Learn about both the technical and the business issues that can bridge the gap between IT security and business risk.
Who is it for?
This Masters course is aimed at IT professionals with approximately five years’ experience and is intended to provide them with the skills that they need to progress to a management role in information security and risk. The course will appeal to companies and professionals that need to develop or improve their capability in managing IT-related security, in order to enter markets with higher demands of dependability and security, comply with new regulations, or re-qualify for new roles.
Concerns about cyber security and information risk have led to a growing market for technical specialists, but there is also a need for more senior professionals with an awareness of both the technical and the business issues who can bridge the gap between IT security and business risk.
On this Management of Information Security and Risk MSc programme you will learn about both the technical and the business issues that can bridge the gap between IT security and business risk.
Understand how to communicate these risks to both the technical staff and the executive business team (CEO, CIO, CFO and COO) in a language they share. Focus on human-machine interaction and decision making within today's increasingly complex Political-Economical-Socio-Technical (PEST) systems.
Find out about latest industry and government standards, legislation and best practice from leading technical experts and network with your peers to compare and contrast best practices from different industries.
Teaching and learning
The modules are taught by academics at the Centre for Software Reliability, within the School of Mathematics, Computer Science and Engineering, and also by visiting lecturers from industry. We also have invited speakers from academia and industry in most modules. Teaching takes place via seminars, lectures, group work and tutorials. The assessment is through coursework only – this consists of written work (individual and group), presentations and peer review.
The modules will be delivered in block mode, with students taking two modules per term. Each module consists of two blocks as follows:
-Thursday evening: 5pm - 9pm
In summary, assuming attendance at the Thursday evening sessions can be done without having to take any time off from work, the students are expected to take eight Fridays off from work in a calendar year (though some employers may allow their employees to take these times off as study leave), and they will need to also attend classes for a further eight Saturdays (i.e. two Fridays and two Saturdays per module). Timetables are for guidance only and are subject to change.
The course covers the skills and knowledge necessary to be successful in senior roles in information security and risk.
The course supports the extra breadth of knowledge required by people with professional experience to help them progress towards target roles in management or consulting on security, assurance and risk.
Applicants can also apply to enrol on individual modules as CPDs. It will then be possible for you to gradually build credits for the MSc should you wish to take this route. City, University of London
is also an approved MoD Enhanced Learning Credits (ELC) scheme provider (ID-1538).
Modules providing Professional Skills
-Information Leadership (15 credits)
-Executive Development (15 credits)
-Socio-Technical Systems (15 credits)
-IT Risk Management for effective performance and the prevention of fraud, error and disaster (15 credits)
Specialised Security and Risk Modules
-Information Security Management (15 credits)
-IT Risk and Resilience (15 credits)
-Quantitative Risk Analysis (15 credits)
-Assurance Cases (15 credits)
This course will appeal to companies and professionals that need to develop or improve their capability in managing IT-related security, in order to enter markets with higher demands of dependability and security, comply with new regulations, or re-qualify for new roles. Graduates should be suitable for consideration as the CSO or Security Architects and Senior Information Risk Managers and would also greatly help them in information security Consultancy and Auditing roles.
Our previous and existing cohort of students have all been employed full-time in a wide range of companies, including multi-billion pound turnover internationals in the aviation industry, global auditing companies (e.g. KPMG), media companies (e.g. Sky and Sony), financial services companies (e.g. Deutsche Bank) in the City of London, small and medium enterprises (SMEs), government departments and NHS trusts. The programme helps students build a strong network with their peers and maintain it as part of their career development.
Applicants should hold a second class honours degree or the equivalent from an international institution in a cognate subject. We will consider applicants without a Bachelors degree, provided they have substantial relevant experience in the IT industry (at least ten years). All applicants should also have approximately five years of relevant professional experience (absolute minimum of two years in exceptional circumstances).