“California is at the center of the digital revolution that is changing the world.”
-Kamala D. Harris, Attorney General of the California Department of Justice
California is widely known as an active hub of technological innovation. In fact, as a cybersecurity specialist, there’s hardly a better place to work.
Burning Glass Technologies reported that the number of cybersecurity job postings in California grew by 75% from 2010 to 2014. In 2015, San Francisco had the third highest number of postings for cybersecurity positions of any city in the US.
With an impressive market for information security professionals and the opportunity to earn a higher than average salary, (in 2015, the US Bureau of Labor Statistics reported that information security analysts in California earn an average of $109,110), programmers, IT analysts and other computer science majors are taking a long look at earning a master’s degree in cybersecurity.
In recent years, cyber threats, DDoS attacks, SQL injections, and spear phishing schemes have increased, but California has remained proactive about protecting the integrity of its cyber infrastructure.
Here’s a quick synopsis of important initiatives to take place in California:
- Tracing back to 2003, California became the first state to require government agencies to report all data breaches. The state maintains a progressive approach to cybersecurity—in 2016, that same law was revised in order to require agencies to submit more detailed information about data breaches, providing cybersecurity analysts with more data to work with during remediation efforts.
- In 2013, California launched a cybersecurity task force with the intention of bolstering cybersecurity and improving relationships with information security teams in both the public and private sectors.
- In 2015, Tech Co. reported that California’s cyber security policy was the strongest in the US, due to the California Electronic Communications Privacy Act (CalECPA), which bars law enforcement from forcing any business to submit metadata without a warrant and requires lawmakers to seek a warrant before tracking cell phones or other devices.
Moving forward, California has already identified its largest security vulnerabilities. In 2014, Attorney General Kamala D. Harris reported that one of California’s biggest threats to cybersecurity is the sensitive information that millions of residents carry with them on mobile phones and devices. Additionally, The Sacramento Bee reported that safeguarding the critical infrastructure of power and water industrial automation systems with potential vulnerabilities is key to the safety of Californians.
In a 2016 list of the 100 most innovative companies in cybersecurity released by market intelligence firm Cybersecurity Ventures, 25 were based in California. Boeing, Yahoo, Sony Electronics, Google, and IBM are all among the big-name companies in California that are currently hiring cybersecurity team members.
From public administration, manufacturing and defense, professional services, educational services, finance and insurance, healthcare and social assistance, and on and on … cybersecurity professionals can be found in every industry in California, protecting intellectual property and technological infrastructure against outside threats.
Earning a Master’s Degree or Post-Bachelor’s Certificate in Cybersecurity in California
California is home to several National Security Agency (NSA) and Department of Homeland Security (DHS) designated schools that offer cybersecurity master’s programs.
The NSA and DHS offer offer designations specific to two classifications of schools that offer graduate programs in information security:
- CAE-CDE – National Centers of Academic Excellence in Cyber Defense Education (qualifying colleges and universities offering bachelor’s, master’s, and graduate certificates)
- CAE-R – National Centers of Academic Excellence in Cyber Defense Research (schools that participate in research initiatives and that integrate a strong research component into the curriculum of bachelor’s and graduate programs)
In addition to traditional on-site programs, the NSA and DHS also recognize online cybersecurity programs throughout the country. Online programs are flexible enough to accommodate the schedules of working professionals and provide a greater variety of program options.
Both online and traditional programs are generally 30 credits long and can be completed over 15 months. 15 of the credits will be core classes, with the other 15 made up of electives.
Students may also seek post-bachelor’s certificates, which are typically 15 credits in length.
Standard Admissions Requirements for Cybersecurity Master’s Programs
Applying to a cybersecurity master’s program requires an excellent educational history, skills in advanced mathematics and programming and, in some cases, high scores on entrance exams. Students will also be expected to maintain a 3.0 GPA during the program.
Minimum requirements to be accepted into a master’s program include:
- Bachelor’s degree in a related discipline, such as computer science, engineering, or applied mathematics
- Minimum 3.0 GPA in bachelor’s coursework
- One year of calculus and one year of a mathematics course beyond calculus
- A course in data structures and a course in Java or C++
- A course in computer organization
Applicants to cybersecurity master’s programs with a GPA less than 3.0 in undergrad studies may be required to take the Graduate Record Examination (GRE) and submit their scores to the university. Master’s programs set highly competitive requirements, and look for the following scores:
- Verbal score of 150 or higher
- Quantitative score of 155 or higher
- Analytical score of 650 or higher
Core Courses, Electives and Program Objectives
Core coursework may vary slightly among programs, but will typically include the following topics:
- Foundations of Information Security
- Policy: The Foundation for Successful Information Security
- Assurance in Cyberspace Applied to Information
- Distributed Systems and Network Security
- Trusted System Design, Analysis and Development
- Secure Systems Engineering
- Computer and Network Forensics
Most master’s programs require 15 credits of electives. Topics may include:
- Applied Cryptography
- Security Systems
- Cyber Wargame: Blue Force Operations
- Threat Modeling and Intel
Graduate-level cybersecurity programs seek to prepare applicants to defend integral infrastructures. Graduates of the program will be well-versed in programming languages and database structures, have experience working with big data, and be able to architect secure systems. Graduates will also be expected to have ample knowledge of system protection techniques for web, mobile and critical infrastructures. Through application of mathematical logic, graduates will be able to detect malware and provide system assurance and risk assessment.
