Masters Degrees (Information Security)

The electronic handling of information is one of the defining technologies of our age. Enormous volumes of information are routinely stored and transmitted worldwide and most aspects of our daily lives would come to a halt should the information infrastructure fail.

However, with the benefits deriving from the ability to automatically manage so much information, come major threats to businesses, governments and individuals. These threats include possible fraud through information manipulation, deliberate damage to stored and transmitted information, and blackmail associated with the threat of damage.

The field of Information Security, namely the study of countermeasures to these real and serious threats, has grown up very rapidly in recent years. The subject embraces a range of technologies such as cryptography, computer security, and fraud detection, and also includes the study of how security can best be managed.

This advanced course is taught by the Information Security Group (ISG), and security experts from industry. It is designed to produce a comprehensive education in the technical, legal and commercial aspects of Information Security.

See the website https://www.royalholloway.ac.uk/isg/coursefinder/mscinformationsecurity.aspx

Why choose this course?

- This pioneering course was the first of its kind in the world. Our Information Security Group (ISG) was recognised in 1998 when the College was awarded a Queen’s Anniversary Prize for the ISG’s work. The citation read “This pioneering Group provides a unique national resource for the training of information security specialists and the development of highly secure communications and computer systems. It offers world-leading independent expertise in a field of crucial importance where trust and integrity are paramount.”

- As this course was the first of its kind, we consulted with more than 20 companies and Government departments to ascertain what they felt such a degree course should contain. Many of these organisations have maintained close links with the department and, in a typical year, you would benefit from lectures or seminars from up to 50 guest speakers.

- Having an offering that is up to date and relevant to potential employers is a key theme to all our activities. Therefore, in addition to our comprehensive syllabus and accompanying seminars, you will be offered some cutting-edge optional units.

- You will have access to virtualization software from the ISG Lab in which you can experiment with network security settings and concepts introduced in these units. As well as the general purpose lab, there is also a Penetration Testing Laboratory and the Smart Card Centre where specialist equipment and tools may be accessed for those who may be undertaking a practical project in these areas.

- The ISG also recognises the standing of the CISSP qualification in the workplace. As a result we have established an arrangement with (ISC)2 whereby you will attend an intensive two-day CISSP revision course at Royal Holloway and then sit the associated exam on campus.

- Our cryptographers have close links with Bletchley Park and many students visit that historic site during their studies.

Department research and industry highlights

The ISG is an interdisciplinary research group conducting internationally-leading research in all areas of information security:

- device and system security (including security of portable devices, smart cards, smart tokens and embedded systems)

- protection of evolving networks (including wireless, mobile, ad hoc and ubiquitous networks)

- trusted computing

- security infrastructure provision (including protection of critical national infrastructure and grid security)

- socio-technical studies in information security (including both organisational information security research and sociological research in the wider "Information Society" context)

- application security (including identity management and software security)

- fundamental security technologies (including cryptography, cryptographic protocols, and authentication technologies).

Our breadth of coverage, coupled with our size, distinguished educational and academic track record, and long-standing and deep engagement with industry, makes the ISG a unique research group in the UK.

On completion of the course graduates will have a solid foundation in:
- the essential concepts, methods and approaches of information security

- the main security issues in the development of digital business activities

- the technical, legal and commercial issues that need to be addressed when assessing the information security needs of an organisation

- the organisational and personal issues that need to be addressed when implementing information security within an organisation

- the potential sources of vulnerability within an information system and the possible implications of failing to counter these with adequate security controls

- the appropriate countermeasures to information security threats and the likely implications of their adoption

- the relevance and impact of new developments in information security threats, technologies and controls.

Assessment

Assessment is carried out by written examinations (in the four core and two elective units) and by completing the MSc Project.

Employability & career opportunities

Our graduates are highly employable and, in recent years, have entered many different information security-related areas, including banking, telecommunications, large security consultancies, public utilities, and the retail sector. This taught Masters course also equips postgraduate students with a solid foundation for continued PhD studies.

How to apply

Applications for entry to all our full-time and postgraduate degrees (campus based courses) are made on the Royal Holloway admissions webpages https://www.royalholloway.ac.uk/studyhere/postgraduate/applying/howtoapply.aspx .

Read less

Protecting digital information from unauthorised access and use, and ensuring the resilience of the underlying network infrastructure and systems, are key challenges for the continued technological development of our society.

The science behind our Information Security MSc connects various disciplines; from computer science, electronic engineering and mathematics, to design concepts, mechanisms and technologies for effective protection of digital information, communication infrastructures and computing systems.

Focused on key information security concepts, mechanisms and technologies, our programme examines fundamental and advanced topics in important areas of modern information security, striving to achieve a balance between theoretical foundations and practical experience.

Programme structure

This programme is studied full-time over one academic year and part-time over three academic years. It consists of eight taught modules and a dissertation.

Example module listing

The following modules are indicative, reflecting the information available at the time of publication. Please note that not all modules described are compulsory and may be subject to teaching availability and/or student demand.

