Cyber Degrees

Top Cyber Security Schools

When it comes to the “best of the best” in security, you’ve got options! Our list of the top 20 cyber security schools in the country includes many big names that you’ll recognize and plenty of great state choices. Skip ahead to view the rankings.

Choosing the Best Security Program

Your #1 choice will depend on your career aims. We made sure that each university in our list has fascinating research labs, whip-smart faculty, and ties to government & the private sector. But other factors to consider include:

  • Scholarships & Grants: Money is pouring into programs! In addition to the CyberCorps® Scholarship for Service, you’re likely to find lots of security scholarships for both undergraduate & graduate students. Ask the department offering your degree (e.g. Department of Computer Science) for details on financial aid.
  • Location: Strong cyber security schools often benefit from their proximity to tech areas (e.g. Silicon Valley), government defense agencies (VA/DC/MD area), and hubs of corporate activity (e.g. Atlanta or Chicago). Pay attention to sponsors & partners in research institutes—they often supply internships and job opportunities.
  • Subject Expertise: Thanks to faculty and research connections, cyber security schools are usually known for certain areas of expertise (e.g. Norwich University & cyber defense). Explore options in our state lists as well as these rankings—you may find the ideal professor in an ideal program that’s not in our top 20.
  • NSA CAE Designation: CAE designations are often considered a hallmark of quality, but the acronyms can be confusing to navigate. Since CAE is a factor in our ranking methodology, we talk a little more about this topic below.

Methodology

To get you the most bang for your buck, we felt it was important to assess a school’s quality from a variety of angles. That means our rankings are based on a number of data sources, including:

  1. Integrated Postsecondary Education Data System (IPEDS) data on computer science program completions
  2. Integrated Postsecondary Education Data System (IPEDS) data on computer engineering program completions
  3. Ponemon Institute’s Report on Best Schools for Cybersecurity
  4. NSA CAE designations

To narrow down our finalists, we analyzed school listings that appeared in the first 3 data categories. We also noted whether or not they’re an NSA CAE designated school. Because we prioritized undergraduate completion rates, you’ll notice that big names in graduate programs (e.g. Carnegie Mellon) may be further down the list. Almost all of the schools in our top 20 were well-represented in each data category; all of the schools hold a CAE designation.

AdvertisementFeatured Schools

School Name Level Program Name More Info
Arizona State University Certificate Online Undergraduate Certificate in Homeland Security program website
Utica College Bachelor Online Bachelor of Science in Cybersecurity (you must have 57 completed college credits, or an associates degree, to apply) program website
Maryville University Bachelor Online Bachelor of Science in Cyber Security program website
Maryville University Bachelor Online Bachelor's in Management Information Systems program website
Arizona State University Bachelor Online Bachelor of Science in Information Technology (Networking & Security specialization) program website
Champlain College Bachelor Online BS in Cybersecurity program website
Champlain College Bachelor Online BS in Computer Forensics & Digital Investigations program website
Utica College Master Online Master of Science in Cybersecurity program website
Maryville University Master Online Master of Science in Cyber Security program website
Syracuse University Master Online Master of Science in Cybersecurity program website
Syracuse University Master Online Master of Science in Computer Science program website
Johns Hopkins University Master Online Master of Science in Cybersecurity program website
Johns Hopkins University Master On-Campus Master of Science in Security Informatics program website
University of California - Berkeley Master Online Master of Information and Cybersecurity program website
Saint Mary's University of Minnesota Master Online Master of Science in Cybersecurity program website
Champlain College Master Online MS in Information Security Operations program website
Champlain College Master Online MS in Digital Forensic Science program website

NSA Centers of Academic Excellence in Cybersecurity (CAE-C)

What is an NSA CAE-CD School?

To promote higher education in cyber security, the National Security Agency (NSA) and Department of Homeland Security (DHS) teamed up to designate a number of institutions as National Centers of Academic Excellence in Cyber Defense (CAE-CD).

All regionally accredited two-year, four-year and graduate level institutions in the U.S. are eligible to apply for a CD designation. These designations include:

  • CAE2Y: Awarded to community colleges, technical schools, and government training centers that offer two-year certificate and associate’s degree programs in cyber security
  • CAE-CDE: Awarded to four-year universities and colleges that offer bachelor’s and graduate degree programs in cyber security
  • CAE-R: Awarded to universities that offer higher-level doctoral research programs in cyber security

To qualify for a CAE-CD designation, schools must meet a number of general and academic requirements. The designation is valid for 5 academic years.

Students attending CAE-CD and CAE-R schools are eligible for scholarships and grants through the Department of Defense Information Assurance Scholarship Program and the CyberCorps® Scholarship for Service Program.

