Take a Leadership Role in Cybersecurity
The online graduate certificate in Cybersecurity Management from Saint Mary's University of Minnesota is designed to equip you with the tools to engage with cutting edge cybersecurity measures. More importantly, the certificate program will prepare you to lead others in building effective, comprehensive information security strategies.
Administer Security Strategies from the Top
As you advance through the online graduate certificate in cybersecurity management curriculum, you'll gain the skills necessary to lead teams of security professionals as you seek to protect sensitive data and information. In the program, you'll engage with topics that will prepare you to identify potential vulnerabilities and threats, analyze possible solutions, delegate responsibilities to team members, and report conclusions to relevant stakeholders. Gain a real-world understanding of the field of cybersecurity with Saint Mary's.
Saint Mary's Accelerators
Saint Mary's offers a selection of graduate certificate programs designed to accelerate your degree and help you achieve your goals faster. Customize your education and get a glimpse of graduate coursework by stacking Saint Mary's Accelerators, each of which requires the completion of 12–15 credits and adds only six additional credits to your degree program. Complete extra credentials and gain a competitive edge for your field while saving time and money.
Additionally, several certificate programs also offer Credly badging for each course. These badges serve as a graphic representation of the skills you gained by completing a specific course or graduate certificate program. They can be displayed on social media platforms like LinkedIn and your CV and resume to visually showcase your specific leadership knowledge and skills to current and potential employers, credentialing programs, and admissions offices.
One of the hallmarks of our “accelerators” is that they are stackable into or onto full degree programs. Students can pursue a graduate certificate and then decide to continue into a full degree program in the same or a different discipline.
-Michelle Wieser, Ph.D., Dean of the School of Business and Technology
To learn more about Saint Mary's graduate certificates check out this interview with Michelle Wieser.
Curriculum
From the online graduate certificate in Cybersecurity Management, you will engage with a variety of topics that will prepare you to become a leader in the field. The courses you will be presented with include security architecture, change management, security policy, and risk management. The program's coursework is structured to prepare you to lead teams in developing comprehensive security strategies, locating potential problem areas, and responding to unexpected breaches.
For current degree requirements, visit the Saint Mary's University of Minnesota Course Catalog.
Certificate Courses
CYBR600 Foundations of Cybersecurity (3 cr.) (required first course)
This course provides an overview and foundational understanding of concepts essential to the cybersecurity professional to evaluate best practices in implementing security systems within the enterprise. This course covers key bodies of knowledge in security, privacy, and compliance. Topics include security planning, risk management, security technologies, basic cryptography, digital forensics, application security, intrusion detection and prevention, physical security, and privacy issues.
Upon completion of this course, students are expected to be able to do the following:
- Apply the principles of information technology security.
- Analyze situations of computer and network usage from a security perspective to develop a security mindset.
- Explain information security’s importance in our increasingly computer-driven world.
- Identify appropriate strategies to ensure confidentiality, integrity, and availability of information.
- Express management’s role in the development, maintenance, and enforcement of an information security program.
- Describe the relationship among laws, regulations, and professional issues in information security.
- Articulate how cryptography serves as the central language of information security.
- Analyze how physical security fits within an information security program.
- Define the roles of computer forensics in information security.
- Apply basic software tools for assessing the security posture of a business.
- Explain how issues of privacy relate to business information security.
CYBR615 Cybersecurity Change Management (3 cr.)
This course describes the business context in which a cybersecurity professional must function within an organization. Students examine the interplay between business process and cybersecurity issues in mitigating security threats. An overview of audit, compliance, regulation and liability for business security are provided, along with how to construct effective continuity and disaster recovery plans, is provided.
Upon completion of this course, students are expected to be able to do the following:
- Manage business decisions affected by changing and diverse external and internal security threats.
- Align security functions to business strategy, goals, mission, and objectives.
- Determine compliance requirements among contractual, legal, regulatory, privacy requirements, and industry standards.
- Outline legal and regulatory issues that pertain to information security in a global context in areas such as cyber-crimes and data breaches, licensing and intellectual property requirements, import/export controls, trans-border data flow, and privacy.
- Identify, analyze, and prioritize business continuity requirements through development of a scope and plan and business impact analysis.
- Implement disaster recovery processes and understand concepts of response, recovery personnel, communications methods, damage assessment, system restoration and training and security awareness.
- Address security concerns related to personnel safety, travel, security training and awareness, and emergency management.
- Develop a security awareness and training program.
CYBR620 Operational Security Policy (3 cr.)
