Cybersecurity Policy & Compliance

Master of Engineering in Cybersecurity Policy and Compliance: Program Quick Facts

Operationalize the Best Cybersecurity Practices

Cybersecurity has ascended to a critical concern for organizations. In today's digital landscape, data breaches, phishing, and malware are rampant. Organizations are in pursuit of professionals who not only possess the technical expertise to confront and alleviate these cyber threats but also the leadership capabilities to devise and sustain overarching cybersecurity strategies and manage complex cybersecurity infrastructures.

The M.Eng. in Cybersecurity Policy and Compliance is a program designed to forge leaders capable of  navigating the cybersecurity realm, equipped to preemptively tackle potential threats and adeptly handle risk management. The program's interdisciplinary approach, merging engineering with computer science, provides students with the essential technical knowledge to grasp and apply cybersecurity best practices, develop comprehensive strategies for the long term, implement effective operational solutions, and oversee compliance with regulatory standards.

A Cybersecurity Curriculum for Tomorrow’s Threats

The Master of Engineering in Cybersecurity Policy & Compliance is designed for IT and business professionals who are interested in taking the lead in how their organizations respond to cyber threats. It is accessible to professionals without a technical undergraduate degree; however, these applicants should have experience working in technical roles or in a related field dealing significantly with cybersecurity (e.g., security software services).

The master's degree in cybersecurity policy and compliance, concentrates on cultivating engineering leadership, equipping graduates with the necessary technical foundation to comprehend cyber risks and formulate and implement strategies to reduce the impact of data breaches and similar incidents.

This program delves into the intricate relationship between policy, business, and technology, preparing students with a solid grasp of recognized industry frameworks and methodologies essential for leading roles in the dynamic sector of information security.

Upon completion, graduates will be prepared to step into various cybersecurity and leadership positions, such as compliance and information security managers or data protection officers. The program imparts knowledge in critical areas including cryptography, security systems, algorithms, and software paradigms, targeting IT and business professionals aiming to spearhead cybersecurity initiatives within their organizations. Although designed for all professionals, those without a technical degree are expected to bring relevant technical experience or exposure to cybersecurity in their professional background.

Admissions Requirements

Ideal candidates for the cybersecurity policy and compliance program will meet the following requirements:

• Bachelor’s degree from an accredited institution.
• Minimum GPA of B- (2.7 on a 4.0 scale) or higher.
  • Applicants with less than a 2.7 GPA are welcome to apply and may be accepted conditionally based on a holistic review of application materials.
• Note: GW considers a candidate’s entire background when reaching an admission decision. Applicants who do not meet these requirements may still be eligible for admission on a case-by-case basis after an evaluation of academic records. Please contact an admissions counselor for more information.

Application Materials

To expedite our review of your application for admission, please order your official transcripts and prepare all other materials to submit at the same time as your application. All supporting material must be submitted no later than 45 days from the date of application or the application deadline for the semester for which you are applying.

Complete application packets include:

• Completed Application
  There is no application fee for this program. When completing the application form, you will also need to upload your resume and statement of purpose.
  • Resume or CV: Upload your up-to-date resume or C.V.
  • Statement of Purpose: In 250 words or less, state your purpose in undertaking graduate study at the George Washington University. Describe your academic objectives, research interests and career plans; present your related qualifications including collegiate, professional and community activities and any other substantial accomplishments not previously mentioned.
• Official Transcripts: Official transcripts are required from all institutions attended to complete the application packet. More information on transcript requirements can be found on the transcript policy page.
• Letters of Recommendation: Three letters of recommendation are required for admission. At least two of these letters must come from a professional reference. Please download the letter of recommendation form, fill out the top portion and email the form to the individual providing the recommendation. A letter of recommendation is only considered official when it is sent from the individual providing the recommendation and delivered directly to an admissions counselor via email at [email protected] or via fax at (888) 245-5409. Submissions directly from applicants will not be accepted.
• GRE Scores: GRE scores are recommended.

If you’re applying from outside the U.S., please see international student admissions information for additional requirements.

Transfer Credit

Academic credit earned at another institution will not be transferred into any online graduate program offered through the Online Engineering Programs.

