Is a Master's Degree in Cybersecurity Right For Me?

The Master of Science in Information Security Policy & Management (MSISPM) program is the ideal fit for bold, creative students who want to make governments, organizations, and private citizens safer in a connected world.

How do you stay one step ahead of those who pose a threat to cybersecurity and privacy?

By equipping yourself with an education that stands the test of time.

The curriculum of our Master of Science in Information Security Policy and Management goes beyond the standard cybersecurity principles. The coursework encompasses strategy, management, physical security, insider threat analysis, ethical penetration testing and cloud computing—in short, everything you need to become a leader in information security, not just cybersecurity.

_{Information Security Policy and Management not what you’re looking for? Return to the Program Finder.}

Curriculum & Courses

Information Security Policy & Management Core
- Intro to Information Security Management (95-752)
- Intro to Programming with Python (90-812)
- Information Security Risk Management (95-755)
- Managing Disruptive Technologies (95-723)
- Cryptography (95-749)
- Network and Internet Security (95-758)
- Decision Making Under Uncertainty (95-760)
- Privacy in the Digital Age (94-806)
- Organizational Design and Implementation (94-700)
- Economic Analysis (95-710)
- Financial Statements and Analysis of Companies (90-723)
- Software and Security (95-748)
- Statistical Reasoning with R (90-711)
- Writing for Information Systems Management (95-717)
- Professional Speaking (95-718)
- Cybersecurity Policy and Governance (95-744)
- Information Security Capstone Project OR Thesis
PLUS
- Required Summer Internship
For class, syllabi, and faculty information, please visit the Heinz College course catalog.
Information Security Policy & Management Sample Electives
- Cybersecurity for Artificial Intelligence & Machine Learning (95-767)
- Network Defenses (95-884)
- Engineering Privacy in Software (95-878)
- Malicious Code Analysis (95-759)
- Applied Threat Analysis (95-889)
- Ethical Penetration Testing (95-883)
- Introduction to Artificial Intelligence (95-891)
- Blockchain Fundamentals (95-810)
- Introduction to Database Management (90-728)
- NoSQL Database Management (95-737)
- Advanced Relational Database Management (95-736)
- Introduction to Cyber Intelligence (95-844)
- Cloud Security (95-746)
- Privacy, Policy, Law, and Technology (95-818)
- Policies of Wireless Systems (95-824)
- Internet of Things (95-733)
- Information Security Policy & Management (95-757)
- Security Data Analytics (95-747)
- IT Project Management (95-808)
- Data Warehousing (95-797)
- Strategy Development (94-811)
- Object-Oriented Programming for Managers (95-807)
*Students may also enroll in graduate-level courses from other Heinz College programs as well as other departments across Carnegie Mellon University’s campus, with approval. Many MSISPM students enroll in courses offered by CMU's Information Networking Institute (INI), including:
- Applied Information Assurance
- Cyber Risk Modeling
- Network Forensics
- Host Based Forensics
For class, syllabi, and faculty information, please visit the Heinz College course catalog.

For detailed curriculum information, please visit the Student Handbook.

Information security policy and management sample schedule

Below is one possible schedule for the cybersecurity master's program. Actual schedules will vary depending on electives.

Class titles in bold are core courses. Heinz College offers a mix of full-semester (14 weeks) and half-semester courses (7 weeks) for core and elective courses.

Year 1 - Fall SEMESTER

Intro to Programming with Python*
Intro to Information Security Management
Decision Making Under Uncertainty*
Statistical Reasoning with R
Organizational Design and Implementation*
Economic Analysis*
Writing for Information Systems Management*

Year 1 - Spring SEMESTER

Ethical Penetration Testing*
Software and Security*
Network and Internet Security
Privacy in the Digital Age*
Managing Disruptive Technologies*
Financial Statements and Analysis of Companies*
Professional Speaking*

--REQUIRED SUMMER INTERNSHIP--

Year 2 - Fall SEMESTER

Cybersecurity Policy and Governance
Cybersecurity for Artificial Intelligence & Machine Learning*
Introduction to Cyber Intelligence*
Cloud Security*
Network Defenses*
Advanced Relational Database Management*

Year 2 - Spring SEMESTER

Information Security Capstone Project OR Thesis
Cryptography*
Information Security Risk Management*
Security Data Analytics*
Malicious Code Analysis*
IT Project Management*

*Half-semester courses

Who are our students?

The average class is diverse, both in terms of demographics and experience/education. Data shown reflects the last three years.

See the Admissions page for detailed admissions requirements for the MSISPM program.

Class Profile

*GMAT score data does not include GMAT Focus results. Applicants who have taken (or plan to take) the GMAT Focus are encouraged to use GMAC’s concordance table.

Related programs to consider

MISM

Master of Information Systems Management

The Master of Information Systems Management (MISM) is our flagship information systems program, with a focus on technology leadership

Learn More

MSIT

Master of Science in Information Technology

The Master of Science in Information Technology (MSIT) is our part-time "anytime, anywhere" online IT program, ideal for current IT professionals and offering a concentration in Information Security & Assurance

Learn More

Executive Education

Certificates in technology leadership and management

Our Executive Education certificate programs cover business technology skills and best practices relevant to current and future CIOs, CISOs, CROs, leaders in data and digital transformation, and others with IT oversight

Learn More