What is an NSA CAE-CO School?

The NSA has also developed a designation called the National Centers of Academic Excellence in Cyber Operations (CAE-CO). This designation is available to four-year colleges and graduate-level universities.

As you might expect, the CAE-CO designation is given to programs that focus on the operations side of cyber security (e.g. engineering, network defense, operating systems, and programming). In its list of academic requirements, the NSA stipulates that CO degrees should:

  • Be technical, inter-disciplinary, and firmly grounded in the computer science (CS), computer engineering (CE), and/or electrical engineering (EE) disciplines
  • Emphasize technologies and techniques related to specialized cyber operations (e.g. collection, exploitation, and response; malware analysis; reverse engineering, etc.)

Students attending CAE-CO schools are eligible for the CyberCorps® Scholarship for Service Program.

Do I Have to Go to a CAE School?

The short answer is no. The NSA CAE is a voluntary designation – some very well-respected schools have decided that it does not accurately reflect the requirements that a cyber security program needs. Others have issues with the time involved in the application process.

If you’re in any doubt about the reputation of a school, do your research and ask around. Guidance counselors, professional peers, and senior level colleagues should all be willing to give you advice.

Note: As of 2017, the Scholarship for Service program was still open to non-CAE institutions whose information assurance programs were deemed “equivalent” to those of certified schools.

History of NSA CAE Designation

The idea of creating an information assurance designations began in 1998. At that time, the government was looking for ways to increase the profile of cyber security and foster research & education initiatives.

In response, it developed a variety of projects, including the:

  • NSA National Centers of Academic Excellence in Information Assurance Education (CAE-IAE)
  • Scholarship for Service program

After the release of the President’s National Strategy to Secure Cyberspace in 2003, the Department of Homeland Security (DHS) joined the NSA as a partner in 2004.

The initiative continued to grow throughout the 2000s:

  • In 2008, the CAE in IA Research (CAE-IAR) program was established to promote higher-level doctoral research in cyber security.
  • In 2010, the CAE in Two-Year IA Education (CAE2Y) program was created to accommodate two-year institutions, technical schools, and government training centers.

In 2014, CAE-IAE designations were replaced by the CAE-CD program.

Note: CAE/IAE designations expired in January 2017, but you may still see this acronym on university websites.

NSA CAE-CD Requirements

General Criteria

The NSA has developed a broad set of criteria for its programs. In general, a CAE-CD school must:

  • Meet a set of core and optional knowledge units (KUs)
  • Demonstrate outreach and collaboration
  • Have a center for CD education
  • Foster a robust and active CD academic program
  • Ensure CD is a multidisciplinary science within the institution
  • Support the practice of CD throughout the institution
  • Encourage student and faculty CD research

Academic Criteria

According to the NSA’s Academic Criteria, a technical two-year program should include the following core knowledge units (KUs):

1.1 Basic Data Analysis
1.2. Basic Scripting or Introductory Programming
1.3. Cyber Defense
1.4. Cyber Threats
1.5. Fundamental Security Design Principles
1.6. Information Assurance Fundamentals
1.7. Intro to Cryptography
1.8. IT Systems Components
1.9. Networking Concepts
1.10. Policy, Legal, Ethics, and Compliance
1.11. System Administration

A four-year program (e.g. BS in Cyber Security) should include all of the above KUs and:

2.1. Databases
2.2. Network Defense
2.3. Networking Technology and Protocols
2.4. Operating Systems Concepts
2.5. Probability and Statistics
2.6. Programming

These are the “must-haves”. The NSA makes room for a large number of optional KUs (e.g. cloud computing, digital forensics, supply chain security, etc.).

Optional Focus Area

If they’re really keen, universities can also choose to apply for one or more CAE-CD Focus Area designations. These include:

  • Cyber Investigations
  • Data Management Systems Security
  • Data Security Analysis
  • Digital Forensics
  • Health Care Security
  • Industrial Control Systems – SCADA Security
  • Network Security Administration
  • Network Security Engineering
  • Secure Cloud Computing
  • Secure Embedded Systems
  • Secure Mobile Technology
  • Secure Software Development
  • Secure Telecommunications
  • Security Incident Analysis and Response
  • Security Policy Development and Compliance
  • Systems Security Administration
  • Systems Security Engineering

Best Cyber Security Colleges

  1. 1

    Purdue University

    For graduate students, Purdue’s main campus is the land of opportunity. You can be a working IT pro, a research fanatic, or even a linguistics lover, and still find a solid program to suit your interests. Choices include:

