Interview with Randy Carlson ABD, CISM, PMP about the Master of Science in Cybersecurity Program at Concordia University, St. Paul

About Professor Randy Carlson: Randy Carlson is an Associate Professor of Practice in the Computer and Information Science Department at Concordia University St. Paul. Prior to this appointment, he served as an Assistant Professor for 17 years. Currently, Professor Carlson teaches in the Information Systems programs at both the undergraduate and graduate level, primarily in technology management, project management, cyber defense, artificial intelligence (AI) and courses encompassing Agile organizations. He supports students through constant collaboration and framing course content into real-life situations. His research focus is on how technology impacts work and society, as well as how DevOps organizations are evolving to support the speed and agility needed to deliver on Digital Transformation.

Professor Carlson has worked in Information Technology for over 25 years, primarily as a Project, Program and Product Manager. His most recent position was as a Product Manager who oversaw Threat and Vulnerability Management technology within Optum Technology’s Cyber Defense Unit. He earned his Masters of Science in the Management of Technology from the University of Minnesota and holds a a Bachelor of Arts in Information Technology Management from Concordia University of St. Paul. He also completed Ph.D. work at Capella University in the area of Organizational Management with an Information Technology Specialty. He has received accreditation as a Certified Information Security Manager (CISM) from ISACA, a Certification in Unix Administration and C, C++ programming from the University of Minnesota, and a Project Management Professional (PMP) certification from the Project Management Institute.

Interview Questions

[] Could you please provide an overview of Concordia University St. Paul’s Master of Science in Cybersecurity, and how it is structured? What are the key learning outcomes students can expect from this program, and what kinds of roles does it prepare students for?

[Professor Carlson] The Cybersecurity program provides enhanced value to students in that there are two types of courses. First, there are technology management courses that look through the filter of a Cyber Defense professional. Examples of these are ‘Ethics in Cyber Security’ and ‘Enterprise Cyber Security Strategies’. They provide the student with the knowledge needed to have an eclectic understanding of a Cyber Defense department operating in a modern DevOps organization. They do this by showing how Cyber Security supports Digital Transformation utilizing Agile Methods to deliver new, secure technologies.

Second, the core courses in Cyber Defense are set up to deliver two important sets of knowledge. First, the core courses provide a holistic look at a Cyber Security organization to include discovering Security Governance and Compliance, Cyber Security Operations, Incident, Threat and Vulnerability Management, Cyber Defense as it relates to Digital Forensics, Attack Surface Management and how to harden an enterprise from Security Threats. Finally, a core class is offered describing what Cyber Security Services are typically offered to an enterprise and how the department collaborates with other organizational functions to establish secure practices.

The second item that is important is that the core courses are designed such that the knowledge for the Certified Information Security Manager (CISM) accreditation is a subset of what is delivered to the student, setting them up to have the tools to move forward with knowing all aspects of Cyber Defense while offering them a jumpstart in getting their CISM accreditation.

[] How is cybersecurity as a field evolving to meet contemporary needs and security threats? How does Concordia University St. Paul’s Master of Science in Cybersecurity train students to meet these contemporary and dynamic needs in the information security space? How do you see cybersecurity changing in the coming years, and how does Concordia University St. Paul’s program plan to stay abreast of these developments?

[Professor Carlson] Cyber Security is a huge growth area in that as technology continues to proliferate and Digital Transformation makes headway, more possible vulnerabilities and attack vectors exist providing opportunities for bad actors to seek leverage for nefarious reasons. Concordia knows that it must keep up with the inertia of how the field is transforming. We do that by being engaged with our business and Cyber Defense community to constantly update our curriculum to meet new demands for student knowledge.

An example of this is Rugged DevOps. This is a new area of Cyber Defense where Cyber Professionals are involved in software development ensuring that code is secure at all stages, so the development team is not unwittingly introducing new vulnerabilities into the production environment. We have this exciting new capability in our program and the student will learn about this valuable skill and how it is done in a lean, Agile development environment. Our curriculum is constantly evolving because a top program cannot ever rest on its laurels or it will fall behind.

