Earning a Master's in Cybersecurity Online

According to data compiled by Statista, the rate of cybercrime has risen sharply over the past decade. To help combat this growing threat, the Bureau of Labor Statistics (BLS) projects that the number of information security analysts will increase by 28% between 2016 and 2026 -- four times faster than the national average for all other occupations. While you may qualify for some of these new positions with a bachelor's diploma, some employers prefer to hire candidates with a master's degree.

This page provides an overview of online master's degrees in cybersecurity, including information on admission requirements, course options, and possible career paths. You can also find resources to help pay for your education.

Student Profile: Who Earns an Online Master's Degree in Cybersecurity?

Many students seek out an online master's in cybersecurity directly after earning their bachelor's degree in a field like computer science. This advanced degree can help qualify individuals for specialized roles in information security or assume positions that might otherwise require several years of professional experience.

Alternatively, established information technology (IT) professionals can also return to school to pursue an advanced degree, enabling them to change their career trajectory or earn a promotion. Given the flexibility of many online programs, you can often complete the coursework needed for a master's without leaving your full-time job.

Why Get a Master's Degree in Cybersecurity?

Pursuing Specialization

An online cybersecurity master's degree can help position you for specialized jobs in information technology. For example, you can take graduate-level coursework in cyberlaw, preparing to work with local, state, or federal agencies investigating and prosecuting cybercrime. Alternatively, you can learn about counter-hacking procedures, which serve as a private organization's first line of defense against criminals hoping to steal confidential information. Students can also explore how to protect computer systems against the effects of natural disasters.

Career Advancement Opportunities

According to the BLS, information security analysts earn a median salary of $95,510 annually. However, computer and information systems managers earn $139,220 per year. Through coursework in areas like project management and organizational development, an advanced degree in cybersecurity can help qualify you for these more supervisory roles, unlocking considerably higher salaries throughout the course of your career.

Online Learning Technology

Online master's programs rely heavily on distance learning technologies, such as web conferencing tools and online collaboration platforms. Many businesses -- especially those that operate internationally -- use these technologies to interact with clients and facilitate connections between employees working at different sites. By gaining first-hand experience with these tools during your graduate studies, you can develop a competitive edge over candidates who need to learn new systems before taking on a job.

Prerequisites for Online Cybersecurity Programs

To earn your online cybersecurity master's, you must first hold a bachelor's degree from an accredited institution. Other admission requirements vary from program to program; the following list describes common prerequisites.

  • Work Experience: Generally speaking, you do not need work experience to enroll in these programs, and schools often accept students directly after they earn an undergraduate degree. Still, a strong professional resume can improve your chances of admission, and some programs even allow you to earn graduate-level credit for work or military experience.
  • Exams and Test Scores: Some schools do not require applicants to submit entrance exam scores, while others request test results to help determine whether you can succeed academically at the graduate level. When required, cybersecurity programs typically ask students to submit Graduate Record Examination scores.
  • Coursework: Many programs require students to complete undergraduate coursework in areas like object-oriented programming, information assurance, and networking. However, you can often waive this requirement if you hold a professional certification related to cybersecurity or at least three years of professional experience. Some programs also admit students on the condition that they complete introductory computer science coursework before moving on to graduate-level coursework.
  • Recommendations: You should plan to submit at least two letters of recommendation as part of your application package. Try to get letters from former professors and/or supervisors. These recommendations should speak to your past experience and your future potential. Give your recommenders at least two months to write and submit letters on your behalf.
  • Essays: Technically oriented programs, like online cybersecurity master's degree tracks, typically do not require applicants to submit essays. However, if an essay is required, take the opportunity to highlight your achievements and experience, explain gaps in your resume, and reiterate your desire to continue your education and pursue a career in cybersecurity.
  • Interviews: Increasingly, online programs do not require interviews. Admissions officers usually make their decisions based on your college transcripts, resume, and letters of recommendation. If a school does ask to schedule an interview, you can usually complete this from a distance. Prepare to answer questions about your academic qualifications and your professional goals.
  • International Students: International students must meet all of the same admission requirements as U.S. students. In addition, they may also need to submit results from the Test of English as a Foreign Language exam. Students should also confirm that their college or university meets the accreditation requirements of potential graduate programs.

How Much Can I Make with a Master's Degree in Cybersecurity?