NSA and DHS Designated Research and Education Institutions in California
As of 2016, the following schools have met the rigorous criteria required to earn the NSA/DHS National Center of Academic Excellence in Cyber Defense Education (CAE-CDE) designation for their master’s and post-bachelor’s certificate programs:
California State Polytechnic University, Pomona, Computer Information Systems Department
- Master of Business Administration in Information Management
California State University, San Bernardino, Cyber Security Center
- Master of Business Administration in Cybersecurity
- Master of Science in Cyber Security and Information Assurance
Naval Postgraduate School, Cyber Academic Group (Also holds the esteemed NSA/DHS National Center of Academic Excellence in Cyber Defense Research (CAE-R) designation.)
- Master of Science in Computer Security – Computer Systems and Operations
- Master of Science in Computer Security – Information Security and Assurance
- Cyber Security Adversarial Techniques Graduate Certificate
- Cyber Security Defense Graduate Certificate
- Cyber Security Fundamentals Graduate Certificate
- Information Systems Security Engineering Certificate
San Jose State University, Silicon Valley Big Data and Cybersecurity Center
- Master of Science in Software Engineering with a concentration in Cybersecurity
University of California, Davis, Computer Security Lab (Also holds the NSA/DHS National Center of Academic Excellence in Cyber Defense Research (CAE-R) designation.)
- Master of Science in Computer Science – Information Assurance focus
Additionally, the following schools hold the NSA/DHS Center of Academic Excellence in Cyber Defense Research (CAE-R) designation:
University of California, Irvine, Secure Computing and Network Center
- Information Systems Security Certificate Program
- University of Southern California School of Engineering
- Master of Cyber Security
The following school holds the original NSA/DHS Center for Academic Excellence in Information Assurance Education (CEA-IAE) designation for its master’s degree and graduate certificate programs. The NSA/DHS requires all current CAE/IAE institutions to reapply for the new CAE-CDE designation no later than January 2017.
California State University, Sacramento, Center for Information Assurance and Security
- Graduate Certificate in Information Assurance and Security
- Master of Science in Computer Science, Cyber Operations
- Master of Science in Engineering, Cyber Operations
Opportunities Available to Master’s-Prepared Cybersecurity Analysts and Specialists
California is rich with opportunity for cybersecurity professionals. In 2015, the state boasted the highest number of cybersecurity job postings of all states in the US, and with progressive policy makers in place, the state continues to build cybersecurity strategies that will protect virtual resources in every industry in the state. Master’s-prepared professionals in California can expect the ability to move into senior positions and lead teams of information security professionals.
The following job opportunities, sourced in May 2016, are not meant to provide any assurance of employment. They represent the kind of employment opportunities available to cybersecurity specialists in California, and are shown for illustrative purposes only.
Director of Cyber Security & Incident Response – Cyber Coders in San Francisco
- Minimum of bachelor’s degree; master’s degree preferred
- Experience with incident response, computer forensics
- Preference given to candidates with current certifications, especially: GIAC, GCIH, GCIA, GREM, GCFA, GCFE
- Analyzes data breaches, determines the extent of data loss
- Provides remediation strategies
- Provides risk assessments, IR plans and pen-testing
Senior Cyber Security Engineer – AT&T in San Diego
- Bachelor’s degree minimum; master’s degree preferred
- Minimum five years of experience in information security position
- Design, develop, implant and support cyber security solutions
- Operate and manage information systems
- Implement and monitor security measures
- Execute security policies and procedures
Lead Threat Response Engineer – Apple in Santa Clara Valley
- Bachelor’s at minimum in a related discipline
- 5-10 years of experience in information security
- Knowledge of TCP/IP, UDP, DNS, FTP, SSH, SSL/TLS, HTTP, and others
- Manage a team of information security analysts
- Operate monitoring of security events
- Evaluate security events for context, risk, and criticality