• Dissertation 
• Information and Network Security 
• Symmetric Cryptography 
• Asymmetric Cryptography 
• Information Security Management
• Multimedia Security and Digital Forensics 
• Secure Systems and Applications 
• Information Security for Business and Government
• Project Management and Business Strategy
• Database Systems 
• Cloud Computing

Educational aims of the programme

The programme will:

• Provide students with advanced knowledge and understanding of information security theory and concepts
• Teach foundations and methods from several information security disciplines such as data security, network security, cryptography, formal security analysis, secure systems and web applications, multimedia security, digital forensics, privacy-enhancing technologies, and human-centred security
• Teach students to apply their knowledge of scientific methods and gained information security skills in practice through lab sessions and individual dissertation projects where students will be offered an opportunity to analyse, evaluate and interpret existing information security mechanisms and/or carry out their own research activities
• Support students in carrying out their own scientific investigation under the guidance and advice of their supervisor. Students will be able to identify information security problems and find suitable information security protection mechanisms based on their skills and relevant literature sources

Programme learning outcomes

Knowledge and understanding

Students will gain:

• Knowledge and understanding of the general information security aims and challenges
• Knowledge and understanding of technical and mathematical concepts and mechanisms for the protection of digital data and information
• Knowledge and understanding of technical concepts and mechanisms for securing network communications and infrastructures
• Knowledge and understanding of technical concepts and mechanisms for digital forensics
• Knowledge and understanding of technical concepts and mechanisms for the development of secure computing systems and applications
• The ability to critically evaluate information security mechanisms and technologies with respect to their functionality, security properties and application challenges
• The ability to implement or apply existing information security mechanisms and technologies in practice
• The ability to design, develop and analyse secure systems and applications by taking into account both technical and non-technical perspectives
• The ability to critically evaluate new ideas, develop own ideas and conduct supervised research in information security

Intellectual / cognitive skills

Students will leave the programme with the ability to:

• Analyse and solve problems of technical nature under consideration of various risks and constraints
• Make effective and efficient decisions in an environment of conflicting interests
• Think strategically 
• Synthesise and critically evaluate the work of others
• Apply fundamental knowledge to investigate new and emerging technologies
• Carry out an independent research investigation aiming to improve the state-of- the-art knowledge in the field

Professional practical skills

Students will gain the ability to:

• Come up with technical solutions to a range of problems
• Use concepts and theories to make judgements on the suitability of solutions, their advantages and disadvantages
• Implement mechanisms and apply them in a wider context of more complex systems
• Present their opinions and findings and to produce a high-quality report

Key / transferable skills

Students will have:

• The ability to communicate concepts and results in a clear and effective manner
• The time and resource management planning
• The ability to work with available resources, to collect and analyse research-oriented material

Global opportunities

We often give our students the opportunity to acquire international experience during their degrees by taking advantage of our exchange agreements with overseas universities.

In addition to the hugely enjoyable and satisfying experience, time spent abroad adds a distinctive element to your CV.

Read less

Gain a prestigious MSc in Information Security

by distance learning

A world renowned programme; the first of its kind in the world, this Information Security course looks at both technical and management aspects of cyber security and teaches you about technologies including cryptography, computer security, fraud detection, and digital forensics.

- You will gain cyber security skills for senior level careers by focusing on principles and issues, and you will learn how information security can best be managed.

- You will benefit from Royal Holloway’s wealth of research, expertise and practical consulting experience, which ensures that the degree is up to date and commercially relevant.

- You can study most modules on a stand alone basis and earn CPE credits. Students come from a variety of backgrounds, ranging from new graduates through to senior security managers in blue chip enterprises seeking a formal qualification in Information Security.

Hear from a graduate

“Achieving the Masters has significantly benefited my career in Information Security; previously, I provided specific technical advice to customers, but now, with the breadth and depth of knowledge gained during the MSc, I also deliver security strategy consulting to senior executives.” Paul Schwarzenberger, MSc Information Security

Prestige

The programme has been developed by academics within the Information Security Group (ISG) [external link] at Royal Holloway, University of London, one of the foremost academic security groups in the world.

ISG awarded Centre of Excellence status - Royal Holloway, University of London has been recognised for its world class research in the field of cyber security by UK intelligence agencies GCHQ.

The ISG is at the cutting edge of research into the design and evaluation of smart cards, electronic commerce, security management, mobile telecommunications security, and the integration of security techniques into specific applications. The ISG was awarded a Queen's Anniversary Prize in 1998 in recognition of it providing "a unique national resource for the training of information security specialists".

"A pioneering course that continues to provide students with the essential knowledge and understanding of information security, with many graduates going on to fill senior roles." Malcolm Marshall, Partner, KPMG.

Career progression

Graduates of the programme can be found in many organisations, ranging from large financial institutions to technology and research- oriented organisations, as well as security specialists. The MSc is also a foundation for further postgraduate research.

Continuing Professional Education (CPE)

You can study any of the compulsory core modules, plus the optional module 'Digital forensics', on a stand-alone basis and earn CPE credits. On successful completion of each module you will receive a University of London certificate.

Your time commitment

This programme is offered online, enabling you to fit your studies around work and family commitments. To complete in the minimum study period you will need to study 24 hours per week during the academic session (September-April). To complete the degree in four years, which is normal for those in full time employment, you will need to study about 12 hours per week over the academic session.

Excellent support

Fully supported by a Virtual Learning Environment, you will take part in online tutor-supported seminars and discussions; a virtual student cafe allows you to interact and network with other students.

Contact us

If you have any questions, please contact our Student Advice Centre.

Read less

The Information Security MSc offers a specialist programme designed to provide a fundamental understanding of information security and to convey practical engineering skills. There are good prospects for highly trained information security professionals and there is a shortage of trained personnel in this area.

Degree information

Students develop an advanced knowledge of information security and an awareness of the context in which information security operates in terms of safety, environmental, social and economic aspects. They gain a wide range of intellectual, practical and transferable skills, enabling them to develop a flexible professional career in IT.

Students undertake modules to the value of 180 credits. The programme consists of four core modules (60 credits), four optional modules (60 credits) and a research project (60 credits).