    1. A standard MS or a standard PhD in a relevant department (e.g. Computer Science, Electrical & Computer Engineering, Political Science, etc.), with a focus on infosecurity topics. For example, if you’re pursuing an MS in CS, you can expect to take baseline courses in areas like operating systems and electives in topics like computer security, cryptography, cryptanalysis, and advanced security.
    2. An interdisciplinary graduate specialization in infosecurity (Masters’ and PhD), which is administered through CERIAS. These programs make a point of including graduate students from areas like the Departments of Philosophy and Communication, the Linguistics Program, and the College of Technology.
    3. An MS or PhD in Computer in Information Technology with a specialization in Cyber Forensics, which is run by the Cyber Forensics Lab in the Department of Computer and Information Technology. This program encompasses topics such as homeland security and infosecurity.

    Looking to move up the career ladder? The Department of Computer Science also offers an intensive, one-year Information Security for Computing Professionals (ISCP) program, which bears the official title of an MS in Computer Science with a concentration in information security. The ISCP program is deliberately geared toward IT professionals who have some on-the-job experience in programming and computer science and who aim to become infosecurity specialists. You may also want to check it out if you have a BS in a computing major or an undergraduate minor in computing science.

    Research and Initiatives

    Purdue is famous for its Center for Education and Research in Information Assurance and Security (CERIAS). Like MIT’s CSAIL and Carnegie Mellon’s CyLab, CERIAS is one of the top labs in the country. It prides itself on its multidisciplinary approach to cyber security research and it draws on faculty expertise from six different colleges and 20+ departments. Cyber security geeks probably already know that CERIAS emerged from the COAST Laboratory, founded by the one and only Gene Spafford!

    When we say “multidisciplinary,” we’re talking about in-depth projects into areas such as network security, assured identity & privacy, and cryptology, and a long-running investigation into Natural Language Information Assurance and Security (NL-IAS). What’s more, CERIAS has tons of ties to industry partners (e.g. Intel, GM, Raytheon, Deloitte, etc.) and many connections with other on-campus research labs that are interested in security issues.

    You can get a taste of the CERIAS experience by attending the annual information security symposium or the two-month Research Experience for Undergraduates (REU). In the past, the REU has been funded by an NSF grant—check with CERIAS to see if it is being run in the current year.

    More Information

  2. 2

    Georgia Institute of Technology

    Georgia Tech’s banner degree is its MS in Cybersecurity. With a 5-credit practicum and an emphasis on applicable skills, this program is available in 3 tracks:

    1. The Information Security track is run by the School of Computer Science and emphasizes technical issues in software, computer systems, and network security. Applicants are expected to have an undergraduate degree in computer science or the equivalent.
    2. The Energy Systems track is run by the College of Engineering and focuses on the security of the energy domain (e.g. cyber-physical systems security, smart grids, and power system protection).
    3. The Policy track is run by the School of Public Policy and explores topics related to policy, law, privacy, and management.

    If you’re a technical professional (e.g. IT, engineering, or product design) who’s looking to make the jump to security, you could also consider the Cyber Security Certificate. This flexible 5-course program gives you the choice of 4 electives.

    Research and Initiatives

    To accomplish its research work for military, government, and private industry, Georgia Tech’s Institute for Information Security & Privacy (IISP) draws on talent from a large number of cybersecurity labs and centers across the university and within the Georgia Tech Research Institute. In the process, Georgia Tech has become a University Affiliated Research Center (UARC) for the Department of Defense and the recipient of a DSS “Excellence in Counterintelligence” award. It has also garnered some stellar U.S. News & World Report rankings.

    In terms of initiatives, IISP has ongoing projects on everything from sensor systems and Machine Learning (ML) to privacy, smart cities, and side-channel attacks. It has also developed a Cybersecurity Fellowship Program, which supports PhD students who have ideas for unfunded & under-funded emerging research. Visit IISP’s Annual Cyber Security Summit or take an open enrollment course to see if Georgia Tech is the right fit for you.

    More Information

  3. 3

    University of Washington-Seattle

    Located deep in the heart of techville, UW Seattle’s BS in Informatics with an option in Information Assurance and Cybersecurity (IAC) pulls on faculty expertise from UW’s three campuses. You can choose electives from any campus (e.g. information assurance policy, secure coding, networking & systems administration, etc.) or tailor your concentration to your specific interests.

    Already working in the field? UW Seattle also offers a convenient online Certificate in Cybersecurity that’s designed for software developers & analysts and folks with system, database, security, or network administration experience.