In this course, students examine the roles of security policies, standards, and procedures in addressing business and technical security risks. Students explore the types of policies that are part of an overall security strategy. Policies are discussed that drive computer security, including discretionary access control, mandatory access control, and role-based access control types of policies, and how these are used in organizations. Students develop policies and deployment plans as part of the comprehensive strategic plan for the enterprise.
Upon completion of this course, students are expected to be able to do the following:
- Develop high-level security policies that directly support the mission, vision, and direction of an organization.
- Develop issue-specific policies to control use of resources, assets, and activities to support the organization’s goals and objectives.
- Develop system-specific policies that express technical details for the implementation, configuration, and management of the system that includes configuration rules and access control.
- Develop, document, and implement security policy, standards, procedures, and guidelines.
- Create security procedures and administration controls for the enterprise.
- Evaluate physical and logical access to assets such as information, systems, devices, and facilities.
- Manage identification, authentication, and authorization of people, devices, and services.
CYBR625 Risk Management (3 cr.)
This course includes a study of the existing risk management frameworks, models, processes, and tools to provide students with the theory and practical knowledge needed to operationalize risk management in an organization or government agency. Additionally, fundamental concepts in information technology security audit and control processes for an organization are discussed. Students learn to create a control structure and audit an information technology infrastructure.
Upon completion of this course, students are expected to be able to do the following:
- Perform a risk assessment to determine the extent that an organization’s technology assets are exposed to risk.
- Demonstrate the concepts of risk appetite and residual risk as they apply to information assets of an organization.
- Complete a threat assessment that identifies asset vulnerabilities and ranks threats based on likelihood and financial impact.
- Apply the risk control strategies of transfer, mitigation, acceptance, and termination and how a cost-benefit analysis is utilized in determining which strategy to implement.
- Employ risk assessment and analysis techniques that include risk response and countermeasure selection and implementation.
- Apply risk-based management concepts to the supply chain with an understanding of risks associated with hardware, software, and services.
- Conduct a security control testing plan that involves a vulnerability assessment, penetration testing, log reviews, synthetic transactions, code review, and interface testing.
- Verify controls are applied consistently.
- Define how business alignment, risk appetite, and risk aversion affect the security program implementation.
CYBR645 Incident Response and Investigation (3 cr.)
This course introduces the principles and best practices for incident response, along with an overview of digital forensics. Students understand the goals of incident response and learn how to prepare and respond to information security incidents and understand how the incident occurred. Students understand the process of collecting and analyzing data, and the process of remediation. The course outlines the investigative and analysis process, tools, digital evidence, and applicable law with a focus on computer, mobile, network, and database forensics.
Upon completion of the course, students are expected to be able to do the following:
- Implement the basics of evidence collection and documentation, reporting, investigative techniques, digital forensics tools, and procedures.
- Interpret requirements for investigation types of administrative, criminal, civil, regulatory, and industry standards and the associated costs.
- Identify the implications of data location in responding to security incidents.
- Conduct incident management through all stages of a breach with knowledge of detection, response, mitigation, reporting, recovery, and remediation.
- Adjust preventative measures in response to security incidents.
- Implement recovery strategies such as backup, recovery sites, multiple processing sites, and system resilience via high availability, Quality of Service (QoS), and fault tolerance.
- Develop incident reports and analysis presentations.
Certificate Outcomes
In the online graduate certificate in Cybersecurity Management, you can expect to learn how to:
- Apply industry best practices of business administration operations to develop a security plan
- Lead teams in providing innovative and proactive security measures
- Communicate technical information to non-technical audiences
- Balance organizational needs with security architecture development
Career Outlook
The need for trained and experienced cybersecurity leaders is growing across an array of industries. As diverse organizations aim to protect sensitive information and data, more employers are seeking cybersecurity managers. According to the Bureau of Labor Statistics, computer and information systems manager positions are expected to grow by 10% through 2029. Additionally, these positions usually carry a yearly salary of $146,360.1
Other positions include:
- Director of Information Security
- Information Security Manager
- Cybersecurity and Compliance Program Manager
- Governance Compliance & Risk Manager
Admission Requirements
To apply for the online Graduate Certificate in Cybersecurity Management from Saint Mary's University of Minnesota, you'll need:
- An undergraduate degree from a regionally accredited institution
- A minimum GPA of 2.75 on a 4.0 scale
- A written statement: Your background and future goals all impact your success with Saint Mary's and inform your education. As you prepare your written statement, think about including previous experiences, education, and your strengths and interests. Share your motivations for earning the online artificial intelligence certification and how it will contribute to your career.
- Two email and phone references: Please provide contact information for two Individuals who can speak to your professional and academic abilities.
- A current resume: Include both your educational and professional experience.
- If your overall GPA is below 2.75, you may receive conditional status in the program at the discretion of the program director.