In May 2016, the New York state senate passed a bill designed to strengthen cyber security and combat cyber terrorism in New York. The bill would create the New York State Cyber Security Initiative, which encompasses three vital programs:
- The New York State Cyber Security Sharing and Threat Prevention Program to increase the availability and quality of cyber threat information among law enforcement agencies
- The New York State Cyber Security Partnership Program to share cyber threats with citizens, the private sector and government
- The New York State Cyber Security Advisory Board to make recommendations on how best to protect the state’s critical infrastructure
A related bill would also require the Department of Homeland Security to work with state officials to review the state’s cyber security measures every five years.
- The UC Berkeley School of Information's Online Master of Information and Cybersecurity prepares students with the technical, conceptual, and practical skills needed for a professional career in cybersecurity. Complete in 20 Months. GRE/GMAT required. Request information.
- Syracuse University's College of Engineering and Computer Science offers a Master of Science in Cybersecurity program delivered online. The program prepares students with the necessary foundations for the design and development of assured, secure computer systems in order to predict, prevent, and respond to cyber attacks. Bachelor's degree is required. Request Information.
No one is immune to cybercrime, from the financial giants on Wall Street to individual citizens trying to protect their digital identities. During New York’s Fashion Week in February 2016, even the fashion industry asked the government to strengthen cybersecurity measures to protect intellectual property and even such fashion tech products as smart clothing and designer digital wearables.
The state of New York deals with cybersecurity problems through its New York State Intelligence Center (NYSIC), operating as a fusion center for federal, state and local law enforcement. Even with a formal information sharing process in place, however, information does not always flow as freely from state to federal agencies as it should, according to some state government officials. Robert Galvin, the chief technology officer for the Port Authority of New York and New Jersey, notes that even with this fusion center in place, there is no one dedicated organization responsible for coordinating a response to a coordinated cyber attack.
Brigadier General Steven Spano, president and chief operating officer of the Center for Internet Security, notes that people with information technology security skills, like those gained through graduate studies, have been the most difficult for states to recruit and retain.
Earning a Master’s Degree or Graduate Certificate in Cybersecurity in New York
Upon completing a master’s degree or graduate certificate program in cybersecurity graduates would be expected to be able to confidently demonstrate their ability to architect secure systems and monitor security threats to those systems, proactively implement defense strategies, utilize programming languages, mine and interpret big data, and provide risk assessments.
The National Security Agency and Department of Homeland Security offer two designation classifications applicable to schools that offer graduate programs in information security and cyber defense:
- CAE-CDE – National Center of Academic Excellence in Cyber Defense Education (qualifying colleges and universities offering bachelor’s, master’s, and graduate certificates)
- CAE-R – National Center of Academic Excellence in Cyber Defense Research (schools that participate in research initiatives and that integrate a strong research component into the curriculum of bachelor’s and graduate programs)
NSA/DHS designated online programs offer a level of flexibility not found through conventional campus-based programs. Through online problem modules that students complete at their own pace, discussion forums that allow for meaningful interactions with peers and professors, and mock threat simulations and response drills, distance learning programs offer an experience with all the rigor of a campus-based program.
The typical master’s program in cybersecurity through an NSA/DHS designated school includes approximately 18 core and 18 elective credits, while graduate certificate programs typically include about 15 core credits and two electives.
Graduate cybersecurity programs are highly selective, mandating that applicants meet certain prerequisites before enrollment, such as:
- Holding a bachelor’s degree in computer science, mathematics, information technology, engineering, science or a related field
- Maintaining a minimum GPA of 3.0 in an undergraduate program
- Passing scores on an entrance exam such as the Graduate Management Admission Test (GMAT) or the Graduate Record Exam (GRE)
- Writing a statement of purpose stating an applicant’s cybersecurity experience and reasons for applying to the graduate program
- Completing these prerequisite courses:
- One year of calculus
- One mathematics course beyond calculus (such as differential equations, discrete mathematics or linear algebra)
- One year of university-level science
- One course in data structures
- One course in high-level, general purpose computer programming (usually C++ or Java)
- Demonstration of a basic understanding of computer fundamentals like computer operation and organization and computer architecture
Graduate cybersecurity programs may admit students conditionally with the understanding that they must complete undergraduate-level bridge courses to make up for any deficits in the prerequisites listed above.