In 2017, the BLS reported that the median information security analyst salary reached $95,510. The lowest 10% of these salaries fell below $83,860, while the highest 10% exceeded $208,000. Typically, professionals with more years of experience and advanced degrees earn higher salaries than recent graduates and workers without specialized training.

Other factors may also affect your earning potential. For example, an information security analyst working for a nonprofit organization in a more rural setting can expect to make less than a professional working for a corporation in a large city, even if the two workers share similar backgrounds.

Traditional Careers for Cybersecurity Master's Graduates

Career Stats Description

Information Security Analyst

Median Pay: $95,510

Job Growth: 28%

Information security analysts design and implement security measures to protect an organization's data and computer systems. They may install software to safeguard customer information, conduct penetration testing to better understand their system's vulnerabilities, or work with management to create an information security strategy.

Ideal for: Those with strong analytical and problem-solving skills, as well as the ingenuity to predict and combat evolving threats.

Chief Information Security Officer

Median Pay: $155,459

Job Growth: 12%

A chief information security officer oversees all aspects of an organization's efforts to keep its employees, customers, and information systems safe and secure. Rather than working on technical details, these individuals often set high-level strategy and direct teams of information technology professionals.

Ideal for: Individuals who possess both a deep understanding of cybersecurity needs and the leadership skills needed to coordinate and support a team of employees.

Security Architect

Median Pay: $120,795

Job Growth: 6%

Security architects create computer networks and systems resistant to external attacks. Often collaborating with network architects, these individuals may work for a single organization or with multiple firms.

Ideal for: Those with the skills to build a secure computer network and communicate with less technically proficient colleagues about network security implementation.

Security Engineer

Median Pay: $88,597

Job Growth: N/A

Security engineers perform many of the same functions as security architects, although their focus often lies more on applications and software than hardware and computer networks. Security engineers may also need to respond to incidents of cybercrime to identify the parties responsible and prevent future intrusions.

Ideal for: Professionals with the desire and skillset to protect against and investigate cybercrime.

Non-Traditional Careers for Cybersecurity Master's Graduates

Career Stats Description

Technical Writer

Median Pay: $70,930

Job Growth: 11%

Technical writers prepare instructional manuals and how-to guides that explain complex information. Technical writers focused on cybersecurity may create documentation to help employees understand and implement certain protective measures, such as creating appropriately secure passwords and avoiding phishing emails.

Ideal for: Those with the ability to translate technical language into comprehensible and easy-to-follow instructions.

Forensic Computer Analyst

Median Pay: $70,528

Job Growth: 17%

Forensic computer analysts aid in the investigation of crimes by analyzing digital data. They may assist in the prosecution of internet-based fraud or use their skills in data collection to give law enforcement officials the evidence needed to solve crimes.

Ideal for: Individuals with superb critical-thinking and analytical skills. Analysts also need strong communication skills if called upon to testify in a court of law.

Entrepreneur

Median Pay: N/A

Job Growth: N/A

Cybersecurity entrepreneurs lead a variety of businesses and initiatives. They may found consulting firms that offer guidance to organizations on how to protect confidential information, distribute security software that identifies and destroys computer viruses, or conduct "ethical hacking" to probe a company's security and make recommendations for improvements.

Ideal for: Self-starters with technical expertise and the desire to be their own boss.

Postsecondary Teacher (Computer Science)

Median Pay: $76,000

Job Growth: 15%

College and university professors instruct students and conduct research in their area of expertise, including in computer science. They may also provide individual advising to their students, perform administrative functions for their school, and write books or scholarly articles.

Ideal for: Those who enjoy supporting the learning of others and want to remain in academia after earning their cybersecurity master's degree online.

Sources: Bureau of Labor Statistics, PayScale, 2017-2018

Paying for an Online Master's in Cybersecurity

The cost of a cybersecurity master's program varies depending on where you study. For example, public universities often cost less than private institutions. Schools that feature accelerated tracks may also allow you to earn your degree faster and pay less in overall tuition. Additionally, many programs award credit for prior learning or professional experience, further reducing the amount of time and money you need to spend earning your degree.

To help pay for your education, make sure to determine your eligibility for state and federal financial aid. You can also research scholarship programs that target students in cybersecurity.