Core modules
-Computer Security I
-Computer Security II
-Introduction to Cryptography
-Research in Information Security

Optional modules - students choose four of the following:
-Distributed Systems and Security
-People and Security
-Applied Cryptography
-Information Security Management
-Language Based Security
-Philosophy, Politics and Economics of Security and Privacy
-Malware
-Cryptanalysis
-Cybercrime
-Privacy Enhancing Technologies
-Relevant options from other MSc degree programmes

Dissertation/report
All MSc students undertake an independent research project which culminates in a dissertation (maximum length of 120 pages) and an oral presentation.

Teaching and learning
The programme is delivered through a combination of lectures, seminars, problem classes, tutorials, laboratory classes and projects. Assessment is through written examinations, presentations, vivas, tests, coursework, written reports, formal presentations and the research project.

Careers

UCL graduates are keenly sought by the world's leading organisations. UCL Computer Science graduates are particularly valued as a result of the department's strong international reputation, strong links with industry, and ideal location close to the City of London. Our graduates secure careers in a wide variety of organisations, e.g. with global IT consultancies, as IT analysts with City banks, or as IT specialists within manufacturing industries.

Top career destinations for this degree:
-Risk IT RTB Support Administrator, Lloyds Banking Group
-Technical Analyst, The Royal Bank of Scotland (RBS)
-IT Lead Developer, MOVE Guides
-Software Developer, Oracle
-Cisco Certified Network Associate (CCNA) Routing and Switching, Cisco

Employability
Some of the brightest alumni of the degree go on to careers in academia. The majority of our students take jobs in the software and consultancy industries, usually in a security-related role such as security standards compliance, secure software design or security consultancy. Students have the opportunity to do industrially based projects with companies such as BT and McAfee. The department is recognised as an academic centre of excellence on cyber security and further opportunities to expand both academic and industrial contacts occur through the ACE-CS guest lecture series integrated into the course.

Why study this degree at UCL?

UCL Computer Science is recognised as a world leader in teaching and research, and was one of the top-rated departments in the UK government's recent Research Excellence Framework.

This MSc is taught by academics who conduct world-leading research, most notably in cryptography and human-centred approaches to security, privacy and trust. Access to industry-led projects and guest lecturers from academia and industry will enhance post-graduation opportunities for careers in security-related research, or employment in cyber security roles. Students from the degree won the first UK Cyber Security Challenge in code cracking in 2013.

UCL's central London location enables students to enjoy the full benefits of life in a vibrant world city with easy access to excellent scientific and cultural centres.

Read less

The Digital Age is dependent on software systems that support the full spectrum of human activity, from real-time banking transactions to the operation of critical infrastructures such as transportation, power and telecommunications.

Securing these systems is of strategic importance to industry and government, increasing the demand for graduates who have the knowledge and skills to support their engineering and maintenance.

The course is developed in consultation with individuals from the Information Risk Management and Assurance Group of BCS and various commercial organisations.

Taught modules are mostly delivered by researchers, who contribute to international research literature, ensuring that the course is relevant and up-to-date. Underpinned by a strong foundation in research, you will benefit from learning the technical skills and knowledge needed to practice on real-world problems throughout the course, equipping you with the expertise needed in systems engineering and network security.

You will have the opportunity to engage with research activities and projects that are relevant to the latest industry challenges. You will also have the chance to attend professional networking events, take part in hacker sessions and meetings of the Secure and Dependable Software Systems (SenSe) group, which feature talks from leading researchers, government agencies, local businesses and relevant societies.

Your learning will also be supported by access to facilities including computer and research laboratories, which include industry-standard software developed by our researchers at Brighton.

Course structure

Teaching methods include lectures, tutorials, workshops and guided independent study. You will build your understanding of the foundations of information security through a series of seminal books, and keep up to date with the latest developments through leading journals in the field.

The course consists of six taught modules – five core, one optional – and an independent project. The PGDip comprises the taught modules only, while the PGCert comprises three taught modules, two of which must be compulsory.

Core modules:

Security and Dependability
Secure Information Systems Engineering
System and Network Security
Information Security Management
Research Methods

Optional modules:

Software Architecture
Distributed System Principles
Data Mining and Knowledge Discovery in Data

Facilities

You will have access to a suite of computer laboratories that are equipped with modern PCs and industry-standard software. Technicians are available for immediate assistance during the labs' extensive opening hours.

You will also have access to the two research labs of the Secure and Dependable Software Systems (SenSe) group, the security lab and the Internet of Things lab. These facilities include industry-standard software developed by researchers at Brighton, including tools to analyse the security and privacy of software systems.

Employability

There is a huge demand for information security specialists across the world. According to the 2015 Global Information Security Workforce Study, there will be a 1.5 million shortfall in the next five years, while the Bureau of Labor Statistics' Occupational Outlook Handbook predicts that the demand for information security professionals will increase by 100,000 jobs in the next seven years.

The salary for information security professionals has the potential to be the highest in the sector. The Robert Half 2015 salary guide concluded that the highest paid job in technology is that of the Chief Information Security Officer, which averages between £97,500 and £145,250.

Read less

The Masters in Information Security provides you with a thorough grounding in professional software development, together with experience of conducting a development project, preparing you for responsible positions in the IT industry.

Why this programme

◾The School of Computing Science is consistently highly ranked achieving 2nd in Scotland and 10th in the UK (Complete University Guide 2017)
◾The School is a member of the Scottish Informatics and Computer Science Alliance: SICSA. This collaboration of Scottish universities aims to develop Scotland's place as a world leader in Informatics and Computer Science research and education.
◾You will have opportunities to meet employers who come to make recruitment presentations, and often seek to recruit our graduates during the programme.
◾You will benefit from having 24-hour access to a computer laboratory equipped with state-of-the-art hardware and software.