    Research and Initiatives

    UW Seattle researchers are particularly good at assessing the broad picture. The Security and Privacy Research Lab in the School of Computer Science and Engineering has its research fingers in many traditional pies (e.g. cyber-physical systems, mobile device security, network security, etc.). But it also works closely with the interdisciplinary Tech Policy Lab on issues surrounding smart cities, the Internet of Things, robotics, and more.

    We should also mention the Cybersecurity Initiative in the International Policy Institute (IPI). The risks of using biometric data to help refugees? Issues with mobile and application insecurities? The threats of cyber-attacks on the nuclear industry? These are the kinds of questions being asked and answered by IPI faculty and fellows.

    More Information

  4. 4

    University of Maryland-College Park

    As an undergraduate at UMD, you have an easy choice:

    For graduates, UMD offers an MEng in Cybersecurity that immerses students in core security courses (e.g. secure programming, networks & protocols, etc.) and hands-on technical electives. Alternatively, you can tailor the MS or PhD in Computer Science or the MS or PhD in Electrical and Computer Engineering to suit your interests.

    Lack the time and funds for a full degree? The Graduate Certificate in Engineering – Cybersecurity is a 4-course, 12-credit program that draws on the prerequisites for the MEng.

    Research and Initiatives

    The hub of UMD’s security efforts is the Maryland Cybersecurity Center (MC2). Created in 2010, this interdisciplinary center has the advantage of being located in the Maryland-DC-Virginia triangle—home of countless government agencies and security firms. It has strong ties to corporate partners such as Lockheed Martin, Cisco, and Northrop Grumman and research projects in everything from cryptography to behavioral and economic aspects of security. You can hobnob with many of these researchers at the MC2 Annual Symposium.

    UMD has also developed a number of excellent initiatives for cybersecurity undergrads. These include:

    • The immersive Advanced Cybersecurity Experience for Students (ACES)— a two year (optional four year) living-learning honors program funded by Northrop Grumman.
    • The super-active, student-run Cybersecurity Club, which runs weekly challenges and participates in national summits & competitions.
    • START Career Development programs, which provide scholarship money and career support to students studying in the Homeland Security Science, Technology, Engineering and Mathematics (HS-STEM) arena.

    More Information

  5. 5

    University of Illinois at Urbana-Champaign

    Money flows freely at UIUC courtesy of its unique Illinois Cyber Security Scholars Program (ICSSP). Funded by CyberCorps® Service for Scholarships and stacked with financial benefits, this program covers:

    UIUC also offers 3-course, 12-credit Graduate Certificate in Security and a 15-credit Undergraduate Certificate in Global Security. Students participating in the undergraduate certificate are eligible for scholarship opportunities from UIUC’s ACDIS program.

    Research and Initiatives

    The jewel in UIUC’s cyber security crown is the hugely active, interdisciplinary Information Trust Institute (ITI). Here faculty and fellows are working on research areas such as the power grid, health information, systems & networking, and data science. For example, ITI runs multiple government-sponsored centers in energy systems security, the Strategic Healthcare IT Advanced Research Projects on Security (SHARPS), and the Boeing Trusted Software Center (just to name a few!). Plus, on top of the ICSSP program, ITI also offers undergraduate internships, seminars & workshops, startup support, and a summer school for graduates & security professionals.

    But wait, there’s more! As an UIUC student, you may be interested in working for the Arms Control & Domestic and International Security (ACDIS) Program, which has devoted itself to research on international security issues (e.g. nuclear materials security). In the Department of ECE, faculty are also heavily involved in reliable and secure computing systems.

    More Information

  6. 6

    University of Pittsburgh-Pittsburgh

    Pitt is one of only a few universities that hold five Committee on National System Security (CNSS) certifications, which means its degrees are extremely thorough when it comes to systems security. Programs are run by the School of Computing and Information and come in a variety of flavors:

    Pitt also has a 15-credit post-bachelor’s or a post-master’s Certificate of Advanced Study (CAS) in Security Assured Information Systems (SAIS) that will make you eligible for CNSS Certifications.

    Research and Initiatives

    Closely linked with the School of Computing, the Institute for Cyber Law, Policy, and Security is designed to be the core of Pitt’s work into cyber security. It was selected to run an Airforce Association (AFA) CyberCamp and it organizes a number of workshops and conferences where you can network with experts. The Institute was created in 2017, so we’re going to give it some time to grow.

    While you’re considering Pitt, we also recommend a look around the research labs and centers in the School of Computing and the university itself:

    More Information

  7. 7

    Syracuse University

    Graduate programs are the specialty of the house at Syracuse. Although they’re run by the College of Engineering and Computer Science, these degrees include input from the College of Law, the iSchool, and the Maxwell School.

