The emergence, evolution, and advancement of computer networks, digital media technologies, and the interconnected World Wide Web has had vast social, cultural, economic, and political impacts, profoundly reshaping the way we navigate and experience the world. These developments have given us access to new avenues of communication and social networking. They have fostered faster and more efficient modes of commercial, scientific, and political collaboration. They have also created an array of everyday conveniences, from online banking and shopping, to telecommuting and online learning.
Along with these benefits have come consequences, including serious and pressing concerns over information security and cyber criminology. The security risks that networked digital technologies present affect governments, financial institutions, businesses, and individual citizens. These risks are of chief concern to the computer programmers, software engineers, database administrators, and information technology (IT) specialists tasked with building secure digital systems and warding off attacks on the proliferating networks of servers, terminals, and devices that comprise the cyber world.
To put the situation in perspective, 90% of Americans now rely on home internet and/or broadband service, according to the Pew Research Center, which has been tracking internet usage in the US since 2000, when only 50% of Americans were online. The more recent growth in the use of smartphones and other networked wireless devices, often referred to as the Internet of Things (IoT), has created additional cyber vulnerabilities and opened new vectors of attack that can be exploited by hackers and other malicious actors. The Poneman Institute, an independent data protection research organization, recently found that 82% of respondents to its Study on Global Megatrends in Cybersecurity (2018) believe that IoT breaches pose a significant threat to their organizations. The estimated annual cost of cybercrime in the US rose 29% in 2018, from $21.2 million in 2017 to $27.4 million in 2018, according to a 2019 analysis of industry data conducted by the non-profit Insurance Information Institute. In November of 2019, the World Economic Forum published a report forecasting that as much as $5.2 trillion in global assets could be at risk from cyberattack up through 2023.
It is thus not surprising that the US Bureau of Labor Statistics (BLS) is forecasting that demand for information security analysts will grow by an estimated 33% in the coming decade. However, that almost certainly is not the full picture: information security analyst is just one of many job titles in cybersecurity, a field that encompasses a wide array of professional roles and responsibilities performed by trained specialists employed as computer, network, database, and information security administrators, architects, compliance officers, consultants, engineers, investigators, risk managers, and more. While the stereotypical image of the lone computer hacker toiling away at a computer terminal for hours on end to fend off cyberattacks may not be entirely inaccurate, it presents an exceedingly narrow picture of a field in which strategists, policymakers, governance officers, legal experts, and criminal and civil investigators are as important and integral as coders, technicians, and ethical hackers.
Background of Cyber Security Degree Programs
Cybersecurity is a relatively new field of academic and professional study that emerged as computer networks and internet technologies became increasingly commonplace and integral to social, economic, and governmental functions. The field grew out of work in computer programming, software engineering, and information science and technology, as well through information security/information assurance practices (e.g., cryptography, code-breaking, and information classification systems) employed by governments and the military. A timeline tracing the founding of three of the more prominent cyber and information security professional organizations offers an overview of how the field has evolved: the Electronic Data Processing Auditors Association was founded in 1967, changed its name to the Information Systems Audit and Control Association (ISACA) in 1994, and now goes solely by its acronym, ISACA; 1984 saw the founding of the Information Systems Security Association (ISSA International); and in the US, the National Cyber Security Alliance (NCSA) was founded in partnership with the Department of Homeland Security in 2001.
Dedicated information security and cybersecurity degree programs at US colleges and universities began to slowly emerge in the 1990s, mostly through computer science and engineering departments that had been conducting research and training in digital information security in the preceding decades. But with the proliferation of internet technologies, web-based commerce, and massive digital infrastructures that are vulnerable to cyber attack, colleges and universities have introduced a broad array of academic programs in cybersecurity in the past two decades, including bachelor’s and master’s degree programs, and post-baccalaureate and post-master’s certificate programs. In fact, the number of students graduating from cybersecurity degree programs has risen sharply in just the past six years.
Based on an analysis of data collected by the Department of Education for it Integrated Postsecondary Education Data System (IPEDS), the number of bachelor’s degrees conferred by US schools in cyber and information security fields grew almost 250% in the last ten years. For master’s degrees, the number grew over 340% in that same period. (IPEDS data was analyzed from the 2013/14 school year to the 2022/23 school year, which is the most recent data available.) The last five years of IPEDs data is included in the table below.
Table: Cybersecurity Graduates by Degree Level by Year Based on Data from IPEDS
| Degree Level | 2018-19 | 2019-20 | 2020-21 | 2021-22 | 2022-23 |
|---|---|---|---|---|---|
| Bachelor's | 5291 | 5767 | 6546 | 8027 | 9631 |
| Master's | 5729 | 6421 | 6138 | 7439 | 8532 |
| Bachelor's plus Master's | 11020 | 12188 | 12684 | 15466 | 18163 |
While many cybersecurity degree and certificate programs are offered through schools and departments of computer science, engineering, and/or information science and technology, there are colleges and universities that have independent cybersecurity departments and/or institutes. As cybersecurity has emerged as an important issue in law enforcement, homeland security, business, government, and public policy, schools and departments of criminal justice, law, business, and public administration have begun offering programs as well.
Cyber Security Degrees and Specializations
Formal training and instruction in the theories and practices of cybersecurity, as well as in cybersecurity specializations such as digital and computer forensics and cybersecurity governance and policy, are offered in many forms by accredited colleges and universities and also by private companies and professional organizations. There are undergraduate programs in cybersecurity, including associate and bachelor’s degree programs that provide instruction in computer science, computer programming, and the fundamentals of information security. There are also graduate programs at the master’s and doctoral levels that offer advanced cybersecurity training and that typically allow students to specialize in a particular area of cybersecurity research and/or practice.