Programme structure

Modes of delivery of the MSc in Information Security include lectures, seminars and tutorials and allow students the opportunity to take part in lab, project and team work.

Core courses

◾Crytography and secure development
◾Cyber security fundamentals
◾Cyber security forensics
◾Enterprise cyber security
◾Human-centred security
◾Research methods and techniques
◾Safety critical systems
◾Masters team project

Optional courses

◾Advanced networking and communications
◾Advanced operating systems
◾Algorithmics
◾Artificial intelligence
◾Big data: systems, programming and management
◾Computer architecture
◾Computer vision methods and applications
◾Distributed algorithms and systems
◾Enterprise computing
◾Functional programming
◾Human computer interaction
◾Human computer interaction: design and evaluation
◾Information retrieval
◾Internet technology
◾IT architecture
◾Machine learning
◾Mobile human computer interaction
◾Modelling reactive systems
◾Software project management
◾Theory of computation
◾Web science

Depending on staff availability, the optional courses listed here may change.

If you wish to engage in part-time study, please be aware that dependent upon your optional taught courses, you may still be expected to be on campus on most week days.

Accreditation

MSc Information Security is accredited by the British Computer Society (BCS).

Our specialist MSc graduates in Computing Science, Software Engineering and Information Security are recognised by the British Computer Society (BCS), The Chartered Institute for IT, for the purposes of fully meeting the further learning academic requirement for registration as a Chartered IT Professional (CITP Further Learning) and partially meeting the academic requirement for registration as a Chartered Scientist (CSci). These programmes have also been awarded the Euro-Info Master Label.

Industry links and employability

◾Computer systems are frequently compromised by the efforts of opportunistic hackers. In many countries, legislation is forcing companies to take information security more seriously. Information security requires a clear understanding of relevant technological, social, and organizational issues, as well as the relationships between them.
◾The programme includes a thorough grounding in professional software development, together with experience of conducting a development project. The programme will prepare you for a responsible position in the IT industry.
◾The School of Computing Science has extensive contacts with industrial partners who contribute to several of their taught courses, through active teaching, curriculum development, and panel discussion. Recent contributors include representatives from IBM, J.P. Morgan, Amazon, Adobe and Red Hat.
◾During the programme students have an opportunity to develop and practice relevant professional and transferrable skills, and to meet and learn from employers about working in the IT industry.

Read less

Computer and information security is a vital issue in today’s IT environment. This programme will provide you with the necessary skills to understand and apply specialised security knowledge in the identification and resolution of IT security threats facing modern organisations. Develop a rounded view of key security domain topics such as security management and computer forensics, and gain the hands-on skills to confidently implement, configure and manage the tools you’ll face in practice.

Key features

-Be confident studying a degree accredited by BCS, The Chartered Institute for IT. The University has been awarded Academic Partner status by the Institute of Information Security Professionals (IISP), in recognition of the significant base of security-related expertise within the institution. This link encourages and enables a dialogue between academia and the wider community of security practitioners.
-Learn from research-active staff at the forefront of knowledge, conducting research within the Centre for Security, Communications and Network Research.
-Put your skills into practice in our high specification security, networking and digital forensic laboratories.
-Technology supported learning with free iPad mini and eBooks.
-Active Computer and Information Security Society (CISS) provide opportunities for networking, problem solving, speakers from industry as well as a valuable source of contacts.
-Build on the foundation which this course offers and take the opportunity to progress onto a research degree at MPhil or PhD level.
-Explore the option of completing the programme over two years with an integral work placement year.
-Benefit from the courses extensive links with major professional bodies and societies such as the BCS, ISACA, IFIP Technical Committee 11 and the Institute for Information Security Professionals (IISP).
-Take the opportunity to make career inroads through strong industrial links with major organisations such as Kaspersky Labs, Symantec, Orange, France-Telecom, and various UK government departments.
-Engage with the BCS South West branch programme, who hold many of their sessions at Plymouth University. The branch has a rich programme of events that contributes to broadening the knowledge and experience of the students.
-Continually under review to ensure all content is relevant and timely the programme has recently begun to offer AccessData Certification as a part of the cybercrime and investigation module, enabling you to achieve professional recognition as well as academic credit.

Course details

During your year of study you will gain an understanding of key topics such as security management, cryptography, network and system security, computer forensics, and protection in application scenarios. You'll also benefit from being taught a wide variety of hands-on skills, which enable you to implement, configure and manage many of the typical controls you will encounter in practice - including firewalls, intrusion detection systems, authentication and access mechanisms, and forensic case management tools. The project will enable you to explore and develop in-depth knowledge on a particular area of security. You'll become a subject expert and push the boundaries of the current understanding.

Core modules
-SEC501 Information Security Management and Governance
-SEC503 Intrusion Analysis and Incident Management
-BPIE500 Masters Stage 1 Placement Preparation
-PROJ513 MSc Project (September)
-SEC502 Network Security and Penetration Testing
-SEC505 Digital Forensic Investigation
-SEC504 Secure Systems Architectures and Mechanisms
-FTGS507 Professional and Research Skills with Entrepreneurship

Optional placement year
-BPIE501 Computing Masters Industrial Placement

Every postgraduate taught course has a detailed programme specification document describing the programme aims, the programme structure, the teaching and learning methods, the learning outcomes and the rules of assessment.

Read less

Information Technology is a strategic resource within any business and is critical to the survival and success of an organisation and should therefore be carefully managed. A key issue in IT strategy is Information Security, which is becoming more critical with the interconnection of systems through the Internet and the sharing of resources with business partners, clients and customers.