    Fancy the idea of attending Syracuse as an undergraduate? Check out the 18-credit Undergraduate Cyberengineering Semester. It’s designed to teach CS and ECE juniors and seniors how to build and verify highly assured systems.

    Research and Initiatives

    Engineering is a big deal at Syracuse. For example, the Center for Advanced Systems and Engineering (CASE), an NYSTAR-designated Center for Advanced Technology (CAT) in complex information systems, has a huge stake in cyber security and network assurance. What’s more, the College of Engineering has a large number of cyber security research projects on the burner, with a great deal of emphasis on secure systems.

    Syracuse also has the Institute for National Security and Counterterrorism (INSCT), a significant initiative devoted to research work on national & international security and counterterrorism. It hosts various conferences & events and offers a number of interesting CASs (as well as an online cybersecurity course). If you’re intrigued by the intersection of tech and global events, it’s worth a visit.

    More Information

  8. 8

    George Mason University

    Strategically located in Fairfax, VA—less than 10 miles from the Dulles Tech Corridor and Loudoun County’s data centers—GMU’s grand old Volgenau School of Engineering is overflowing with cyber security programs.

    As an undergraduate, you could consider the:

    As a graduate, you have the option of the:

    And as a budding security professional, you may wish to explore the:

    Alternatively, you could apply for a BS, MS, or PhD in Computer Science and tailor your concentration to your cyber security interests.

    If you’re interested in the corporate side of security, you can even choose to pursue an MS in Executive Management of Secure Information Systems from the Business School.

    Research and Initiatives

    Created in 1990, GMU’s Center for Secure Information Systems (CSIS) was the first academic center in security in the country. It has alliances with major government & corporate sponsors (e.g. NSA, Northrop Grumman, MITRE, etc.) and many of its research projects involve national defense—no surprise when you consider the university’s location.

    Cyber security faculty are also deeply involved in the:

    The cherry on the cake? Volgenau established the first student-run cybersecurity organization in the country.

    More Information

  9. 9

    University of California-Davis

    UC Davis has a long-standing reputation as a major tech university and its Department of Computer Science allows you to customize your graduate computer science degree to include security work:

    Research and Initiatives

    UC Davis is one of only 3 universities in California that holds a CAE-R designation for excellence in cyber security research. (In the faculty list, you may recognize the name of Professor Matthew Bishop, author of Computer Security: Art and Science.) Professor Bishop is a co-director of the Computer Security Lab, which is responsible for a number of in-depth research projects.

    UC Davis is also a partner in the Cybersecurity Research Alliance, a multi-university partnership with the U.S. Army Research Laboratory to address threats, attacks, and risks in cyberspace.

    More Information

  10. 10

    The University of Texas at San Antonio

    As you might expect, UTSA’s Department of Information Systems and Cyber Security in the College of Business often leans on the corporate side of security. For instance:

    • In addition to technical courses (e.g. programming concepts, operating systems, network security, etc.), the BBA in Cyber Security places an equal weight on management (e.g. accounting, marketing, finance, and business law). It’s available online as well as on-campus.
    • If you choose the MBA with a concentration in Cyber Security, you must complete 24 credit hours of MBA courses along with your 12 elective credits in cyber security.

    However, it’s important to note that you can customize a degree in Computer Science (BS, MS, or PhD) or Computer Engineering (BS or MS) to suit your objectives. Or you can take the technical MS in Information Technology (MSIT) with a concentration in Information Assurance, which emphasizes core skills in telecommunications systems, voice & data security, and risk analysis.

    Undergraduate minors in Cyber Security, Digital Forensics, Information Systems, and Network and Data Center Management are also available to students enrolled in any major.

    Research and Initiatives

    UTSA is a CAE-R institute, and it has three major research centers devoted to cyber security:

    You can meet some of Texas’s cyber security stars at the AT&T Distinguished Speaker Series. UTSA Extended Education also offers IT Security courses that will prep you for common certifications (e.g. Network+, Security+, CISSP, etc.).

    More Information

  11. 11

    Boston University

    BU is a big university and its cyber security offerings are spread over a number of schools and colleges. The most “traditional” programs are the:

    But your second option is Metropolitan College (MET). MET programs are often tailored toward working professionals and place a heavy emphasis on job skills. Here you’ll find the:

    • MS in Computer Science (MSCS) with a concentration in Security, which is aimed at folks with academic or work experience with programming, discrete mathematics, and computer systems. The security concentration consists of 5 courses (3 required and 2 electives) in typical areas (e.g. network security, cryptography, forensics, etc.).
    • MS in Computer Information Systems (MSCIS) with a concentration in Security (online or blended), which is accredited by both the accredited by the PMI’s Global Accreditation Center (GAC) for Project Management and the Commission on Accreditation for Health Informatics and Information Management Education (CAHIIM). This program is a combo of technical training and managerial and organizational courses, and is open to those with a bachelor’s degree from a regionally accredited institution.
    • Graduate Certificate in Information Security (online or blended), which is a 4-course, 16-credit program designed to help graduates develop and implement IT security in their own organizations.

