Master of Engineering in Cybersecurity Policy & Compliance: Program Quick Facts

Completion Time: Approximately 2 years
Delivery: 100% online
Total Credits: 30 credits
Cost Per Credit: $1,195
Total Tuition Cost: $35,850

Operationalize the Best Cybersecurity Practices

High-profile data breaches, phishing scams and malware attacks have made cybersecurity a top priority for organizations. In addition to needing professionals with the technical acumen to identify and mitigate these threats, employers today need leaders who can implement long-term strategies and operate cybersecurity solutions.

The Master of Engineering in Cybersecurity Policy and Compliance (M.Eng.[CPC]) prepares graduates to lead cyber practices that anticipate dangers and proactively manage risks. With a unique blend of engineering and computer science courses, the multidisciplinary curriculum equips students with the foundational technical skills they need to understand cybersecurity best practices and create long-term cybersecurity strategies, obtain operational solutions, and take command of organizational reporting as it relates to regulatory agencies.

A Cybersecurity Curriculum for Tomorrow’s Threats

The online master’s in cybersecurity policy and compliance offers an engineering leadership-focused course of study. Graduates will be able to gain the foundational technical knowledge necessary to understand cyber risks and make actionable recommendations for mitigating the damage caused by data breaches and other detrimental events.

The curriculum explores the complex intersections between policy, business and technology. As a result, students become familiar with industry-recognized frameworks and methodologies as they train to take charge in the fast-paced world of information security.

Graduates will be well-equipped to pursue or advance in a variety of cybersecurity careers and leadership roles, including compliance and information security managers, data protection officers and more.

Within the context of management and creating organizational policies and practices, the program introduces students to methods and industry best practices in:

  • Cryptography
  • Security systems
  • Algorithms
  • Software paradigms

The Master of Engineering in Cybersecurity Policy & Compliance is designed for IT and business professionals who are interested in taking the lead in how their organizations respond to cyber threats. It is accessible to professionals without a technical undergraduate degree; however, these applicants should have experience working in technical roles or in a related field dealing significantly with cybersecurity (e.g., security software services).

Admissions Requirements

Ideal candidates for the cybersecurity policy and compliance program will meet the following requirements:

  • Bachelor’s degree from an accredited institution.
  • Minimum GPA of B- (2.7 on a 4.0 scale) or higher.
    • Applicants with less than a 2.7 GPA are welcome to apply and may be accepted conditionally based on a holistic review of application materials.
  • Note: GW considers a candidate’s entire background when reaching an admission decision. Applicants who do not meet these requirements may still be eligible for admission on a case-by-case basis after an evaluation of academic records. Please contact an admissions counselor for more information.

Application Materials

To expedite our review of your application for admission, please order your official transcripts and prepare all other materials to submit at the same time as your application. All supporting material must be submitted no later than 45 days from the date of application or the application deadline for the semester for which you are applying.

Complete application packets include:

  • Completed Application
    There is no application fee for this program. When completing the application form, you will also need to upload your resume and statement of purpose.

    • Resume or CV: Upload your up-to-date resume or C.V.
    • Statement of Purpose: In 250 words or less, state your purpose in undertaking graduate study at the George Washington University. Describe your academic objectives, research interests and career plans; present your related qualifications including collegiate, professional and community activities and any other substantial accomplishments not previously mentioned.
  • Official Transcripts: Official transcripts are required from all institutions attended to complete the application packet. More information on transcript requirements can be found on the transcript policy page.
  • Letters of Recommendation: Three letters of recommendation are required for admission. At least two of these letters must come from a professional reference. Please download the letter of recommendation form, fill out the top portion and email the form to the individual providing the recommendation. A letter of recommendation is only considered official when it is sent from the individual providing the recommendation and delivered directly to an admissions counselor via email at or via fax at (888) 245-5409. Submissions directly from applicants will not be accepted.
  • GRE Scores: GRE scores are recommended.

If you’re applying from outside the U.S., please see international student admissions information for additional requirements.

Transfer Credit

Academic credit earned at another institution will not be transferred into any online graduate program offered through the Online Engineering Programs.


The Master of Engineering in Cybersecurity Policy and Compliance program offers a curriculum with a blend of management, cybersecurity and computer science courses. The program equips graduates with foundational technical skills while honing in on management and leadership acumen, to prepare them for effective decision-making within their organizations and strategize successful operational responses to cyberthreats.

The online format offers the advantage of synchronous or asynchronous delivery, allowing students the flexibility to study when and where it works best for their situations. While students are encouraged to attend and participate, all live lectures are recorded and can be viewed at a later time if needed.

M.Eng Cybersecurity Policy and Compliance Required Courses

Overview of cybersecurity and privacy, including cryptography, authentication, malware, viruses, network security, anonymity, privacy and online privacy, risk management. Common cyberattacks and techniques for detection and defense. Policy and legal perspectives for managing cybersecurity missions supporting the private sector and government. Cyber technologies as applied to the stability of global information and communications infrastructure; government cybersecurity policies.
Relationship between security strategic plan and business strategic plan. Mobile Device Solutions (MDS) to access enterprise corporate data. Bring Your Own Device (BYOD) paradigm. Mobile Device Management (MDM) best practices, policies, network controls to identify countermeasures and risk mitigation strategies against common threats. Overview of mobile security solutions for classified processing and communications. Prerequisite: CSCI 6012.
Roles, issues and impacts of computer-based information systems in national and international arenas, focusing on privacy, equity, freedom of speech, intellectual property and access to personal and governmental information. Professional responsibilities, ethics and common and best practices in information use.
Information assurance policies and standards in the federal government as mandated by legislation; security processes following NIST standards; technical tests and validation methods used in the federal government; review of federal threats and vulnerabilities; and government positions in information assurance.
Security and privacy issues in cloud computing systems. Confidentiality, integrity and availability of data and computations. Examination of cloud computing models, threat models, outsourcing and security issues. Practical applications of secure cloud computing.
Development and management of effective security systems. Includes information, personnel and physical security. Emphasis on risk analysis for information protection.
Cybersecurity threats and other risks to an organization’s core business relative to people, processes, data, facilities, technology. Risk-based planning and risk management of cybersecurity at the enterprise level. Creating risk assessment and modeling approaches to cybersecurity issues that enable an enterprise to build security structures, sustain healthy cybersecurity posture, satisfy compliance with risk frameworks such as NIST’s. Prerequisite: EMSE 6540.
Advanced topics in protection of information assets and systems, including authentication, asset control, security models and kernels, physical security, personnel security, operational security, administrative security, security configuration management and resource control. Prerequisite: EMSE 6540.
Methods for detecting problems with unauthorized activity in information systems and management challenges associated with those activities. Prerequisite: EMSE 6540
Legal issues regarding information security actions related to and in response to criminal activity, including industrial espionage, back-hacking, cracking and cyberterrorism. Transnational issues, cybercrime treaties and conventions and cyberwar issues.

Program Learning Objectives

GW faculty and other industry experts have collaborated to create a master’s program in cybersecurity policy and compliance which meets the challenge of constantly evolving global threats. The curriculum is designed to ensure graduates can:

  • Analyze cyber incident forensics; forecast cyberattacks using predictive analytics modeling; and devise specific, actionable solutions that exceed traditional IT practices to emphasize cyber intelligence and mitigate risk by managing threat vulnerabilities.
  • Formulate cybersecurity policies by developing cybersecurity situational awareness procedures, identifying laws and applying processes to safeguard sensitive data while sustaining enterprise operations.
  • Design an organization’s mobility solution that integrates mobile device management with industry best practices.