This Masters degree is aimed at current or prospective system managers, system administrators and other IT professionals with a responsibility or aspiration for strategic IT and security management.

You will gain an understanding of current issues in information security and IT management, together with an in-depth knowledge of a variety of techniques for strategically managing IT, both as a resource as well as for analysing and controlling security risks. A key aspect of the programme is the systemic perspective that is taken; security is not simply a technical issue, but a component of the wider context of IT management.

What will I study?

You will study security from two perspectives: the concepts of computer and network security, together with a systemic approach to information security management. The programme of study is informed by ISO27000 legal compliance requirements and professional body knowledge requirements of ISACA (Information Systems Audit and Control Association), ITIL (Information Technology Infrastructure Library) and the Information Systems Security Certification Consortium (ISC)2. The study of computer forensics enables further specialisation.

IT Management is approached from a strategic and risk-based perspective, and includes business continuity and project management. A recent technology development that could have radical impact in both security and IT management is cloud computing, and the course provides an option to enable you to develop a sound understanding of the related issues and technology. Professional, ethical and contemporary issues in computing and research methods are also integrated into the programme.

How will I study?

The course is delivered primarily as taught modules. Each module typically involves a 3-hour face-to-face seminar every week for 12 weeks. You will study three modules each semester on the full-time programme, requiring attendance two days per week. For part-time students, modules are scheduled to enable evening study over two years.

Learning and teaching involves a variety of techniques, including lectures, case studies, problem-based learning, guest lectures from industry experts, student-led seminars and technology-enhanced learning (e.g. Virtual Learning Environment, wiki). Classes are highly interactive, with practical application of concepts a key factor, as well as cases drawn from real-life. The MSc Information Security and IT Management is designed around small groups so you can be sure that you will have plenty of individual discussion with your tutors.

How will I be assessed?

Throughout the programme we will assess your vocational capability, academic critical thinking and intellectual development. Coursework, case studies, problem-solving exercises and exams may be used. You may be assessed individually or in a group.

Who will be teaching me?

You will be taught by highly qualified, experienced and enthusiastic academics who are research-active and regularly engage within the wider business and academic environment. Staff specialise in particular subjects so you will benefit from a wide range of knowledge and experience.

What are my career prospects?

The MSc in Information Security and IT Management will provide you with the skills and knowledge to develop your interests as an IT security professional and IT manager. As organisations become ever more dependent on IT, there are increasing opportunities for specialist positions related to security. The course provides knowledge and skills which underpin Information Systems Security Certification Consortium or (ISC)2 and ISACA certifications.

Read less

Learn about both the technical and the business issues that can bridge the gap between IT security and business risk.

Who is it for?

This Masters course is aimed at IT professionals with approximately five years’ experience and is intended to provide them with the skills that they need to progress to a management role in information security and risk. The course will appeal to companies and professionals that need to develop or improve their capability in managing IT-related security, in order to enter markets with higher demands of dependability and security, comply with new regulations, or re-qualify for new roles.

Objectives

Concerns about cyber security and information risk have led to a growing market for technical specialists, but there is also a need for more senior professionals with an awareness of both the technical and the business issues who can bridge the gap between IT security and business risk.

On this Management of Information Security and Risk MSc programme you will learn about both the technical and the business issues that can bridge the gap between IT security and business risk.

Understand how to communicate these risks to both the technical staff and the executive business team (CEO, CIO, CFO and COO) in a language they share. Focus on human-machine interaction and decision making within today's increasingly complex Political-Economical-Socio-Technical (PEST) systems.

Find out about latest industry and government standards, legislation and best practice from leading technical experts and network with your peers to compare and contrast best practices from different industries.

Teaching and learning

The modules are taught by academics at the Centre for Software Reliability, within the School of Mathematics, Computer Science and Engineering, and also by visiting lecturers from industry. We also have invited speakers from academia and industry in most modules. Teaching takes place via seminars, lectures, group work and tutorials. The assessment is through coursework only – this consists of written work (individual and group), presentations and peer review.

The modules will be delivered in block mode, with students taking two modules per term. Each module consists of two blocks as follows:
-Thursday evening: 5pm - 9pm
-Friday: 9am-5pm
-Saturday: 9am-5pm

In summary, assuming attendance at the Thursday evening sessions can be done without having to take any time off from work, the students are expected to take eight Fridays off from work in a calendar year (though some employers may allow their employees to take these times off as study leave), and they will need to also attend classes for a further eight Saturdays (i.e. two Fridays and two Saturdays per module). Timetables are for guidance only and are subject to change.

Modules

The course covers the skills and knowledge necessary to be successful in senior roles in information security and risk.

The course supports the extra breadth of knowledge required by people with professional experience to help them progress towards target roles in management or consulting on security, assurance and risk.

Applicants can also apply to enrol on individual modules as CPDs. It will then be possible for you to gradually build credits for the MSc should you wish to take this route. City, University of London is also an approved MoD Enhanced Learning Credits (ELC) scheme provider (ID-1538).

Modules providing Professional Skills
-Information Leadership (15 credits)
-Executive Development (15 credits)
-Socio-Technical Systems (15 credits)
-IT Risk Management for effective performance and the prevention of fraud, error and disaster (15 credits)

Specialised Security and Risk Modules
-Information Security Management (15 credits)
-IT Risk and Resilience (15 credits)
-Quantitative Risk Analysis (15 credits)
-Assurance Cases (15 credits)

Career prospects

This course will appeal to companies and professionals that need to develop or improve their capability in managing IT-related security, in order to enter markets with higher demands of dependability and security, comply with new regulations, or re-qualify for new roles. Graduates should be suitable for consideration as the CSO or Security Architects and Senior Information Risk Managers and would also greatly help them in information security Consultancy and Auditing roles.