    Research and Initiatives

    The BU Security Group in the Department of Computer Science is affiliated with the university’s Center for Reliable Information Systems and Cyber Security (RISCS). Under the command of the Hariri Institute for Computing (HIC), RISCS has become a multidisciplinary initiative with a smorgasbord of research projects (e.g. Modular Approach to Cloud Security (MACS)). It also hosts regular seminars & events, including the Charles River Crypto Day.

    It’s important to remember that HIC has a close relationship with MIT’s Lincoln Lab, organizing joint Cybersecurity Workshops and collaborating on initiatives such as the Moving Target Defense and the Verificare project. HIC even funds exceptional undergraduates (UROP Summer Research Awards) and PhD students (Graduate Student Fellows Program) involved in computational research.

    More Information

  12. 12

    Oklahoma State University-Main Campus

    Cyber security programs at OSU’s main campus are handled by the Department of Management Science and Information Systems in the Spears School of Business. That means programs often stress the real-world, business applications of IT and security.

    For example, the BS in Business Administration with a major in Management Information Systems and an option in Information Assurance (yep, that’s the title) highlights hands-on analysis of organizational issues in IA and security. The MS in Information Assurance covers managerial topics such as telecommunications, risk, offensive and defensive practices, and legal issues.

    Can’t commit to a degree? The short, 15-credit Graduate Certificate in Information Assurance will school you in telecommunications technology, industry trends, and management and security of telecommunications systems.

    Research and Initiatives

    One of the reasons why so many OSU programs deal with telecommunications is due to the Center for Telecommunications and Network Security (CTANS). This center pulls on faculty expertise from multiple departments, including electrical engineering, to investigate areas such as secure communications protocols. In addition to providing labs, CTANS also has ties to the super-active, student-run Information Security and Assurance Club (ISAC).

    Hoping to improve your career contacts? Every April, the Spears School of Business hosts the OSU Cyber Security Conference.

    More Information

  13. 13

    University of Houston

    UH’s Department of Information and Logistics Technology is responsible for both the BS in Computer Information Systems (CIS) with technical electives in Security and the MS in Information System Security.

    Choosing technical electives in the BS is a way to focus your strengths on Information Assurance (IA). You’re allowed to choose 4 courses from topics such as secure application design, digital forensics, and intrusion detection & incident response.

    The two-year MS, on the other hand, is explicitly designed for folks with undergraduate degrees in technology disciplines who want to be able to assess, implement, and manage security solutions for information and network systems. In addition to hands-on technical work, there’s a big push for project management expertise.

    Research and Initiatives

    Established in 2007, UH’s Center for Information Security Research and Education (CISRE) is the heart of UH’s cyber security efforts. In addition to the degrees we’ve mentioned, it operates security labs, liaisons with other universities & centers, and tackles various research projects.

    Faculty in the Department of Computer Science also have a keen interest in security issues—CS runs its own Reasoning and Data Analytics for Security (ReDAS) Lab.

    More Information

  14. 14

    Johns Hopkins University

    JHU’s flagship security program is the MS in Security Informatics (MSSI). This full-time, 3-semester degree is administered by the School of Engineering and students must complete either the technology & research track or policy & management track. Both tracks include core technical courses, but the policy & management track is—understandably—more concerned with business issues. With the MSSI, you can also choose to pursue a dual degree in engineering in computer science, applied math & statistics, and health sciences, or even tack on JHU’s Certificate in National Security Studies (CNSS).

    Trying to fit your degree in around work? Johns Hopkins Engineering for Professionals offers a flexible MS in Cybersecurity (10 courses) and a Post-Master’s Certificate in Cybersecurity (6 courses) in online or on-campus forms. In addition to traditional foundation courses, the MS allows you to choose a track of interest (e.g. systems, networks, or analysis).

    Finally, if you really want to get stuck into the subject, you could also consider a PhD in Computer Science. The Department of Computer Science will be more than happy to help you customize your study plan.