Tuition Timelines

You can pursue your degree on a full-time, part-time, or accelerated basis. Before choosing a path, make sure you understand the demands and costs associated with each program type.

Part-Time Path

Ideal for working professionals and those with family obligations, part-time study allows you to take a lighter course load.

Real-Life Example:

School Name: Southern New Hampshire University
Total Credits Required: 36
Summary: Students pursuing an online cybersecurity master's at Southern New Hampshire University on a part-time basis typically graduate in three years. Tuition rates at the university may change annually.

Full-Time Path

A full-time path best serves individuals hoping to learn in a more structured environment while taking a traditional course load.

Real-Life Example:

School Name: Johns Hopkins University
Total Credits Required: 36
Summary: At Johns Hopkins University, full-time students can earn their degree in just 18 months. However, students who did not complete undergraduate courses in areas like calculus and computer programming may take longer to graduate.

Accelerated Path

Self-paced learning allows you to advance through material as soon as you demonstrate mastery of key concepts. While you can graduate faster by following an accelerated path, you typically receive less support from your instructors and classmates.

Real-Life Example:

School Name: Maryville University
Total Credits Required: 36
Summary: Students on an accelerated path at Maryville University can graduate in just one year. Most students who choose this track majored in a field related to cybersecurity during their undergraduate studies or boast significant professional experience in the field.

Subject-Specific Financial Aid, Grants & Scholarships

In addition to federal and state grants, you can apply for scholarships that specifically serve students in cybersecurity. Five such scholarships appear in the list below.

What to Expect from a Master's Level Online Cybersecurity Program

Most full-time students pursuing their cybersecurity master's online graduate in two years or less. Part-time students may need up to four years to complete all of their degree requirements, while students following an accelerated pathway can sometimes finish their program in about a year.

Most programs consist of approximately 36 credits, including a capstone course where students apply their graduate-level learning to a practical cybersecurity issue. For example, they may partner with a local school to ensure that the institution meets the security requirements outlined in the Family Educational Rights and Privacy Act of 1974.

Major Milestones

  1. Enrollment - Roughly two years prior to graduation

    After you gain admission into a program, you can work with an enrollment counselor to design your course of study. Staff from your school's financial aid office can also help you apply for government aid and private scholarships.

  2. Completing Prerequisite Coursework (If Needed) - Roughly two years prior to graduation

    While some programs do not admit students who have yet to complete undergraduate coursework in areas like computer programming and operating systems, others admit students on the condition that they take these classes before moving on to more advanced material.

  3. Competing Foundational Coursework - Roughly one year prior to graduation

    After completing all prerequisite coursework, you can expect to take foundational classes in information assurance fundamentals, human factors in security, and cyberlaw and ethics. These courses usually take up the first year of your graduate studies.

  4. Completing Electives - Roughly six months prior to graduation

    In the second year of a program, you can customize your education by choosing a concentration or other elective coursework. Electives allow you to explore topics like digital forensics, responding to natural disasters, and cybersecurity in intelligence settings.

  5. Completing Capstone - Directly prior to graduation

    Many programs require students to complete a capstone project at the end of their program. This project gives you the opportunity to showcase your graduate-level education and gain experience. A capstone also offers the chance to develop professional references for future job applications.

  6. Graduation - When all program requirements are met

    After completing your capstone and meeting your program's credit requirements, you can graduate with your master's degree in cybersecurity.

Coursework

Although your exact course of study will vary based on the electives you choose, the list below includes five classes commonly offered by online cybersecurity master's programs.

Foundation in Information Assurance

This course introduces students to the basic concepts and principles they can expect to encounter during their graduate studies, including protecting against the loss of information, applications of cryptography, security across distributed environments, and maintaining system integrity.

Human Factors in Security

Human error leads to the majority of cyber intrusions. In this class, participants learn how users introduce vulnerability into systems. Students also learn to teach colleagues and customers to better protect their information.

Cyberlaw and Ethics

Cybersecurity professionals must understand the law that governs their field, regardless of whether they work at a private organization or a government agency. This course explores topics like digital property, antitrust law, fraud, and access to and jurisdiction over personal information.

Network Assessment and Defense

Students in this class learn about the fundamentals of building and maintaining a secure network, including securing different types of data, monitoring user permissions, and confirming identity. Students also practice assessing various kinds of threats.

