Skip to Content

M.Sc. CYBERSECURITY

The MSc in Cybersecurity offers core and elective courses in key security domains, with thesis and non-thesis options.


 

Program Overview

 

The Master of Science (MSc) in Cybersecurity program provides a comprehensive exploration of key domains within the cybersecurity field. Through five core courses, students acquire foundational knowledge in network security, applied cryptography, penetration testing, incident response, and information security governance. Elective courses offer opportunities to specialize in high-demand areas such as cloud security, IoT security, AI in cybersecurity, and cybersecurity management. Students may pursue either a thesis or a non-thesis path to complete the degree requirements.

 

 Core Courses

All students must complete the following five core courses: 

Course Title

Credit Hours

Estimated Learning Hours

Prerequisites

Network Security Fundamentals

3

90

None

Applied Cryptography

3

90

None

Ethical Hacking and Penetration Testing

3

90

Network Security Fundamentals

Digital Forensics and Incident Response

3

90

Network Security Fundamentals

Information Security Management and Governance

3

90

None

1.      Network Security Fundamentals

 

Course Content


This course examines the foundational principles of securing computer networks. It introduces students to underlying network architectures and protocols, including TCP/IP, HTTP, DNS, and SMTP, while emphasizing common vulnerabilities and methods of attack such as distributed denial-of-service (DDoS) and man-in-the-middle exploits. Students learn how to configure essential security controls such as firewalls, intrusion detection systems, and virtual private networks. They also become familiar with the process of evaluating different network setups and identifying methods to harden them against intrusion.

 





Learning Outcomes


By the end of this course, students should be able to explain the architecture and operation of network protocols, identify and categorize a variety of network-based attacks, configure basic network security controls to mitigate threats, and critically assess the security posture of different network environments.

2.      Applied Cryptography

 

Course Content


This course focuses on the principles and practical applications of cryptographic mechanisms that protect data in modern computing environments. Topics include symmetric and asymmetric encryption algorithms, hashing functions, digital signatures, public key infrastructures, and cryptographic protocols such as TLS/SSL. Students explore algorithms like AES, DES, RSA, and ECC, developing an understanding of how cryptographic methods secure data at rest and in transit. The course also addresses key management considerations, certificate authorities, and the strengths and vulnerabilities of each cryptographic technique.





Learning Outcomes


Upon completing this course, students will be able to articulate the foundational concepts of symmetric and asymmetric cryptography, implement various encryption and hashing algorithms to secure information, analyse the suitability of cryptographic protocols for different scenarios, and evaluate digital signature mechanisms as part of an overall security strategy.


3.      Ethical Hacking and Penetration Testing

 

Course Content


In this course, students learn how to proactively identify system and network vulnerabilities through ethical hacking and penetration testing methodologies. They explore the legal and ethical implications of conducting penetration tests and study a range of tools and techniques used for reconnaissance, scanning, exploitation, and post-exploitation activities. Practical exercises in controlled laboratory settings enable students to simulate real-world cyberattacks on virtualized systems and then document their findings comprehensively.





Learning Outcomes

By the end of this course, students will have the ability to conduct structured penetration tests within legal and ethical boundaries, use industry-standard security tools to discover and exploit vulnerabilities, produce detailed reports on discovered weaknesses, and recommend remediation strategies to strengthen system defences.

 ​

4.      Digital Forensics and Incident Response

 

Course Content


This course prepares students to investigate security incidents and conduct digital forensic analyses. It addresses proper evidence collection, preservation, and interpretation in alignment with legal standards. Students examine the incident response lifecycle, including strategies for detection, containment, eradication, and recovery. Case studies and practical exercises demonstrate how forensic tools are used to analyse compromised systems, track malicious activities, and reconstruct the events surrounding a breach.

 




Learning Outcomes

After completing this course, students will know how to systematically respond to cybersecurity incidents, follow established legal and ethical guidelines for handling evidence, utilize forensic tools to uncover critical details from compromised devices, and formulate effective incident response plans that mitigate future risks.

