Man working at a Computer Lab The Professor's Gate on the GWU Campus outdoor graduation ceremony at GWU soldier in uniform watching an online lesson on a tablet Informal stand-up meeting in a technology office space cherry blossoms surrounding a gazebo on the GWU Campus

Curriculum

The Master of Engineering in Cybersecurity Policy and Compliance program offers a curriculum with a blend of management, cybersecurity and computer science courses. The program equips graduates with foundational technical skills while honing in on management and leadership acumen, to prepare them for effective decision-making within their organizations and strategize successful operational responses to cyberthreats.

M.Eng Cybersecurity Policy and Compliance Required Courses

CSCI 6012 Cybersecurity and Privacy

Overview of cybersecurity and privacy, including cryptography, authentication, malware, viruses, network security, anonymity, privacy and online privacy, risk management. Common cyberattacks and techniques for detection and defense. Policy and legal perspectives for managing cybersecurity missions supporting the private sector and government. Cyber technologies as applied to the stability of global information and communications infrastructure; government cybersecurity policies.

CSCI 6532 Information Policy

Roles, issues and impacts of computer-based information systems in national and international arenas, focusing on privacy, equity, freedom of speech, intellectual property and access to personal and governmental information. Professional responsibilities, ethics and common and best practices in information use.

EMSE 6540 Management of Information and Systems Security

Development and management of effective security systems. Includes information, personnel and physical security. Emphasis on risk analysis for information protection.

CSCI 6013 Security in Mobile Computing

Relationship between security strategic plan and business strategic plan. Mobile Device Solutions (MDS) to access enterprise corporate data. Bring Your Own Device (BYOD) paradigm. Mobile Device Management (MDM) best practices, policies, network controls to identify countermeasures and risk mitigation strategies against common threats. Overview of mobile security solutions for classified processing and communications. Prerequisite: CSCI 6012.

CSCI 6534 Information Security in Government

Information assurance policies and standards in the federal government as mandated by legislation; security processes following NIST standards; technical tests and validation methods used in the federal government; review of federal threats and vulnerabilities; and government positions in information assurance.

ECE 6132 Secure Cloud Computing

Security and privacy issues in cloud computing systems. Confidentiality, integrity and availability of data and computations. Examination of cloud computing models, threat models, outsourcing and security issues. Practical applications of secure cloud computing.

EMSE 6542 Cybersecurity Risk Management and Compliance

Cybersecurity threats and other risks to an organization’s core business relative to people, processes, data, facilities, technology. Risk-based planning and risk management of cybersecurity at the enterprise level. Creating risk assessment and modeling approaches to cybersecurity issues that enable an enterprise to build security structures, sustain healthy cybersecurity posture, satisfy compliance with risk frameworks such as NIST’s. Prerequisite: EMSE 6540.

EMSE 6543 Managing the Protection of Information Assets and Systems

Advanced topics in protection of information assets and systems, including authentication, asset control, security models and kernels, physical security, personnel security, operational security, administrative security, security configuration management and resource control. Prerequisite: EMSE 6540.

EMSE 6544 Auditing, Monitoring and Intrusion Detection for Information Security Managers

Methods for detecting problems with unauthorized activity in information systems and management challenges associated with those activities. Prerequisite: EMSE 6540.

EMSE 6546 Cybercrime for Information Security Managers

Legal issues regarding information security actions related to and in response to criminal activity, including industrial espionage, back-hacking, cracking and cyberterrorism. Transnational issues, cybercrime treaties and conventions and cyberwar issues.