CISS professionals possess the specialized knowledge and skills needed to defend against emerging security threats. The area-specific skills that a graduate degree in computer information systems security can develop include:
- Evaluating an organization’s information security risks and the available tools and resources to deal with the risks
- Designing, implementing, and maintaining network architecture and software systems that reduce risk, prevent hostile attack, and otherwise support security policy and goals
- Determining how legal requirements, compliance requirements, and market trends affect an organization’s security goals
- Managing a security infrastructure
Find CISS Info For Your State
- District of Columbia
- New Hampshire
- New Jersey
- New Mexico
- New York
- North Carolina
- North Dakota
- Rhode Island
- South Carolina
- South Dakota
- West Virginia
While all CISS graduate programs are highly technical, some include business or management courses to prepare students for managerial positions, or to serve as leaders of CISS teams.
Computer Science Degrees
Computer science degrees related to information security are among the most technically-focused CISS degree options, and generally provide the knowledge needed for positions such as information security analyst, system analyst, or information system leader.
Computer science degrees with a specialty track in systems security include:
- MS in Computer Science – Concentration in Computer Systems Security (MSCS-CSS)
- MS Computer Science with specialization in Information Security or in Computer Security
- Master’s Degree in Computer Science with a concentration in Information Security
Typically, these programs teach students about operating systems and networking, computer system architecture, the software system engineering process, as well as other specialized skills needed to develop a security policy, design and implement security measures, and monitor and manage computer systems security.
MSIS and Related Degrees
Many Master of Science in Information Systems (MSIS) programs offer a concentration such as Information Security, Information Systems Security, IT Security, or Computer Security Management. Students complete the core information systems courses plus three to five concentration courses in topics such as network security, identity management, IT audit, IT forensics, legal issues, and data analysis.
Another similar degree is the Master of Science in Computer Information Systems (MSCIS) with a concentration in Security, Information Security, or similar concentration.
MSIS and MSCIS programs usually combine technical IT and systems security training with management training. The focus of these programs can vary, giving students an opportunity to develop an understanding of the technical, business, management, and policy aspects of information security. These programs are well suited for preparing graduates to work as systems security experts who can manage complex data and hardware networks.
MSIS can also be used to describe MS in Information Security programs, which may cover advanced security concepts and prepare students for positions such as Chief Information Officer, Chief Security Officer, Chief Information Security Officer, or network forensic specialist. Some MSIS programs offer the option of a policy/management concentration or a technical concentration.
Variations on the MSIS degrees are the MS in Information Systems and Security and the MS in Computer and Information Systems Security.
There are also MS in Computer, Information and Network Security programs that offer specific security concentrations:
- Computer Security concentration – focus is placed on basic security issue related to designing, analyzing, and implementing distributed systems
- Information Systems Security concentration – focus is placed on the management and organizational aspects of information security
- Network Security concentration – focus is on network infrastructure and network security management
- Governance, Risk, and Compliance cross-disciplinary concentration – focus is on enterprise-wide regulatory compliance, IT audit and information security risk management
For CISS professionals interested in a degree with a stronger business focus, some MBA programs offer concentrations such as Information Security Management or Computer and Information Security.
In these programs, students complete the core MBA courses in addition to courses related to such topics as:
- Computer and network security
- Cyber forensics
- Management of disaster recovery, information security or systems security
- Strategic planning for information security
MBA programs with a CISS concentration are appropriate for corporate IT leadership positions such as Chief Information Officer, Chief Security Officer, or Chief Information Security Officer.
Other Master’s Degrees
Some master’s-level CISS programs focus exclusively on the technical aspects of engineering computer information security systems. Among these are programs such as:
- Masters in Information Security and Assurance
- MS in Cyber Security and Privacy
- MS in Cyber security
- MS in Information Security Engineering
Options that combine a technical, engineering focus with courses related to establishing policy and protocols, and which are well-suited for high-level IT management and leadership positions include:
- MS in Information Security Management
- MS in Information Security Policy and Management
- MS in Security Informatics
Doctoral degrees related to computer information security are also available. Options include:
- PhD in Computer Information Systems with Concentration in Information Security
- PhD in Information Technology with Concentration in Information Security
- PhD IT Concentration in Information Security and Assurance
- PhD in Security Informatics
- PhD in Engineering – Concentration in Security
Computer science and information systems doctoral programs let students focus their research in the area of security, preparing them to become professors or researchers, either within or outside of academia.
Another option is a PhD in Business Administration with a Specialization in Computer and Information Security. These PhD programs focus on developing best practices for legal forensic investigations in business settings.
Committee on National Security Systems Program and
The Committee on National Security Systems (CNSS) sets training standards for CISS professionals tasked with the responsibility of protecting the nation’s information networks.
Certain CISS programs, or some courses within certain programs, can become certified as meeting security standards qualifying graduates for high-clearance work with federal agencies like the NSA. This is an important consideration for CISS professionals intent on pursuing jobs that involve working in high-security, high-clearance environments that adhere to these standards.
Programs that include courses certified under NSTISSI 4011 and one other CNSS standard can apply for the National Centers of Academic Excellence in IA Education Program (CAE/IAE).
For example, the NSTISSI No. 4011 (National Training Standard For Information Systems Security (INFOSEC) Professionals) sets minimum training standards for information security professionals in telecommunications and automated information systems security.
Another example of CNSS program and course certification standards is the CNSSI No. 4013 (National Information Assurance (IA) Training Standard For System Administrators), which sets minimum standards for administrators of classified national security systems and includes guidelines for administrators of unclassified systems.