Our previous and existing cohort of students have all been employed full-time in a wide range of companies, including multi-billion pound turnover internationals in the aviation industry, global auditing companies (e.g. KPMG), media companies (e.g. Sky and Sony), financial services companies (e.g. Deutsche Bank) in the City of London, small and medium enterprises (SMEs), government departments and NHS trusts. The programme helps students build a strong network with their peers and maintain it as part of their career development.

Read less

The Programme aims to develop research-based practice in professionals working within the Information Security area. As a result of the rapid growth in both the availability of global information structures (e.g. internet) and the number of users, information security professionals are facing major challenges to provide services that are accessible and yet safe. Keeping business channels flexible and easy to use whilst guarding against the e-criminal is the on-going project.

The IT and Internet Law module provides a background to governance of the technology and the humans who use it whilst Seizure and Examination of Computer Systems provides a response platform for situations where potentially a crime has been committed.

The Professional Doctorate in Information Security believes research is fundamental to maintaining this balance between access and safety. Applied Research Tools and Techniques provides a basis to develop in the student a sophisticated toolset of research techniques. This is augmented in Research Methods for Technologists with highly specialised approaches.

There are three modules tailored to link the student’s workplace with their research-based learning: Work-based Planning, Work-based Practice and Project Portfolio.

The Research Conference module is designed to encourage more reflective, innovative ways of presenting research findings and responding to feedback.

The Research Thesis, lasting over 3 years, connects the research, student work experience and the challenges faced by modern technological infrastructures.

The Programme is currently unique in offering a professional doctoral qualification in the expanding but still relatively modern area of information security. Most of the Programme is based on negotiated learning, where students construct research-based learning around their interests and life experience. Three of the modules are purely workplace-focussed and will require tutors visiting the student and their employer.

Read less

Study computer and information systems security on a course that combines academic teaching, industry input and practical skills development.

The course has four main focuses

• information security management
• ethical hacking
• system hardening
• computer forensics

This course is ideal if you are already working in an information technology environment or if you wish to specialise in the field of information security. After successfully completing it, you gain industry-recognised certifications that will assist you in progressing further in this field.

You focus on both the technical and managerial aspects of information security. The technically-focused modules involve you exploring a range of systems, tools and techniques at the cutting edge of technology. The managerial-focused modules give you an appreciation of the role information security has in an organisation and how it can be implemented and managed.

On this course you

• develop the knowledge, understanding and skills to work as a computing security professional.
• learn the concepts, principles, techniques and methodologies you need to design and assess complex networks, systems and applications.
• develop the practical experience you need to plan, perform and direct security audits of information systems to the level required by standard security frameworks.
• develop the effective and appropriate communication skills you need to be a security professional.

Free training and certification exam

Thanks to our association with BSI Learning, you are entitled to attend the BSI ISO27001 Lead Auditor course and take the official exam which allows you to become accredited as a BSI certified lead auditor.

Our ethical hacking module is aligned with the CREST Practitioner Security Analyst (CPSA) syllabus providing graduates with industry recognised and desired skills.

BSI lead auditor qualification

• ISO27001 Lead Auditor

BSI courses are delivered by approved BSI trainers and qualified ISO27001 lead auditors. As part of the course you receive the same course material as the official BSI training courses.

Guest Speakers from industry

Due to our strong ties with industry we regularly have special guest speakers. Recent speakers have included industry professionals from Mozilla, South Yorkshire Police, RSA and Blackberry.

Ethical Hacking

In 2014 Sheffield Hallam hosted the North of England's first Ethical Hacking Conference Steelcon. This is set to be an annual event with 2015's event already booked.

Course structure

We developed this course along two main lines.

The first covers the principles and issues of security design concerning systems and systems integration, web and operating system based applications and communication networks.

The second addresses the methodologies and development of skills required to perform security assessments of complex information systems.

Semester one modules

• Information security concepts and principles
• Network security
• Systems and application security
• Web applications and e-commerce security

Semester two modules

• BSI ISO27001 lead auditor
• Group-based case study with capture the flag

Options

• Computer forensics and incident response
• Information security management
• Incident handling and hacking techniques (ethical hacking)

Semester three modules

You study research methods and do a substantial research project leading to a dissertation.

Assessment

Group and individual coursework. You also do a range of

• problem solving assignments
• workshops
• practical projects
• research activities.

Employability

On this course, you gain the knowledge, skills and experience you need to work in many different positions, from technical to management roles.

The Institute of Information Security Professionals (IISP) has highlighted the following specialisms in the area.

Strategy, policy, governance

• strategist • policy manager • information technology services officer (ITSO) • department security officer (DSO) • chief information security officer (CISO)

Risk management, verification and compliance

• risk analyst • risk assessor • business information security officer • reviewer • auditor

Incident and threat management and response

• incident manager • threat manager • forensics (computer analyst, mobile and network analyst) • computer security incident response team (CSIRT) • attack investigator • malware analyst • penetration tester • disaster recovery • business continuity

Operations and security management

• network security officer • systems security officer • information security officer • crypto custodian • information manager

Engineering, architecture and design

• architect • designer • development • secure coding • software design and development • applications development • security tools • implementation

Education, training and awareness

• security programme manager

Research

• security researcher

Successful graduates of this course have gone on to work for companies such as HSBC, Citrix, and Price Waterhouse Coopers.