For students who are looking to gain practical skills without pursuing a full degree program, there are graduate certificate programs in cybersecurity designed for students who hold a bachelor’s, master’s, and/or doctoral degree. There are also computer training programs that are designed specifically for students interested in pursuing one of the many professional certifications in cybersecurity (e.g., CEH, CompTIA Security+, CISSP, CISM, CISA, etc.). Finally, there are cybersecurity bootcamps offered by colleges and universities as well as by private cybersecurity companies and professional groups. While many cybersecurity bootcamps are designed for students who have prior training and experience in computer coding, there are bootcamps for relative newcomers to the field of computer science, as well as bootcamps that cater to IT professionals with a moderate to strong technical background.
At this time, CyberSecurityDegree.com contains comprehensive directories of bachelor’s, master’s, and graduate certificate programs in the field of cybersecurity, and information about cybersecurity certificate programs and bootcamps. A brief overview of each type of degree is included below.
Bachelor’s in Cybersecurity Programs
A bachelor’s in cybersecurity program is an undergraduate program offered by a college or university that culminates in the conferral of a bachelor’s degree, and which provides students with a designated major in cybersecurity. Students in a bachelor’s in cybersecurity program complete general education requirements by taking courses in the arts, humanities, and social and physical sciences before completing courses specific to their major in cybersecurity, which typically include introductory computer science and programming courses followed by intermediate and upper-level courses that focus on the principles and practices of cybersecurity.
Master’s in Cybersecurity Programs
Master’s in cybersecurity is a designation for graduate degree programs that offer advanced training in cybersecurity and which confer a master’s degree, typically a Master of Science (MS) degree, although there are also Master of Applied Science (MAS), Master of Engineering (MEng), and Professional Science Master’s (PSM) programs in cybersecurity. At the master’s level, there are general cybersecurity degree programs, and programs that focus on a cybersecurity specialization, such as digital forensics or cyber law and policy. However, most programs provide general advanced training in the theories and practices of information systems security, computer network protection, malware, cryptography, data security management, penetration testing, and cybersecurity strategies. In addition, there are master’s programs in computer science, computer and software engineering, information technology, and business administration that offer a concentration or specialization in cybersecurity.
Graduate Certificate Programs
Cybersecurity graduate certificate programs are academic programs that provide specialized training in cybersecurity but which do not confer a degree. These programs are shorter than bachelor’s and master’s programs and typically consist of fewer credit/coursework requirements – four to six courses is common for a graduate certificate program, although the specific number varies by program. There are two general types of graduate certificate programs in cybersecurity: post-baccalaureate certificate programs, which require students to hold a minimum of a bachelor’s degree; and post-master’s certificate programs, which are designed for students who hold a master’s or doctoral degree, generally in a field related to cybersecurity such as computer science or engineering, although this too varies by program.
Graduate certificate programs are generally designed for working professionals who are looking to gain advanced skills and training to either advance in their current position or to change careers and enter the field of cybersecurity.
Online Cyber Security Degree Programs
Internet-based distance-learning platforms have broadened the options for students who are interested in earning a degree or graduate certificate in cybersecurity, and have thereby extended the reach of cybersecurity programs beyond the vicinity of a school’s campus. While many cybersecurity programs are offered in traditional, campus-based formats, an increasing number of programs, especially at the master’s level, are leveraging online learning technologies to offer cybersecurity programs in formats that provide more convenience and flexibility than on-campus programs. For students, this means there are fewer barriers to higher education than ever before.
Students who live near a college campus and prefer face-to-face instruction can still pursue a degree in the traditional way by enrolling in an on-campus program. Working students or students who do not live near a college campus can now pursue the same degree without having to relocate or schedule classes around their working hours. CyberSecurityDegree.com contains comprehensive directories of cyber security degree programs that are offered online by colleges and universities across the U.S. Programs are classified based on the number of times students are required to be on-campus or attend in-person sessions. Programs that require students to be on-campus four or more times per year are classified as hybrid programs and are not included in our directories. Programs that require three or fewer campus visits per year are classified as online programs as detailed below.
Fully Online Programs and Online Programs with Limited Campus Visits
Online programs that are fully online (100% online instruction, no campus visits required) and online programs that require only a limited number of campus visits are largely accessible to any qualified student via a secure internet connection regardless of where that student resides. On this site, both fully online programs and programs that require limited campus visits are classified as “online” programs. These programs offer all or most of their instruction and required coursework through online learning management systems (LMSs) and thus do not require significant travel or commuting to a school’s campus.
Fully Online Programs: A fully online program is a program that offers all of its required coursework, including lectures, discussions, individual and group projects, presentations, and exams, via online instruction. Some programs utilize real-time online instruction using video conferencing applications, a mode known as synchronous online instruction, while others rely solely on asynchronous instruction and thus do not have scheduled class meeting times.- Online Programs with Limited Campus Visits: These programs offer most of their required coursework online but may require one to three campus-based sessions per year. These campus visits, sometimes referred to as intensives or immersion sessions, can enhance the online learning experience. They may consist of orientations, workshops, seminars, networking opportunities, and other learning experiences that benefit from face-to-face interaction. Typically, these sessions last a few days to a full week and are classified as one session if they span continuous days. Examples of online programs with limited campus visits include programs that require one week-long intensive during the summer and programs that require students to attend one campus-based session per fall, spring, and summer semesters. These programs may be ideal for students who want or need the flexibility of an online program, but who wish to meet their instructors and classmates in-person during the program.
