling approaches to limit system failure toward creating a cyber-resilient organization; recognition, resistance, recovery, reinstatement from the perspectives of information technologists and engineering managers; existing cybersecurity reliance frameworks; potential policies to sustain a healthy and robust security posture.

EMSE 6560 Open-Source Intelligence Analysis

Analyzing social media and other publicly available data sources can provide a wealth of data that can be used to identify and evaluate threats to an organization’s information assets. The challenge of using social media and other public sources is filtering the useful information from the noise. Students will use data analytics tools and develop decision support frameworks to identify threats, evaluate capability of actors to exploit vulnerabilities and evaluate the risk of damage those actors can do to an organization. While each individual data source may not provide actionable intelligence, compiling data across multiple sources can reveal critical indications of intent and capability of potential threats. This course provides an overview of publicly available data sources and strategies for mining and aggregating data across multiple sources to build a comprehensive profile of threat sources and develop an action plan to defend against these threats.

EMSE 6767 Applied Data Analytics

Applied and practical data analytics. High-level theory, with primary focus on practical application of a broad set of statistical techniques needed to support an empirical foundation for systems engineering and engineering management. A variety of practical visualization and statistical analysis techniques. Leveraging Minitab and Excel to examine raw data to arrive at insightful conclusions.

SEAS 6014 Introduction to Software and Hardware Security

Students will learn the fundamental principles of designing secure software and hardware systems and the range of attacks that seek to compromise them. The course will provide an overview of computer architecture and present attacks targeting the hardware, operating system and application layers. Students will learn how decisions in computer architecture design can lead to vulnerabilities such as cache exploits or side channels; how operating systems seek to provide secure isolation between applications; how applications can be compromised through malicious attacks; and include case studies showing how mobile devices and the Internet of Things pose new security challenges.

SEAS 6410 Security Data Visualization

The main goal of this course is to help students learn, understand and practice the visualization aspect of security data, which includes the study of data analytics and scaling up information security, security metrics and security monitoring techniques focusing on industry applications. It also covers the fundamentals of security data visualization and exploratory data analysis and provides guidelines on information security data visualization and insights with data dashboards. Furthermore, it introduces valuable tools to empower students to create an effective visual image of security data and prepare security data for using the latest techniques in Information Technology (IT) data analytics fields and extracting features from security data sets. Prerequisite: EMSE 6767

Master of Engineering in cloud computing management

Program Learning Objectives

The cloud computing master’s degree has been designed to give graduates an understanding of cloud computing service models, the technical aspects of cloud systems and the business leadership skills to shape cloud strategies of any scale. The following learning objectives guide the design and structure of the program:

  • Understand the latest cloud computing trends
  • Develop an end-to-end cloud strategy
  • Manage your organization’s migration to cloud and its associated risks
  • Leverage cloud computing to extend your computing environment
  • Understand and manage machine learning trends with cloud computing
  • Apply cloud solutions to enterprise challenges

Master of Engineering in Cloud Computing Management Required Courses

CSCI 6012 Cybersecurity and Privacy

Overview of cybersecurity and privacy, including cryptography, authentication, malware, viruses, network security, anonymity, privacy and online privacy, risk management. Common cyberattacks and techniques for detection and defense. Policy and legal perspectives for managing cybersecurity missions supporting the private sector and government. Cyber technologies as applied to the stability of global information and communications infrastructure; government cybersecurity policies.

CSCI 6018 Cloud Applications Architecture

Introduction to cloud application design guidelines and software patterns. The course will provide a survey of cloud services and how they can be used to construct scalable, secure cloud applications. Students will learn to understand trade-offs in cloud application design such as selecting container vs virtual machine deployments, monolithic vs microservice application architectures, as well as new paradigms such as serverless computing. Students will evaluate cloud application architectures and communication frameworks to understand their reliability, efficiency, performance and security.

ECE 6005 Computer Architecture and Design

Advanced topics in computer architecture and design; instruction-level parallelism, thread-level parallelism, memory, multithreading and storage systems.

ECE 6130 Big Data and Cloud Computing

This course covers a wide range of research topics related to big data and cloud computing, including data centers, virtualization, hardware and software architecture, as well as system-level issues on performance, energy efficiency, reliability, scalability and security. Prerequisites: ECE 6005 or ECE 6105

ECE 6132 Secure Cloud Computing

Security concerns and best practices for cloud computing and cloud services; cloud computing architectures, risk issues and legal topics; data security; internal and external clouds; information security frameworks and operations guidelines.

EMSE 6767 Applied Data Analytics

Applied and practical data analytics. High-level theory, with primary focus on practical application of a broad set of statistical techniques needed to support an empirical foundation for systems engineering and engineering management. A variety of practical visualization and statistical analysis techniques. Leveraging Minitab and Excel to examine raw data to arrive at insightful conclusions.

EMSE 6769 Applied Machine Learning for Engineers

A broad introduction to fundamental concepts and techniques in machine learning from the perspective of the systems engineer. The field of machine learning explores algorithms that can learn from examples (e.g. experience) without pre-programmed rules or that can make predictions based on automated analysis of prior data. This course provides students with knowledge of the theory and practice of machine learning, leveraging an open source framework to explore the ideas, algorithms and techniques without a prior background in programming. Topics covered in the course include the relationship between data mining and machine learning, machine learning and statistics, fundamental concepts (preparing/cleansing input data, attribute selection, sampling), linear models, clustering, training/testing/cross-validation, decision trees, probabilistic methods, deep learning, autoencoders, convolutional neural networks and ensemble learning methods.

EMSE 6820 Program and Project Management

Problems in managing projects; project management as planning, organizing, directing and monitoring; project and corporate organizations; duties and responsibilities; the project plan; schedule, cost, earned-value and situation analysis; leadership; team building; conflict management; meetings, presentations and proposals.

SEAS 6411 Management and Compliance in Cloud Computing

Introduction to different approaches of maintaining compliance in cloud. Theory, methodology and procedures related to cloud computing; proper audit procedures for discovering system vulnerabilities; documenting findings according to the standards of compliance-based auditing. Explore the legal and regulatory environments related to cloud computing concerns. Formulate policy and conduct analysis for the prevention of intrusions, attacks and threats to cloud data. Gain an understanding of the value provided by regulatory, policy and compliance guidelines in addition to pure technology options. Prerequisite: ECE 6132

SEAS 6412 Cloud Migration Strategy

An analysis of migrating tradition IT services to a cloud-based environment. This course will help students analyze the technical and business considerations necessary to develop an effective cloud migration strategy for an organization. Students will use a decision analysis framework to prioritize applications for migration to the cloud, discuss how cloud migration affects operations and staffing and analyze the pros and cons of different migration approaches (i.e., lift and shift, refactoring, redevelopment, retirement). This course introduces a framework for choosing the “best fit” cloud approach for your organization, including decision models for selecting from cloud service models (i.e., IaaS, PaaS, SaaS), deployment models (i.e., private/on-premise, community, public, hybrid), emerging cloud models and options for multi-cloud service brokerage. Prerequisite: ECE 6132


Request Information

To learn more about GW’s online graduate programs in cybersecurity and cloud computing, and download a free brochure, fill out the fields below. If you have any additional questions, please call (877) 246-4824 to speak to an admissions counselor.

* All Fields Required. Your Privacy is Protected.

The George Washington University respects your privacy. By submitting this form, you consent to receive emails and calls, which may use automated technology, from a representative of GW. We need your consent to contact you, but you can enroll without consenting to our contacting you.

  Are you enrolling from outside the U.S.? Click Here for an international-friendly contact form.