5.      Information Security Management and Governance

 

Course Content


This course introduces the core principles of information security management and governance practices that organizations use to protect sensitive data. Students learn about risk assessment, policy development, and regulatory compliance as they craft strategies to align security measures with business objectives. Topics include internationally recognized frameworks for information security, business continuity, disaster recovery planning, and the creation of a security-aware culture among employees.




Learning Outcomes

Upon completing this course, students will be able to devise comprehensive information security policies, conduct systematic risk assessments, propose effective risk mitigation measures, demonstrate familiarity with relevant laws and standards, and contribute to the governance and oversight of an organization’s cybersecurity efforts.

Elective Courses
 

Students must choose at least four electives from the following specialization areas. Each course offers in-depth coverage of advanced topics to cater to diverse career goals.

 

Specialization Area

Course Title

Credit Hours

Estimated Learning Hours

Prerequisites

Cloud Security

Cloud Security Architecture and Implementation

3

90

Network Security Fundamentals

Cloud Security

Advanced Topics in Cloud Security

3

90

Cloud Security Architecture and Implementation

IoT Security

Internet of Things (IoT) Security and Privacy

3

90

Network Security Fundamentals

IoT Security

Securing Industrial IoT and Cyber-Physical Systems

3

90

Internet of Things (IoT) Security and Privacy

AI in Cybersecurity

Artificial Intelligence (AI) for Cybersecurity

3

90

None (Programming background recommended)

AI in Cybersecurity

AI-Powered Threat Analysis and Intelligence

3

90

Artificial Intelligence (AI) for Cybersecurity

Cybersecurity Management

Cybersecurity Risk Management and Compliance

3

90

Information Security Management and Governance

Cybersecurity Management

Cybersecurity Leadership and Strategy

3

90

Information Security Management and Governance

1.      Cloud Security Architecture and Implementation

 

Course Content


This course addresses the unique security challenges in cloud computing environments by examining various deployment models such as IaaS, PaaS, and SaaS. Students learn how security responsibilities are divided between cloud providers and their customers under the shared responsibility model. They also explore methods for configuring identity and access management, implementing encryption for data at rest and in transit, and setting up comprehensive monitoring and logging. Real-world case studies illustrate best practices for securing compute, storage, and networking services in public and hybrid clouds.




Learning Outcomes

By the end of this course, students should be able to differentiate between common cloud service models, apply relevant security controls for identity and access management, design secure approaches for data protection in cloud environments, and analyse cloud-based security incidents from an architectural perspective.

 ​

2.      Advanced Topics in Cloud Security

 

Course Content


This course delves into complex issues surrounding serverless architectures, container security, and advanced threat detection in the cloud. Students explore the forensic techniques required to investigate security incidents across virtualized and serverless environments. They also learn how to automate security functions and orchestrate responses using cloud-native tools. Through projects and applied research, students assess container orchestration platforms like Kubernetes for potential vulnerabilities, practice secure configurations, and simulate sophisticated attack scenarios to enhance their defensive capabilities.



Learning Outcomes

Upon course completion, students will be able to secure serverless and containerized applications in a cloud environment, perform cloud forensics for complex breaches, implement security automation strategies, and evaluate cutting-edge technologies for detecting and responding to cloud-based threats.

3.      Internet of Things (IoT) Security and Privacy

 

Course Content


This course examines the security and privacy implications of deploying IoT devices that operate through diverse communication protocols. It covers the unique architectures of IoT ecosystems, including how MQTT and CoAP enable device-to-device and device-to-cloud communications. Students investigate widespread vulnerabilities, analyse real-world IoT attack methods, and practice configuring firmware and network controls to secure edge devices. The course includes discussions on regulatory and ethical dimensions of IoT, emphasizing how large-scale adoption can expose personal data to privacy risks.




Learning Outcomes

By the end of the course, students will understand the architectural and protocol-level underpinnings of IoT systems, identify vulnerabilities specific to IoT devices and networks, propose technical and policy-based interventions to safeguard data, and articulate the privacy concerns that arise from connecting everyday objects to the internet.