Read less

The Information Security and Biometrics MSc offers an advanced level of learning and provides you with a detailed understanding of the theories, concepts and techniques in the design, development and effective use of secure information systems.

Secure information systems are critically important to modern day businesses and societies. From banking systems and medical systems to power infrastructures or a simple home PC, security is vitally important as they are usually all interconnected directly or indirectly via the Internet or telephony system.

This Master’s programme combines modern engineering and technology with digital media and equips students with the skill set to develop modern security systems with an emphasis on biometric identity management. Graduates of this programme are then capable of adapting to changes in the field and of leading it in innovation.

Visit the website https://www.kent.ac.uk/courses/postgraduate/256/information-security-biometrics

About the School of Engineering and Digital Arts

The School of Engineering and Digital Arts successfully combines modern engineering and technology with the exciting new field of digital media.

Established over 40 years ago, the School has developed a top-quality teaching and research base, receiving excellent ratings in both research and teaching assessments.

The School undertakes high-quality research that has had significant national and international impact, and our spread of expertise allows us to respond rapidly to new developments. Our 30 academic staff and over 130 postgraduate students and research staff provide an ideal focus to effectively support a high level of research activity. There is a thriving student population studying for postgraduate degrees in a friendly and supportive teaching and research environment.

We have research funding from the Research Councils UK, European research programmes, a number of industrial and commercial companies and government agencies including the Ministry of Defence. Our Electronic Systems Design Centre and Digital Media Hub provide training and consultancy for a wide range of companies. Many of our research projects are collaborative, and we have well-developed links with institutions worldwide.

Course structure

This programme is taught jointly with the School of Computing. Both schools are at the forefront of research in their areas.

The School of Engineering and Digital Arts has an excellent reputation for research in various aspects of biometrics, including individual biometric modalities, the management of complexity in biometric systems and the testing and evaluation of biometric systems; while the School of Computing has participated in the development of X.509 international standard and the first X.509 privilege management infrastructure (PMI) was built by members of this school.

This Master's programme offers an advanced level of learning by providing students with a thorough understanding of the theories, concepts and techniques for the design, development and effective use of secure information systems, and producing graduates who are capable of adapting to changes in the field and leading it in innovation.

The course is designed for practitioners, professionals and graduates with an interest in information security, access control technologies, and application domains using biometric identification and verification systems.

Programme aims

This programme aims to:

- produce graduate engineers with a broad understanding of how to provide effective information security, and how to develop and use modern security systems, with a particular emphasis on biometric identity management

- equip trained engineers with the necessary system development skills to allow them to adapt to a dynamic and fast-changing industrial environment

- provide you with proper academic guidance and welfare support

- create an atmosphere of co-operation and partnership between staff and students, and offer you an environment where you can develop your potential.

Careers

We have developed the programme with a number of industrial organisations, which means that successful students will be in a strong position to build long-term careers in this important discipline.

The School of Engineering and Digital Arts (http://www.eda.kent.ac.uk/) has an excellent record of student employability (http://www.eda.kent.ac.uk/school/employability.aspx). We are committed to enhancing the employability of all our students, to equip you with the skills and knowledge to succeed in a competitive, fast-moving, knowledge-based economy.

Graduates who can show that they have developed transferable skills and valuable experience are better prepared to start their careers and are more attractive to potential employers. Within the School of Engineering and Digital Arts, you can develop the skills and capabilities that employers seek. These include problem solving, independent thought, report-writing, time management, leadership skills, team-working and good communication.

Kent has an excellent record for postgraduate employment: over 94% of our postgraduate students who graduated in 2013 found a job or further study opportunity within six months.

Building on Kent’s success as the region’s leading institution for student employability, we offer many opportunities for you to gain worthwhile experience and develop the specific skills and aptitudes that employers value.

Find out how to apply here - https://www.kent.ac.uk/courses/postgraduate/apply/

Read less

Computer network and information security is of increasing importance – new legislation, technologies, vulnerabilities and threats necessitate frequent system updates. This course aims to equip you with technical knowledge of current and emerging technologies and an understanding of the underlying theory of cryptography, networking and network security technologies. You will learn to assess, plan, design and develop secure and reliable networks and systems. You can combine this course with management studies.

Key features
-This course is accredited by BCS, The Chartered Institute for IT.
-The course is taught in a specialist data communications lab with access to the latest networking and security equipment from vendors such as Cisco, Microsoft and Clavister. Current and emerging technology will also be demonstrated by representatives from industry.
-You will have the option to work in one of our state-of-the-art research labs, called WMN (Wireless Multimedia and Networking). WMN is involved in EU and UK research collaborations and offers opportunities for advanced research and short-term research fellowships on completion of your MSc degree.

What will you study?

You will gain a critical awareness of the current developments and future trends in cryptography, network security and wireless security, starting from the mathematical principles behind cryptographic algorithms and moving on to secure network protocols.

As security and dependability are inextricably linked, the course also covers dependable and highly available architectures. Techniques and technologies to combat threats will be explored, from secure authentication mechanisms, through firewalls, to information policies and user education to combat social engineering and data leakage.

The Management Studies route will set your technical knowledge in a management context.

Assessment

Industrial report and technical article coursework, examinations, verbal presentations, project dissertation.

Work placement scheme

Kingston University has set up a scheme that allows postgraduate students in the Faculty of Science, Engineering and Computing to include a work placement element in their course starting from September 2017. The placement scheme is available for both international and home/EU students.

-The work placement, up to 12 months; is optional.
-The work placement takes place after postgraduate students have successfully completed the taught portion of their degree.
-The responsibility for finding the placement is with the student. We cannot guarantee the placement, just the opportunity to undertake it.
-As the work placement is an assessed part of the course for international students, this is covered by a student's tier 4 visa.