Core Courses and Electives Found in Cybersecurity Master’s Programs
The typical graduate cybersecurity degree program will include the following core courses:
- Introduction to operating systems
- Computer networking
- Design/analysis of algorithms
- Information, security and privacy
- Network security
- Applied cryptography
- Application security
Graduate cybersecurity programs may offer electives that include:
- Computer architecture
- Penetration testing and vulnerability analysis
- Information systems security engineering and management
- Digital forensics
NSA and DHS Designated National Centers of Academic Excellence in New York
As of 2018, the following schools have met the rigorous criteria required to earn the NSA/DHS National Center of Academic Excellence in Cyber Defense Education (CAE-CDE) designation for their master’s and post-bachelor’s certificate programs:
Pace University, School of CSIS
- Master of Science in Information Technology–Cybersecurity Concentration
- Master of Science in Information Systems
Fordham University, Department of Computer and Information Science
New York Institute of Technology, School of Engineering and Computing Sciences
Rochester Institute of Technology, Department of Computing Security (Also holds the NSA/DHS National Center of Academic Excellence in Cyber Defense Research (CAE-R) designation.)
Syracuse University, Engineering and Computer Science (Also holds the NSA/DHS National Center of Academic Excellence in Cyber Defense Research (CAE-R) designation.)
University of Buffalo, the State University of New York, Computer Science and Engineering (Also holds the NSA/DHS National Center of Academic Excellence in Cyber Defense Research (CAE-R) designation.)
Utica College, School of Business and Justice Studies
- Master of Professional Studies in Cyber Policy and Risk Analysis
- Master of Science in Cybersecurity
- Cybersecurity Certificate Programs
Additionally, the following schools hold the NSA/DHS Center of Academic Excellence in Cyber Defense Research (CAE-R) designation:
Additionally, New York University, Tandon School of Engineering and University at Albany, the State University of New York hold the NSA/DHS National Center of Academic Excellence in Cyber Defense Research (CAE-R) designation.
Opportunities Available to Master’s-Prepared Cybersecurity Analysts and Specialists in New York
According to a 2015 report published by job market analytics company Burning Glass Technologies, between 2010 and 2014 job postings for cybersecurity analysts, auditors, architects, engineers and more in New York rose by 104 percent.
The following job listings sourced in June 2016 reflect current job opportunities and offer insight into the numerous types of professional opportunities available to master’s-prepared cybersecurity graduates in New York. (Shown for illustrative purposes only and not meant to imply any guarantee of employment):
Senior IT Security Analyst, NYU Langone Medical Center– New York, NY
- Develop, update and educate the hospital workforce on IT security policies, standards and best practices
- Comply with related industry standards and regulations (such as HIPAA, Meaningful Use, FISMA, PCI, FERPA)
- Lead training and awareness activities to maintain security awareness program in hospital
- Work with IT subject matter experts to be sure that standards and policies reflect their procedures
- Bachelor’s degree in computer science, cyber security or related field required; master’s degree preferred
- Five years of experience in IT security policy required
- CISSP Certified Information Systems Security Professional (ISC2), CISA Certified Information System Auditor certifications preferred
- Strong knowledge of laws, industry regulations and standards that govern information security frameworks and practices required
Director, Cyber Risk & Compliance, Dow Jones- New York, NY
- Set and execute cybersecurity strategy for Dow Jones & Co
- Engage leaders from technology and business to understand and prioritize cybersecurity risks
- Create cyber risk management program to focus cybersecurity investments with guidance from the Cybersecurity Steering Committee
- Develop and maintain budgets
- Bachelor’s degree in cyber security or related field required; master’s degree preferred
- Six years of information security experience in increasingly responsible roles
- Professional certification in information security (such as CISA, CISM or CISSP) required
- Experience managing a small team required
Research Staff Member – Security Department, IBM’s Thomas J. Watson Research Center- Yorktown Heights, NY
- Conduct fundamental and applied research in security and privacy
- Build new and innovative security technologies in research areas such as cybersecurity analytics, information security and cryptography
- Define new research directions
- Drive a project from exploratory thinking to developing a practical service or solution
- Graduate degree in computer science or closely related field preferred
- One to three years of experience in designing and building secure systems
- One to three years of experience in monitoring and analyzing systems, malware or networks
- One to three years of experience in mobile and information security
Security Engineer II, Mediacom Communications – Blooming Grove, NY
- Analyze external and internal threats to protect sensitive data within company network
- Investigate and resolve security incidents
- Analyze effectiveness of existing security measures
- Recommend changes to improve company security
- Bachelor’s degree in cyber security, computer science, telecommunications or information technology required; master’s degree preferred
- Five or more years of hands-on technical security experience required
- Experience with firewall technologies and security tools required
- Security certifications such as CISSP, CISM, CISA, CRISC, SANS GIAC and OSCP preferred