4.      Securing Industrial IoT and Cyber-Physical Systems

 

Course Content


This course focuses on Industrial IoT (IIoT) and cyber-physical systems that underpin critical infrastructure. It addresses how legacy systems, such as SCADA and ICS, can converge with modern network technologies in operational technology (OT) environments. Students learn techniques to evaluate and mitigate risks in these high-stakes settings, including the use of intrusion detection and prevention systems designed for OT networks. Case studies provide examples of past intrusions and highlight best practices for creating secure remote access, safeguarding industrial protocols, and ensuring business continuity.



Learning Outcomes

Upon completing this course, students will understand the specialized security requirements of industrial and critical infrastructure environments, apply cybersecurity principles to protect IIoT and OT networks, evaluate risks and vulnerabilities introduced by convergent IT-OT systems, and propose robust approaches to secure large-scale industrial deployments.

5.      Artificial Intelligence (AI) for Cybersecurity

 

Course Content


This course explores how artificial intelligence and machine learning can augment cybersecurity defences. Students gain a conceptual and practical understanding of AI techniques, including supervised and unsupervised learning methods for anomaly detection, malware classification, and predictive vulnerability assessments. They also study the challenges posed by AI-driven attacks, along with ethical considerations and potential biases in AI models. Practical assignments require students to implement basic machine learning algorithms for security applications and analyse their performance on real or simulated data sets.



Learning Outcomes

By the end of the course, students will be able to employ AI and machine learning techniques to identify unusual patterns in network traffic, automate threat intelligence gathering, evaluate the limitations of algorithmic approaches in detecting advanced attacks, and discuss the ethical and legal considerations involved in AI-driven security solutions.

6.      AI-Powered Threat Analysis and Intelligence

 

Course Content


Building on foundational AI concepts, this course introduces advanced techniques for processing and correlating large volumes of security data. Students learn to employ big data analytics, natural language processing, and predictive modelling to detect sophisticated cyber threats. They also examine how threat intelligence platforms aggregate and structure data from diverse sources, and they practice generating actionable insights for proactive defence. The course culminates in projects that simulate end-to-end threat analysis workflows, from data ingestion to real-time incident alerts.



Learning Outcomes

Upon course completion, students will be able to use AI and machine learning for advanced threat intelligence, build customized data pipelines for analysing security events, predict potential vulnerabilities or attack vectors, and convert raw data into comprehensive intelligence reports that inform strategic defensive measures.

7.      Cybersecurity Risk Management and Compliance

 

Course Content


This course provides a deep dive into risk management frameworks and industry-specific compliance requirements. Students examine approaches for identifying and assessing cybersecurity risks, including both qualitative and quantitative methods. They learn to develop and implement risk treatment strategies—such as mitigation, transference, or acceptance—and to align these strategies with organizational goals. The course also reviews major legal and regulatory frameworks, detailing how audits and certifications ensure compliance with standards like PCI DSS, SOX, and GDPR.



Learning Outcomes

By the end of the course, students will know how to apply formal risk management methodologies, execute detailed risk assessments, recommend well-founded responses to identified threats, and ensure organizational compliance with relevant cybersecurity laws and industry regulations.

8.      Cybersecurity Leadership and Strategy

 

Course Content


Focusing on the managerial aspects of cybersecurity, this course teaches students how to design strategies that protect organizational interests while supporting broader business objectives. Participants learn how to build and lead high-performing security teams, communicate risk effectively to executives and stakeholders, and cultivate an organizational culture that values security practices. Realistic simulations and team-based projects demonstrate how to respond to large-scale incidents, measure security performance over time, and coordinate with other business units to align technical defences with strategic goals.



Learning Outcomes

Upon completing this course, students will possess the skills to create and execute cybersecurity strategies that align with business priorities, oversee and mentor security teams, effectively present cybersecurity risks to senior leadership, and shape a workplace environment that prioritizes proactive security measures.

 

Graduation Requirements

 Students must complete 33 credit hours in total. This includes 15 credits from the five core courses and a minimum of 12 credits from elective courses. There are two options to fulfill the remaining 6 credits:

 1.       Non-Thesis Option: Students undertake one additional elective (3 credits) and a Capstone Project (3 credits).

 2.       Thesis Option: Students replace two electives with a Master’s Thesis (6 credits).

 In both options, the total credit requirement remains 33.