[] Concordia University St. Paul’s Master of Science in Cybersecurity’s course content covers the expected learning outcomes for the Certified Information Security Manager (CISM) certification. May we have more information about the CSIM certification and its importance, and how the M.S. program ideally prepares students for the certification exam?

[Professor Carlson] The Certified Information Security Manager (CISM) is an accreditation offered by Information Systems Audit and Control Association (ISACA). ISACA is the most recognized professional association for Cyber Security Professionals and its accreditations are what employees are looking for on resumes.

We have CISM knowledge imbedded in our program in that all functions are taught incorporating the knowledge needed to pass the accreditation exam. The reason it is a subset of our core courses is because our courses are much more expansive, covering all Cyber Defense functions beyond what the CISM accreditation requires. But every focus area for the CISM accreditation is covered in our core Cyber Defense courses and this is done on purpose.

[] Concordia University St. Paul’s Master of Science in Cybersecurity can be completed both on-campus and online. May we have more information about the online technologies this program uses to facilitate interactive discussions between students and faculty?

[Professor Carlson] Our courses are taught using Blackboard Ultra’s Learning Management Software (LMS). It is the most current release of that LMS. Courses will be synchronous in that students will be required to attend a weekly Zoom meeting to connect with the professor and other students, but other than that, classes are more asynchronous. We use videos, discussion boards, weekly assignments, applied work in learning applications, and Blackboard Collaborate to allow for professor-to-student and student-to-student collaboration.

[] For their final graduation requirement, students must complete a Cyber Security Capstone. Could you elaborate on what the Capstone entails, and the process students undergo to complete and present their culminating experience?

[Professor Carlson] The Capstone can be done in one of two ways. First, one can do an internship which allows a student to work in a real company and learn on-the-job with weekly touchpoints with the instructor to offer progress reports. A final paper describing what the student learned will be required.

The second way would be the traditional research paper. The paper will comprise of a student-generated hypothesis, followed by a literature review to illuminate the existing research on the topic. The paper culminates in a discussion of the research, identifying limitations of the work and a final summary. The Capstone research paper is much like the work done in a Ph.D. program, without the measurement requirement.

[] What role does faculty mentorship play in Concordia University St. Paul’s Master of Science in Cybersecurity? Independent of faculty instruction and support, what career development resources and academic services are available to students of this program? How can students make the most of these mentorship opportunities and support systems while in the program?

[Professor Carlson] We have an active mentorship program with working professionals participating in the effort. We also have Cyber Professionals as adjunct professors who provide mentoring and act as intermediaries for students to be connected with practitioners in the field to seek further guidance. The full-time faculty is very invested in the student’s success and we consider it our failure if they do not succeed because every single one of our students is important to us.

[] For students interested in Concordia University St. Paul’s Master of Science in Cybersecurity, what advice do you have for submitting a competitive application?

Go to and choose Cybersecurity. You will be able to fill out an application there. Also feel free to contact me at and we can have a phone conversation or a Zoom meeting and discuss your questions.

[] What makes Concordia University St. Paul’s Master of Science in Cybersecurity program unique, and a particularly strong graduate degree option for students? From faculty expertise and mentorship opportunities to the quality of the curriculum, what are some standout aspects of the program that you would like prospective students to know about?

[Professor Carlson] What makes us unique is two-fold.

First, because we have faculty that have worked and do work in Fortune 500 companies, we are very current on all the changes that are happening in the field. Also, most of us have worked or are working in DevOps organizations that have a commitment to Digital Transformation and all delivery uses for Agile and Lean methods, so our program is designed with this in mind. This is important because the entire business world will eventually operate this way, so we are ahead of the game. We also recognize that accreditations are important, so we make sure that a student has the requisite information for the CISM exam as an adjunct to getting their Master of Science in Cybersecurity.

Second, we are a faith-based organization so all our students are very important to us and no one is just a number at Concordia University of St. Paul. We take it as a sacred trust that a student comes to learn from us to drive their future and we will do everything we can to be part of their success and to prepare them for a rewarding career in cybersecurity.

Thank you, Professor Carlson, for your excellent insight into Concordia University, St. Paul’s Master of Science in Cybersecurity!