Curriculum

The Master of Engineering in Cybersecurity Policy and Compliance program is comprised of an interdisciplinary curriculum that merges management principles with cybersecurity and computer science. It is designed to give graduates a solid technical foundation and develop their managerial and leadership skills, enabling them to make informed decisions and craft strategic operational plans against cyber threats.

The program offers the choice of synchronous or asynchronous learning, affording students the convenience to tailor their study schedule to fit their individual needs. Although active participation is recommended for a more engaging experience, the program ensures flexibility by recording all live lectures for students to access at their convenience.

M.Eng Cybersecurity Policy and Compliance Required Courses

CSCI 6012 Cybersecurity and Privacy

Overview of cybersecurity and privacy, including cryptography, authentication, malware, viruses, network security, anonymity, privacy and online privacy, risk management. Common cyberattacks and techniques for detection and defense. Policy and legal perspectives for managing cybersecurity missions supporting the private sector and government. Cyber technologies as applied to the stability of global information and communications infrastructure; government cybersecurity policies.

CSCI 6013 Security in Mobile Computing

Relationship between security strategic plan and business strategic plan. Mobile Device Solutions (MDS) to access enterprise corporate data. Bring Your Own Device (BYOD) paradigm. Mobile Device Management (MDM) best practices, policies, network controls to identify countermeasures and risk mitigation strategies against common threats. Overview of mobile security solutions for classified processing and communications. Prerequisite: CSCI 6012.

CSCI 6532 Information Policy

Roles, issues and impacts of computer-based information systems in national and international arenas, focusing on privacy, equity, freedom of speech, intellectual property and access to personal and governmental information. Professional responsibilities, ethics and common and best practices in information use.

CSCI 6534 Information Security in Government

Information assurance policies and standards in the federal government as mandated by legislation; security processes following NIST standards; technical tests and validation methods used in the federal government; review of federal threats and vulnerabilities; and government positions in information assurance.

ECE 6132 Secure Cloud Computing

Security and privacy issues in cloud computing systems. Confidentiality, integrity and availability of data and computations. Examination of cloud computing models, threat models, outsourcing and security issues. Practical applications of secure cloud computing.

EMSE 6540 Management of Information and Systems Security

Development and management of effective security systems. Includes information, personnel and physical security. Emphasis on risk analysis for information protection.

EMSE 6542 Cybersecurity Risk Management and Compliance

Cybersecurity threats and other risks to an organization’s core business relative to people, processes, data, facilities, technology. Risk-based planning and risk management of cybersecurity at the enterprise level. Creating risk assessment and modeling approaches to cybersecurity issues that enable an enterprise to build security structures, sustain healthy cybersecurity posture, satisfy compliance with risk frameworks such as NIST’s. Prerequisite: EMSE 6540.

EMSE 6543 Managing the Protection of Information Assets and Systems

Advanced topics in protection of information assets and systems, including authentication, asset control, security models and kernels, physical security, personnel security, operational security, administrative security, security configuration management and resource control. Prerequisite: EMSE 6540.

EMSE 6544 Auditing, Monitoring and Intrusion Detection for Information Security Managers

Methods for detecting problems with unauthorized activity in information systems and management challenges associated with those activities. Prerequisite: EMSE 6540

EMSE 6546 Cybercrime for Information Security Managers

Legal issues regarding information security actions related to and in response to criminal activity, including industrial espionage, back-hacking, cracking and cyberterrorism. Transnational issues, cybercrime treaties and conventions and cyberwar issues.

Program Learning Objectives

The GW master's program in cybersecurity policy and compliance, developed through a collaboration of university faculty and industry veterans, addresses the dynamic nature of global cybersecurity threats. The program is structured to empower graduates with the ability to:

• Conduct detailed forensic analyses of cyber incidents, utilize predictive analytics to anticipate cyberattacks, and create targeted, effective responses that go beyond conventional IT methods, focusing on cyber intelligence and risk mitigation through the management of threat vulnerabilities.
• Develop robust cybersecurity policies by establishing cybersecurity situational awareness protocols, recognizing relevant laws, and implementing strategies to protect sensitive information while maintaining organizational operations.
• Architect comprehensive mobile strategies for organizations, incorporating mobile device management with recognized industry standards and practices.