MSc Cyber Security

Programme overview

This master’s degree is designed for aspiring professionals who are looking to gain valuable insight into the methods, approaches and concepts in cyber security. You’ll build essential foundation skills to help you advance your career as a cyber security specialist over the long term, while gaining hands-on experience with the latest industry case studies. You’ll learn a broad range of timely and relevant topics to prepare you for real-world career success and ensure that you can make an immediate impact at any organisation.

Your faculty in this programme are pioneering and influential researchers, academics, and professionals in the security field, who regularly provide expert advice to a range of major bodies, including UK Government All Party Parliamentary Groups, the International Organisation for Standardisation and the International Electrotechnical Commission, the European Telecommunications Standards Institute, and the Internet Engineering Task Force.

When you graduate, you’ll be able to:

• Build practical applied skills relevant to current and emerging demands in the cyber security field.
• Master the latest and most relevant tools, techniques, strategies, and technologies.
• Refine your ability to think critically about how organisations manage security.
• Enjoy direct access to industry professionals with specific expertise in key areas of cyber security.
• Gain experience working with real-world case studies that reflect new and timely challenges.
• Develop independent critical and evaluative skills and the intellectual curiosity to sustain lifelong learning.
• Earn a globally recognised qualification from one of the top 30 universities in the UK, with a long history of leadership and innovation in information security and cyber security.

Curriculum

Cyber security foundations (CYM010) In this module, you’ll receive an introduction to the broad range of concepts, challenges and technologies that form the foundation of cyber security. You’ll gain an understanding of what cyber security is and why it is important, and will explore the techniques and technologies that are used to achieve cyber security. With this knowledge, you’ll be able to apply the ideas and skills developed in other modules in a broader context.

Security management and governance (CYM020) In this module, you’ll build your understanding and appreciation of the need for effective security management. You’ll study different approaches to management in practice, including security standards and the fundamental importance of a risk-based approach. After completing the module, you’ll also understand key components of practical cyber security management, including the impact of law and regulation, the importance of auditing, and the key role of people in achieving cyber security. You’ll also consider case studies of failures to help you understand the importance of effective security management.

Cybercrime (CYM030) In this module, you’ll develop a broad understanding of the cybercrime environment by combining economic, technical, political, legal, and psychological angles of cybercrime. You’ll consider the evolution and current forms of cybercrime, as well as the context of crimes, the motivations of actors, and the technical mechanisms and tools that are used. Additionally, you’ll explore the challenges that these phenomena pose and the capabilities and limitations of law enforcement and investigations. You’ll develop an understanding of the cybercrime environment through real-world examples and case studies.

Applied cryptography (CYM040) In this module, you’ll explore the role of cryptography in supporting security for everyday applications such as the internet, mobile phones, wireless networks, and cryptocurrency. You’ll develop an understanding of the functionality and purpose of the main cryptographic tools that we use today. You’ll also learn how to make decisions about which cryptographic tools to use in specific settings. Finally, you’ll explore the wider infrastructure surrounding cryptography and how this impacts the overall security of systems that use cryptography.

Network and infrastructure security (CYM050) This module builds on the foundations of cyber security so you can develop your understanding of the key technologies that are used in computer networks and infrastructure. These include operational technologies and critical national infrastructure – protocols, computer networks, data centres, and operational technologies – that are critical to the success of organisations and services, from a local to an international scale.

The module covers vulnerabilities and the exploits that target computer networks and systems, and the internet infrastructure. You’ll get an introduction to modeling, assessing, and testing networks and systems, and you’ll explore key aspects of the topic through case studies.

Computer systems security (CYM060) In this module, you’ll explore security mechanisms in modern computer systems. You’ll look at the core concepts – security policies, security models, subjects and objects, authorisation, and access rights – and gain an understanding of why operating systems and computer systems remain vulnerable to attack, and how they can be strengthened. We will also discuss security issues for computer hardware and software, user authentication, access control models and policies, how authentication and access control are implemented in commercial products, virtualisation, containers, and cloud infrastructure. You’ll explore key aspects of this topic through case studies.

