Skip to main content
M.S. in Cybersecurity

M.S. in Cybersecurity Program Information

Available online at Franklin University .

The Master of Science in Cybersecurity is designed to provide students with the theoretical and practical security skills required to meet the growing need for security knowledge as a standard business process. Graduates should be able to contribute immediately and make a positive impact in the workplace. The degree is intended for application immediately in the business world and covers a broad range of topics including cryptography, advanced network security, computer forensics and investigations, offensive security and ethical hacking, and security governance.

Curriculum & Course Descriptions

36 Semester Hours
Course Sequence (36 hours)
ISEC 610 - Information Assurance (4)
This course covers the fundamentals of security in the enterprise environment. Included are coverage of risks and vulnerabilities, threat modeling, policy formation, controls and protection methods, encryption and authentication technologies, network security, cryptography, personnel and physical security issues, as well as ethical and legal issues. This foundational course serves as an introduction to many of the subsequent topics discussed in depth in later security courses.
ISEC 620 - Software and App Security (4)
Today, software is at the heart of nearly every business from finance to manufacturing. Software pervades everyday life in expected places like phones and computers but also in places that you may not consider such as toasters, thermostats, automobiles, and even light bulbs. Security flaws in software can have impacts ranging from inconvenient to damaging and even catastrophic when it involves life-critical systems. How can software be designed and built to minimize the presence of flaws or mitigate their impacts' This course focuses on software development processes that identify, model, and mitigate threats to all kinds of software. Topics include threat modeling frameworks, attack trees, attack libraries, defensive tactics, secure software development lifecycle, web, cloud, and human factors.
ISEC 630 - Information Risk Management (4)
When audits, technology, or compliance become the driver for security initiatives the resulting program is strategically fragmented, reactive, and rigid. Moreover, there are few, if any, assurances that the biggest threats are being addressed. On the other hand, risk assessment places values on assets, evaluates the current controls, and provides data to improve the protection in a controlled, proactive, and flexible manner. This course teaches an approach to security that combines operational security, risk assessment, test and review and mitigation such that value can be demonstrated. A project-based approach to risk assessment is followed including, project definition and preparation, data gathering, technical information, physical data gathering, analysis, mitigation, recommendations, and reporting.
ISEC 640 - Cryptography (4)
The cryptographic primitives of enciphering/deciphering and hashing are the two main methods of preserving confidentiality and integrity of data at rest and in transit. As such, the study of cryptographic techniques is of primary interest to security practitioners. This course will cover the important principles in historical and modern cryptography including the underlying information theory, mathematics, and randomness. Important technologies such as stream and block ciphers, symmetric and asymmetric cryptography, public key infrastructure, and key exchange will be explored. Finally, hashing and message authentication codes will examined as a way of preserving data integrity.
ISEC 650 - Advanced Network Security (4)
Networks connecting disparate devices, services, and users have been among the most ubiquitous technologies that have led to the spectacular economic and technical success of the Internet. Today, networks seem to disappear, only to receive attention when they fail or are breached by attackers. While firewalls and virtual private networks are mainstays of network security, a strategy built on these alone is insufficient. This course covers a more comprehensive and systematic approach to network security including monitoring, incident response, forensics, virtualization and cloud, secure protocols, cryptography, and web services
ISEC 660 - Cybercrime, Ethics, and Privacy (4)
The prevalence of data breaches, identity theft, and the dark net today makes the study of digital cybercrime, ethics, and compliance highly relevant to information security. Laws related to intellectual property, privacy, and criminal and civil proceedings will be discussed. Ethical behavior and frameworks for navigating between customer and business concerns in the workplace are also emphasized.
ISEC 670 - Ethical Hacking (4)
When most people think of information security the images that come to mind are those of hackers: secretive people who, for political or profit motives, illegally break into computer systems to steal data or cause mayhem. While that kind of criminal element does exist, ethical hackers provide a needed service to organizations seeking to test and refine their security plans and technologies. This course takes an in-depth approach to ethical hacking including reconnaissance, scanning, vulnerability analysis, exploitation, and reporting. Students will employ current tools and methods in a hands-on approach that also prepares them for the Certified Ethical Hacker (CEH) exam.
ISEC 680 - Information Security Policy & Governance (4)
As organizations have fallen victim to the proliferation of cyberattacks in recent years, many have responded reactively, thereby developing a posture that "wins the previous war." However, regulations and laws are now necessitating a more proactive stance. Organizations that can develop an effective security strategy stand to gain as they balance business with security. This course is about leading organizations in developing an effective information security program via policies, frameworks, architecture, standards, organizational hierarchies, controls and metrics with the end goal being a proactive security posture tailored to the specific business needs.
ISEC 690 - Security Research and Capstone (4)
This course, the final one in the program, challenges students to research a current topic of interest in information security and produce an original paper and presentation on the topic. Alternately, students may complete a capstone project in which they engage a real-world client for the purpose of security assessment, governance, audit, testing, risk analysis, or remediation. The course will also cover current and emerging issues in information security and privacy. Complete course in final term of program.