Details on how to apply will be confirmed shortly.

Course structure

The full MSc course consists of an induction programme, four taught modules, and project dissertation. Please note that this is an indicative list of modules and is not intended as a definitive list.

Network and Information Security MSc modules
-Cryptography and Applications
-Network and Information Security
-Data Communications
-Project Dissertation
-One option module

Read less

Computer network and information security is of increasing importance – new legislation, technologies, vulnerabilities and threats necessitate frequent system updates. This course aims to equip you with technical knowledge of current and emerging technologies and an understanding of the underlying theory of cryptography, networking and network security technologies. You will learn to assess, plan, design and develop secure and reliable networks and systems. You can combine this course with management studies.

Key features
-This course is accredited by BCS, The Chartered Institute for IT.
-The course is taught in a specialist data communications lab with access to the latest networking and security equipment from vendors such as Cisco, Microsoft and Clavister. Current and emerging technology will also be demonstrated by representatives from industry.
-You will have the option to work in one of our state-of-the-art research labs, called WMN (Wireless Multimedia and Networking). WMN is involved in EU and UK research collaborations and offers opportunities for advanced research and short-term research fellowships on completion of your MSc degree.

What will you study?

You will gain a critical awareness of the current developments and future trends in cryptography, network security and wireless security, starting from the mathematical principles behind cryptographic algorithms and moving on to secure network protocols.

As security and dependability are inextricably linked, the course also covers dependable and highly available architectures. Techniques and technologies to combat threats will be explored, from secure authentication mechanisms, through firewalls, to information policies and user education to combat social engineering and data leakage.

The Management Studies route will set your technical knowledge in a management context.

Assessment

Industrial report and technical article coursework, examinations, verbal presentations, project dissertation.

Work placement scheme

Kingston University has set up a scheme that allows postgraduate students in the Faculty of Science, Engineering and Computing to include a work placement element in their course starting from September 2017. The placement scheme is available for both international and home/EU students.

-The work placement, up to 12 months; is optional.
-The work placement takes place after postgraduate students have successfully completed the taught portion of their degree.
-The responsibility for finding the placement is with the student. We cannot guarantee the placement, just the opportunity to undertake it.
-As the work placement is an assessed part of the course for international students, this is covered by a student's tier 4 visa.

Details on how to apply will be confirmed shortly.

Course structure

The full MSc course consists of an induction programme, four taught modules, and project dissertation. Please note that this is an indicative list of modules and is not intended as a definitive list.

Network and Information Security with Management Studies MSc modules
-Cryptography and Applications
-Network and Information Security
-Data Communications
-Business in Practice
-Project Dissertation

Read less

The MSc Information Security and Privacy addresses the key security issues that are faced by global communications and information systems.

The programme provides a mix of business context with core security, trust and privacy issues that challenge the IT sector. The course builds on previous skills in computer science, to strengthen understanding of this emerging area.

As well as studying themes such as trust and identity and forensic investigation, security techniques and information, network and cyber security, you will gain an understanding of the e-Commerce and business environment. This combined business/security approach provides valuable training for interacting with organisations, and understanding their business functions in a deeper context.

Using case based analysis, you will have the opportunity to learn about forensic approaches to investigation across multiple platforms.

Distinctive features:

• Practitioner-led modules integrate the latest research ideas with current best practice

• Students will have access to our Cybersecurity and Forensics Laboratory. The 40 PCs are able to host virtual machines and can be used to carry out a number of forensic investigations. They are connected to an isolated, local network which can be configured to better explore the security challenges facing today's professionals.

• Professionally accredited by the BCS, the Chartered Institute for IT.

Structure

Full-time students study four compulsory modules each semester including a 60 credit dissertation in their final year. Part-time students study two compulsory modules each semester.

Core modules:

Information, Network & Cyber Security
Security Techniques
Distributed and Cloud Computing
Digital Forensics
Business and IT Management
Secure Applications, Identity and Trust
Dissertation

Teaching

The School of Computer Science and Informatics has a strong and active research culture which informs and directs our teaching. We are committed to providing teaching of the highest standard and received an excellent report in the most recent Quality Assurance Agency (QAA) review.

This particular course builds on our research strengths in cybersecurity. Many of the case studies used in the course build on our existing research and our work with industry (and other organisations in law enforcement).

Modules are delivered through a series of either full- or half-day contact sessions, which include lectures, seminars, workshops, tutorials and laboratory classes.

Most of your taught modules will have further information for you to study and you will be expected to work through this in your own time according to the guidance provided by the lecturer for that module.

Support

At the start of your course you will be allocated a Personal Tutor who is an academic member of staff in the School and serves as a point of contact to advise on both academic and personal matters in an informal and confidential manner.

Your Personal Tutor will monitor your academic progress and supply references in support of any job applications that you make.

Your Personal Tutor will monitor your progress throughout your time at university and will support you in your Personal Development Planning. You will see your Personal Tutor at least once each semester.

Outside of scheduled tutor sessions, our Senior Personal Tutor runs an open door policy, being on hand to advise and respond to any personal matters as they arise.

Feedback:

Feedback on coursework may be provided via written comments on work submitted, by provision of ‘model’ answers and/or through discussion in contact sessions.

Assessment

Modules will be assessed either by coursework, examination, or a combination of both.

Career prospects

Graduates are well-prepared for a career in industrial, commercial, or governmental organisations with particular responsibility for information and process security.

Career destinations include: information security manager, risk manager, technical security roles in computer forensics, identity management roles, secure systems developer, and industrial and university research.

Read less