    Research and Initiatives

    Founded by Gerald Masson, JHU’s venerable Information Security Institute (ISI) has been working on security issues since 2001. Researchers at ISI are particularly concerned with health and medical security (remembering that JHU has one of the best medical schools in the country) and cryptography & privacy. We should also mention that MSSI applicants are eligible for an Information Security Institute Fellowship (ISIF).

    More Information

  15. 15

    George Washington University

    Handily based in Washington, D.C., GWU’s Department of Computer Science has 3 roads that lead toward cyber security expertise:

    If you have already earned an associate’s degree or a non-technical bachelor’s degree, you can explore the Cybersecurity Bachelor’s Degree Completion Program. Offered by the College of Professional Studies, this two-year, 60-credit program is designed to get you quickly up to speed in core competencies (e.g. network security, digital forensics, incident response, etc.). Classes are held on GWU’s Virginia campuses.

    Alternatively, you might consider distance learning, where GWU has developed strengths in management & leadership programs:

    Research and Initiatives

    GWU is a CAE-R institution, and its Cyber Security and Privacy Research Institute (CSPRI) is involved in a number of research projects centered around issues like cyber surveillance, data collection, and supply chain safety. It’s a founding member of the National Cyber League and a supporter of the National CyberWatch Center.

    But the fun doesn’t stop there. GWU also boasts a Center for Cyber and Homeland Security (CCHS), a nonpartisan “think and do” tank focused on homeland security, counterterrorism, and cyber security issues. (This is, after all, the land of D.C. and its government agencies). CCHS generates a vast quantity of research & publications and hosts many events with powerful speakers. Internships are available.

    Meanwhile, over at the School of Law, the Cybersecurity Law Initiative is taking flight. It organizes regular events on law and technology that are open to students and members of the public. GW Law students who wish to study aspects of cyber security law are eligible for CyberCorps® scholarships.

    More Information

  16. 16

    Iowa State University

    ISU has a hyper-flexible approach to cyber security degrees. If you’re considering on-campus programs, the:

    ISU has also developed a number of distance learning alternatives. However, these online degrees are only offered by the Department of Electrical and Computer Engineering, so keep in mind that the university is typically looking for applicants with a BS or MS in computer engineering (or a closely related field). For example, the:

    And if that isn’t enough, you also have the option to pursue an Undergraduate Minor in Cybersecurity.

    Research and Initiatives

    ISU’s poster boy for cyber security is the Information Assurance Center (IAC). Established in 2000, the IAC takes a multi-faceted approach to its research projects, but it’s particularly interested in real-world applications—ISU is the home of the U.S. DOE’s Ames Laboratory. IAC plays host to a security testbed called ISEAGE – Internet-Scale Event & Attack Generation Environment, leads the Iowa Cyber Alliance, and heads the ISU Information Assurance Research Consortium.

    Once you’re on campus, you’ll find fellow security enthusiasts in the Information Assurance Student Group (IASG) and the Information Systems Security Laboratory (ISSL). ISU also runs 5 Cyber Defense Competitions each year.

    More Information

  17. 17

    Mississippi State University

    MSU’s cyber security offerings come courtesy of its Department of Computer Science & Engineering. Its MS in Computer Science with a concentration in Computer Security and PhD in Computer Science with a concentration in Computer Security have been around for quite some time, and both curricula draw on the security expertise of department faculty. In the MS, you can choose to complete a thesis, a professional project, or courses-only.

    But that’s not all! In 2017, MSU created the MS in Cyber Security and Operations, a specialist degree with concentrations in either cyber defense or cyber operations (e.g. reverse engineering, wireless networks, malware analysis, etc.). Cyber defense graduates apply for jobs in private corporation or government organizations; cyber operations graduates often find work with the government or penetration testing firms.

    Last but not least, MSU offers a 15-hour, 5-course Graduate Certificate in Information Assurance that stresses IA and data security.

    Research and Initiatives

    MSU is the only university in the state to hold the triple crown of designations: CAE-R, CAE-CO & CAE-CDE. Thanks to its Center for Computer Security Research (CCSR), it has developed major research strengths in AI, computer forensics, and cryptography. For example, MSU has its own National Forensics Training Center (NFTC), which is funded by the Department of Justice to train law enforcement officers to fight cyber crime. What’s more, CCSR is particularly committed to encouraging the participation of women in cyber security through internships, camps, and mentorship.

    Another initiative we should highlight is MSU’s High Performance Computing Collaboratory (HPC²), which hosts the:

    More Information

  18. 18

    University of Kansas

    KU’s School of Engineering offers one graduate degree that’s specifically devoted to security—the MS in Information Technology (MSIT) with a focus in Cyber Security. The focus includes a traditional core (e.g. network security, IA, project management, etc.) and a large number of electives.