Investigation and Digital Forensics

This class provides an introduction to identifying, collecting, preserving, and presenting evidence gleaned from computers and devices. The same basic principles apply to investigative roles in the private sector.

Requirements to Practice

Generally speaking, cybersecurity and information assurance professionals do not need a license to practice. However, a professional certification can signal specialized expertise to future employers or clients. Many security analysts seek out credentials to gain a competitive edge in the job market, qualify for supervisory roles, and/or negotiate a higher salary. While the exact requirements vary, most certifications require you to possess a certain number of years of experience, pass an exam, and pay an application fee. You may also need to complete ongoing professional development to remain certified.

  • Certified Information Systems Security Professional: This certification indicates that you possess the skills needed to design and manage a cybersecurity program for your organization. The certification exam measures your expertise across eight domains, including asset security and software development security. You must also hold five years of experience in the field to qualify for this credential.
  • Certified Ethical Hacker: Ethical hackers search for weaknesses in an organization's security systems so that they can recommend new and better security approaches. This credential can help demonstrate your competency in legal hacking. Applicants must pass a multiple-choice exam that consists of 125 questions, lasts four hours, and costs $100.
  • Certified Information Security Manager: Offered by ISACA, this certification signals a holder's information security expertise. The certification exam covers topics like intrusion detection and prevention, identity management, and security trends. To maintain this credential, you must complete at least 20 hours of continuing education each year.
  • CompTIA Security+: Aligned with standards set by the Department of Defense, this certification caters to professionals working in information security at a government agency. Lasting 90 minutes, the certification exam tests for knowledge and skills in cybersecurity management. The exam costs $339.

Professional Organizations & Resources

After you earn your online master's degree in cybersecurity, you should consider joining a professional organization. These groups host local and national events, helping students build connections and established professionals keep abreast of the latest developments. Many professional organizations offer online and in-person education resources, as well as formal certification programs that can position you for a new job or a promotion. Finally, nearly all of these organizations maintain job boards, making it easier to identify new opportunities to advance in your career.

  • (ISC)2: This organization represents more than 138,000 cybersecurity professionals. It offers certifications in fields like healthcare and architecture, provides a variety of online training resources, and hosts regular security briefings and summits.
  • Information Systems Security Association: ISSA provides educational forums, publications, and networking opportunities to promote the professional growth of its members. The association also awards scholarships, administers a mentoring program for recent graduates, and organizes an international conference.
  • ISACA: Previously known as the Information Systems Audit and Control Association, ISACA represents roughly 140,000 information technology governance professionals. The organization's website hosts scholarly articles, white papers, professional development webinars, and a career center.
  • National Cyber Security Alliance: NCSA aims to keep information and people safe and secure by strengthening public/private partnerships. The organization provides tips on how to stay safe online for non-technical audiences, as well as more detailed instructions and research on how to build and maintain secure networks for cybersecurity professionals.
  • Information Security Research Association: Since 2010, ISRA has worked to spread information security awareness. It hosts an annual hacking conference, offers awards to recognize exemplary service to the field, and organizes special interest groups to help its members collaborate and share best practices.
  • U.S. Department of Education - Student Aid: Financing your education should begin by completing the Free Application for Federal Student Aid (FAFSA). Filling out the FAFSA helps determine your eligibility for grants, work-study jobs, and low-interest student loans. The FAFSA website also hosts resources on private scholarships.
  • Evolve Security: Evolve Security offers fully online cybersecurity bootcamps, suitable for individuals just starting out in the field and current professionals hoping to hone their skills. Bootcamps feature asynchronous learning and opportunities to develop practical experience in partnership with nonprofit organizations.
  • Google Security Blog: Google's security team regularly discusses issues of internet and computer-based security on their blog, giving students an inside look at the thoughts and practices of some of the leading security professionals in the world.
  • Dark Reading: Dark Reading -- a publication of Information Week -- covers the latest news and research in cybersecurity and information assurance. The site serves as an excellent starting point for deeper research into issues like cloud computing vulnerabilities and threat assessments.
  • Purdue Online Writing Lab: Both during school and after graduation, individuals need to write well to succeed in cybersecurity. Purdue OWL offers a wealth of writing tips, including how to structure a thesis and how to draft a cover letter.