Ready to Take the Next Step?

Request Info

Master of Science in Cyber Security Operations and Leadership Curriculum

The Master of Science in Cyber Security Operations and Leadership program course design includes 37.5 hours of core instructional time for each three-unit course. Additional homework, research, and study time will be required. Students are advised to spend 15-18 hours per week in each course in order to be successful.

The 31-unit MS-CSOL program consists of eleven courses – ten 3-unit courses and a 1-unit integrative capstone course. This 31-unit program can be completed in five semesters (20 months). You can start this program in any semester (fall, spring, or summer). Each semester is 14-weeks long and there are two 7-week courses offered. Students should ensure that their personal computers meet the following system requirements.

Program Learning Outcomes

The Master of Science in Cyber Security Operations and Leadership (MS-CSOL) focuses on three key aspects of leadership, in addition to the graduate learning outcomes shared across all of USD’s Master’s level programs.

  1. Cyber security strategy, and how to organize and set a strategic direction for an organization to best prepare itself for operations in a contested environment.
  2. Cyber security business services, including but not limited to acquisition, procurement, policy, human resources, and budgeting.
  3. Cyber security management, that focuses on decision making, trade-offs, requirements building, team building, leading, and other human factors not often taught in traditional programs.

In addition to cyber security leadership skills, students are taught theory and how to turn that theory into practice, gaining specific knowledge and skills in the areas of technology, law, policy, compliance, governance, intelligence, incident response, and management. The program places significant emphasis on immersive experiences, which gives students the real-world exposure they need to be truly effective in the field.

Program Courses

3 units

CSOL 500

Foundations of Cyber Security

Foundations of Cyber Security

This course will provide an overview and fundamental understanding to the concepts essential to the cyber security professional.  Students will understand how to categorize and value organizational assets, and how to mitigate risk to these resources. Within this context, students will be introduced to various types of security policies, understand how security controls must follow the policy, and the application of security controls to enforce policy.  We will explore how cyber security policy can be enforced in the operating system, in software development, in networks, and through various mechanisms such as cryptography.  Student will engage with the concept incident response, and the process of handling a breach including investigation and forensics.  Finally, students will learn the roles leaders can play in enhancing, supporting, and promoting cyber security in organizations.

 

It is vitally important for students to have both a conceptual understanding of cyber security and applied practice.  Therefore, this course will have a significant hands-on element that will introduce students to a plethora of cyber security tools and allow them to immerse themselves in cyber security operations.  We will explore basic cyber security scripting utilizing Python; threat analysis; vulnerability assessment; traffic analysis, encryption; penetration testing; and several other topics.

3 units

CSOL 510

Applied Cryptography

Applied Cryptography

This course will provide in introduction to modern applied cryptographic theory and practice, and how cryptography is used to support information security missions. It will be based upon open literature discussions that are most similar or applicable to advanced multi-level security systems and military grade defenses.

3 units

CSOL 520

Secure Systems Architecture

Secure Systems Architecture

This course will introduce the student to the importance of security architecture design in enterprise security.  Security architecture frameworks will then be used to explore and develop information system security architectures.  Students will be presented with a structured approach to the steps and processes involved in developing security architectures.  Also considered will be how major organizational issues likely to be encountered can be resolved.

3 units

CSOL 530

Cyber Security Risk Management

Cyber Security Risk Management

This course is an introduction to risk management as the principles and practices pertain to the cyber domain. Topics include an overview of traditional risk management processes, requirements, objectives and tools. The course also covers the NIST-driven Risk Management Framework (RMF) – the current US national guidance on Cyber Security standards and practices – and will include overviews of DITSCAP/DIACAP as background reference to previous government/defense efforts in Cyber Certification and Accreditation and their influence on current cyber security practices.

3 units

CSOL 540

Cyber Security Operational Policy

Cyber Security Operational Policy

This course will provide an understanding of the concept of policy in information security. Students will explore the types of policy that are part of an overall security strategy, from policy that determine rules and best practices, to those which drive computer security, including discretionary access control, mandatory access control, and role-based access control types of policies, and how these are used in organizations. Through this course, students will understand the basic elements of policy construction.

3 units

CSOL 550

Management and Cyber Security

Management and Cyber Security

The course will be taught around a set of established engineering, economic and management processes and practices to fill a gap in planning for improved cyber security within organizations. Students will understand the role of management and leadership in mitigating threat and achieving organizational goals in information protection. The course will provide an overview of audit, compliance, and regulation, and how cyber can affect the legal responsibility and liability for business. It will demonstrate how to construct effective continuity and disaster recovery plans, as well as exploring acquisition and procurement of technology with security in mind. Students will understand economic factors surrounding cyber security, as well as how to build effective teams and lead in contested cyber environments.

3 units

CSOL 560

Secure Software Design and Development

Secure Software Design and Development

This course will provide an in-depth study of the principals and tenets of the design and development process of secure software used to provide enhanced cyber security. It will review the traditional models of software development, with the idea that a developer or project manager must strategize for security before starting development. Students will understand how to gather and plan for security requirements in development. The course will explore how vulnerabilities can be mapped and planned for. Students will understand how to run an effective development process, culminating with implementation, and how to review and test software. Finally, the course will introduce the concept of software assurance and its role in the cyber security paradigm.

3 units

CSOL 570

Network Visualization and Vulnerability Detection

Network Visualization and Vulnerability Detection

The course will introduce the concept and principles of network security. It will provide a conceptual construct of how to think about securing networks, how to translate this into basic architectural design, and then a survey of some component level considerations. It will then move into deeper investigation of specific topics in network security, including: network visualization, network analysis, perimeter defense strategies, network monitoring, vulnerability detection, and security in mobile and wireless environments. Within this context, students will understand how to apply the various pieces/topics into a cohesive network security strategy.

3 units

CSOL 580

Cyber Intelligence

Cyber Intelligence

This course will present and discuss how information superiority and information dominance is key to influencing operations associated with establishing and maintaining cyber security.  Topics include overview of current and historical intelligence efforts and how those processes in various domains (human, electronic, digital) apply to cyber operations and security.  Course specifically includes exploitation of “big data” and multi-format information collections (text, video, structured/unstructured) to support cyber situation awareness.  It will feature discussions of modern versus classic data collection methods and Intelligence examples from current events.

.

3 units

CSOL 590

Cyber Incident Response and Computer Network Forensics

Cyber Incident Response and Computer Network Forensics

This course will introduce the principles and general practice of incident response, including an overview to digital and network forensics.  It will define what constitutes an incident, what is meant by incident response, the attack lifecycle, and goals of incident response.  The course will discuss building an incident response team, the steps in the process, and preparing for incident response.  Students will understand the process of detecting and characterizing an incident, collecting and analyzing data, and the process of remediation.  The course will then provide a deeper dive into the practice digital forensics, specifically focusing on computer, mobile, network, and database forensics.  It will outline the investigative and analysis process, survey tools, digital evidence, and briefly touch on the law.

1 unit

CSOL 599

Capstone

Capstone

This course will be given at the end of the MS Cyber Security Operations and Leadership degree to bring the entire body of knowledge in cyber security into greater focus. Students will be given parts of a complete set of functional and design documentation for an enterprise-wide system. They will be asked over the course of the semester to perform an increasingly thorough security analysis of the system to identify security shortcomings and develop a detailed remediation plan. The analysis and plan must contain such features as a threat analysis, risk assessment, policy review, detailed security requirements, identification of mechanisms to satisfy the requirements, and a description of methods for assessing the effectiveness of the mechanisms.