    Alternatively, you might choose to pursue an MS or PhD in Computer Science or Computer Engineering and customize it with courses from the Security and Assurance cluster.

    Not ready for a degree? KU’s 12-credit Graduate Certificate in Cybersecurity is designed for professionals with two or more years of practical experience in IT who want to hone their skills in advanced areas of information security.

    Research and Initiatives

    KU’s ranking is partly due to its dedicated faculty. For example, at the Information and Telecommunication Technology Center (ITTC), you’ll find the Information Assurance Laboratory (IAL)—focused on developing, verifying, and fielding high-assurance information systems—and research projects on areas such as communication & network systems security.

    On top of this, KU supports the student-run KU InfoSec Club, helps to organize the Central Area Networking and Security Workshop (CANSec), and has made a public commitment to promoting diversity in engineering disciplines.

    More Information

  19. 19

    Norwich University

    The oldest private military college in the country punches above its weight. If you like Vermont’s rolling hills, the College of Professional Schools offers a BS in Computer Security and Information Assurance (CSIA) with a concentration in digital forensics or advanced information assurance. This includes a practicum and plenty of fascinating security electives. Undergraduates also have the option to choose a Minor in Computer Crimes and Forensics or a Minor in Information Assurance.

    In addition, there are a number of distance learning options, including the:

    • Online BS in Cyber Security: Tailored to working professionals, the BS allows you to select a concentration in computer forensics & vulnerability management (e.g. malware forensics, vulnerability testing, etc.) or information warfare & security management (e.g. defense, security policy, systems assurance, etc.). Foundational courses cover key IT areas and electives dip deep into concentration subjects.
    • Online MS in Information Security & Assurance: The MS is available in multiple concentrations and completed in three six-month semesters. In the final semester, you’ll be able to focus on your area of interest before you attend a final, one-week residency on Norwich’s campus.

    Finally, we should note all of the 11-week courses (12 graduate credits) that you can add to your résumé to improve your hiring chances. These include the:

    Certificate credits can be used toward Norwich’s masters’ degrees.

    Research and Initiatives

    As you might expect, Norwich has a tight relationship with the military—in 2017, the Department of Defense Cyber Crime Center (DC3) certified Norwich as a National Center for Digital Forensic Academic Excellence (CDFAE). Among the Norwich University Applied Research Institutes (NUARI) are the Cyber Conflict Research Institute (CCRI) and Defense Technologies Research Institute (DTRI). Both are heavily involved in battling new security threats.

    Training is another key strength. NUARI is responsible for projects like the DECIDE® Platform and the PPD-41 Learning Module, and its Learning Technologies Research Institute (LTRI) was one of the five founding members of the National Cybersecurity Preparedness Consortium (NCPC). Through the Cyber P3 initiative, Norwich has become one of six centers of cybersecurity training for the U.S. Army Reserve.

    Want to try before you buy? Norwich runs a free, week-long pre-college program—the Cyber Security and Cyber Defense Camp—for high school students. The Norwich University Center for Advanced Computing and Digital Forensics (NUCAC-DF) also helps coordinate a variety of student activities & competitions.

    More Information

  20. 20

    Carnegie Mellon University

    CMU has a dizzying array of cyber security graduate programs, each with its own unique slant. If you’re seeking a technical degree, your choices include the:

    • MS in Information Security (MSIS): This two-year program is designed to produce security experts who are trained to handle complex data, networks, and systems security issues. You can customize the program with a certificate in Cyber Operations or Cyber Forensics and Incident Response.
    • MS in Information Networking (MSIN): Although the two-year MSIN has a broad core (e.g. computer science, engineering, information systems, etc.), it does allow you to concentrate on security electives. You must complete an INI-approved internship to graduate.

    Looking for something more specialized? Try the:

    Seeking to travel? CMU also offers the:

    For doctoral work, you can tailor a PhD in Electrical Computer Engineering (ECE), a PhD in Computer Science, or a PhD in Engineering and Public Policy to your specific interests.

    Research and Initiatives

    CMU is huge in the world of cyber security. Not only does it hold CAE-CDE, CAE-O, and CAE-R designations, it runs CyLab—the largest university-based cyber security research & education institute in the country. CyLab has major research projects, multiple centers & labs, and partnerships with plenty of recognizable names.

    What’s more, CyLab is affiliated with the:

    In addition, there’s tons of research being done by faculty in CMU’s departments. These are just a few reasons why CMU’s graduate programs usually appear in the top 5 of U.S. News & World Report rankings for engineering & computer science.

    More Information