This is the preliminary (or launch) version of the 2024-2025 VCU Bulletin. Courses that expose students to cutting-edge content and transformative learning may be added and notification of additional program approvals may be received prior to finalization. General education program content is also subject to change. The final edition and full PDF version will include these updates and will be available in August prior to the beginning of the fall semester.

The Master of Science in Computer and Information Systems Security, jointly offered by the Department of Computer Science in the College of Engineering and the Department of Information Systems in the School of Business, is designed primarily for students interested in professional roles in business, industry or government. Program graduates will serve as leaders within the computer and information systems security community and as strategic partners within the enterprises in which they work. They will stay attuned to, and anticipate changes in, the computer and information systems security environment and ensure that security solutions create a sound, competitive, cost-effective advantage for the enterprise.

Graduates of the program will be prepared to take leading roles in planning, organizing, managing, designing and configuring security solutions in public and private organizations and will be familiar with state-of-the-art security technologies and best practices. The program takes a broad interdisciplinary approach to computer and information systems security that will help students develop the ability to see the larger organization and social, political, ethical and economic aspects of information security, as well as offering a unique graduate-level curriculum that is both technically and managerially oriented.

Program mission

The Master of Science in Computer and Information Systems Security provides for the scholarly and professional needs of several groups who have either accepted or are keen to take on the challenge of protecting information resources of firms and society at large.

Program goal

Graduates of this program are expected to take on leadership positions, including as chief security officer, in computer and information systems security in organizations. VCU’s program takes a broad interdisciplinary approach to computer and information systems security that will help develop the student’s ability to see the larger organizational, social, political, ethical and economic aspects of information security.

Student learning outcomes

Graduates of the program will be:

  1. Prepared to take leading roles in planning, organizing, managing, designing and configuring security solutions in public and private organizations
  2. Familiar with state-of-the-art security technologies and best practices

VCU Graduate Bulletin, VCU Graduate School and general academic policies and regulations for all graduate students in all graduate programs

The VCU Graduate Bulletin website documents the official admission and academic rules and regulations that govern graduate education for all graduate programs at the university. These policies are established by the graduate faculty of the university through their elected representatives to the University Graduate Council.

It is the responsibility of all graduate students, both on- and off-campus, to be familiar with the VCU Graduate Bulletin as well as the Graduate School website and academic regulations in individual school and department publications and on program websites. However, in all cases, the official policies and procedures of the University Graduate Council, as published on the VCU Graduate Bulletin and Graduate School websites, take precedence over individual program policies and guidelines.

Visit the academic regulations section for additional information on academic regulations for graduate students.

Degree candidacy requirements

A graduate student admitted to a program or concentration requiring a final research project, work of art, thesis or dissertation, must qualify for continuing master’s or doctoral status according to the degree candidacy requirements of the student’s graduate program. Admission to degree candidacy, if applicable, is a formal statement by the graduate student’s faculty regarding the student’s academic achievements and the student’s readiness to proceed to the final research phase of the degree program.

Graduate students and program directors should refer to the following degree candidacy policy as published in the VCU Graduate Bulletin for complete information and instructions.

Visit the academic regulations section for additional information on degree candidacy requirements.

Graduation requirements

As graduate students approach the end of their academic programs and the final semester of matriculation, they must make formal application to graduate. No degrees will be conferred until the application to graduate has been finalized.

Graduate students and program directors should refer to the following graduation requirements as published in the Graduate Bulletin for a complete list of instructions and a graduation checklist.

Visit the academic regulations section for additional information on graduation requirements.

Apply online today.

Admission requirements

Degree: Semester(s) of entry: Deadline dates: Test requirements:
M.S. Fall Jul 1 GRE or GMAT
Spring Nov 1 TOEFL for international students

Applicants must meet all general admission requirements of the VCU Graduate School.

Degree requirements

In addition to general VCU Graduate School graduation requirements, the M.S. in Computer and Information Systems Security requires 30 graduate credit hours, including a core curricular component and an elective component. The elective component consists of three courses chosen by the student and selected from CISS course offerings or, with the approval of the program co-directors, from courses offered by the departments of Computer Science, Information Systems, Criminal Justice and Forensic Science.

Curriculum requirements

Students with an accredited bachelor’s degree or post-baccalaureate certificate in fields such as computer science or information systems should be adequately prepared for the graduate curriculum. Students from other academic backgrounds may need to complete undergraduate prerequisite courses. Prerequisites are determined by the faculty adviser at the time of admission.

Prerequisite courses

Course Title Hours
MATH 211Mathematical Structures3
or CMSC 302 Introduction to Discrete Structures
CMSC 255Introduction to Object-oriented Programming4
or INFO 350 Intermediate Programming
CMSC 355Fundamentals of Software Engineering3
or INFO 361 Systems Analysis and Design
CMSC 508Database Theory3
or INFO 364 Database Systems
CMSC 312Introduction to Operating Systems3
or INFO 370 Fundamentals of Data Communications

Curriculum

Course Title Hours
Core component
CMSC 512Advanced Social Network Analysis and Security3
CMSC 615Cryptocurrency and Blockchain Techniques3
CMSC 622Network and System Security3
INFO 535Ethical, Social and Legal Issues in Computer and Information Systems Security3
INFO 544Principles of Computer and Information Systems Security3
INFO 646Security Policy Formulation and Implementation3
Elective component
Choose four of the following courses. Students must select a minimum of one CMSC and one INFO course12
Introduction to Software Analysis, Testing and Verification
Game Theory and Security
Database and Application Security
Applied Cryptography
Software Quality Assurance
Advanced Software Analysis, Testing and Verification
Mobile Networks: Applications, Modeling and Analysis
Memory and Malware Forensics
Introduction to Digital Forensics
Survey of Cyber Security
Data Communications
Securing Cloud Infrastructure
Securing the Internet of Things
Total Hours30

The minimum number of graduate credit hours required for this degree is 30.

Contact
Elizabeth Baker, Ph.D. 
Professor, Department of Information Systems
bakerew@vcu.edu
(804) 828-7118

Additional contact
Milos Manic, Ph.D.
Professor, Department of Computer Science
misko@vcu.edu
(804) 827-3999