Software and application security (CYM070) In this module, you’ll get an introduction to the principles around software and applications, including security and the issues of malicious software. You’ll study the techniques used for secure software development, the principles of secure programming, and the most common software vulnerabilities that can be introduced during software development. At the end of the module, you’ll discuss the wider considerations and research direction for software and application security. You’ll explore key aspects of software and application security through a number of topical case studies, such as the web and the cloud. This module complements the Computer Systems Security and Infrastructure Security modules.

Security and behaviour change (CYM080) Security is heavily dependent on humans and their actions. These actions can either strengthen or diminish security levels. In this module, you’ll explore the relationships between security and human behaviour in multiple settings. You’ll consider perceptions and practical implementations of security, on both an individual and a group/societal level. You’ll utilise concepts from behavioural economics, decision-making, and psychology, along with mechanisms to design and encourage changes in security behaviours. Finally, you’ll examine the construct of a security culture and its relationships with norms, habits and awareness training.

Information privacy (CYM090) In this module, you’ll learn about the challenges facing any organisation in managing data privacy. You’ll gain an understanding of the meaning of data privacy and will examine the serious legal constraints facing all organisations which make data privacy a key issue for cybersecurity risk management. You’ll examine key governance matters, including privacy impact assessments. You’ll also consider the role of technology in supporting privacy, including de-identification techniques for datasets, homomorphic encryption, and other privacy enhancing technologies. Finally, you’ll study a privacy case study, such as e-voting.

Research methods for cyber security (CYM100) In this module, you’ll build the skills and knowledge that you need to undertake the dissertation project. You’ll study key aspects of research methods and develop a topic for your dissertation project. At the end of this module, you’ll produce a report that describes the project, provide an initial literature review, and create a project plan.

Project (CYM500) MSc only With this project, you’ll have the opportunity to produce a major individual piece of work which demonstrates your understanding of your chosen specific area of cyber security and your ability to reason. The project can be either a piece of academic research or a professional investigation which documents the ability of organisations or individuals to deal with a practical aspect of cyber security.

The project represents the key difference between the Postgraduate Diploma, which is a taught qualification, and the award of an MSc, which incorporates this substantial piece of individual work.

Try a Course

The University of London offers a number of online taster courses and Massive Open Online Courses (MOOCs), designed to introduce themes that are included in degree programmes.

Cyber Security Fundamentals

This course is intended to provide a general introduction to key concepts in cyber security. It is aimed at anyone with a good general knowledge of information and communications technology. The nature, scope and importance of cyber security are explained, and key concepts are justified and explored. This includes examining the types of threat that cyber security must address, as well as the range of mechanisms, both technological and procedural, that can be deployed.

The role of cryptography in providing security is explored, including how algorithms and keys play their part in enabling cyber security. The key supporting function played by key management is identified, including why the use of cryptographic functions depends on it.

The need for security management in an organisation is explained, and its main elements are introduced - including the key role played by risk management. The importance of standardised approaches to security management is explained, as is the notion of compliance.

Enroll today

Introduction to Applied Cryptography

This course is a non-mathematical introduction to the role that cryptography plays in providing digital security for everyday applications such as the internet, mobile phones, wireless networks and cryptocurrency.

In this introductory course you will develop an understanding of the functionality and purpose of the main cryptographic tools we use today. You will learn how to make decisions about which cryptographic tools are most appropriate to deploy in specific settings. You will also explore the wider infrastructure surrounding cryptography and how this impacts the overall security of systems deploying cryptography.

Cryptography provides the core toolkit that underpins most digital security technologies. An understanding of what cryptography does, and its limitations, is critical to developing a wider appreciation of the security of everyday digital applications. Since cryptography provides tools for atomic security services such as confidentiality and data integrity, an appreciation of cryptography will also equips you with a fundamental understanding of what security means in cyberspace.

Enroll today