The online M.S. in Cybersecurity Policy and Risk Management (CPRM) cultivates strategic thinking, policy development and risk-management skills for a more secure future. The program features expert faculty who help blend strategy and policy with preparedness, incident response, recovery, and resilience.
Credit Hours: 30 | Program Length: 12 months |
What is cybersecurity policy and risk management?
The University of New Hampshire’s fully online Master of Science in Cybersecurity Policy and Risk Management (CPRM) blends strategy and policy with preparedness, incident response, continuity and resilience — the heart of the security studies discipline. In as few as 12 months, you will graduate prepared to assess cybersecurity risk and to design, implement and oversee the necessary cybersecurity policies and processes for resilient, secure and successful organizations.
Why study cybersecurity policy and risk management at UNH?
The demand for master’s-level cybersecurity and risk management professionals is on the rise in the U.S. and globally. Guided by full-time faculty, practicing experts and senior executives, the CPRM degree fosters the strategic thinking, policy development and risk management skills that will set you apart in the high-demand cybersecurity field. Our highly interdisciplinary program is designed for students and working professionals with a variety of backgrounds — business, healthcare, IT, finance, homeland security, law and more — so you do not need an undergraduate degree in a technical field to be successful.
Potential careers
Technical background:
- Cyber Risk Analyst
- Cybersecurity Strategist
- Product Security Strategist
- Security Architect
- Chief Information Security Officer
Non-Technical background:
- Business Cyber Risk Associate
- Security Risk and Compliance Associate
- Cyber Policy and Strategy Planner
- Cyber Resilience Coordinator
- Director of Cybersecurity Business Alignment
National Center of Academic Excellence in Cyber Defense Education
UNH is the first institution in New Hampshire to be designated a National Center of Excellence in Cyber Defense Education by the U.S. National Security Agency and the Department of Homeland Security.
Cybersecurity Alumni Spotlight
Opportunities to Advance
The UNH College of Professional Studies offers a seamless transition from undergraduate to graduate study. Designed for the working adult, UNH CPS offers graduate certificates and master’s degrees delivered online by scholars-practitioner faculty. Receive a supportive, world-class education that fits your lifestyle, goals, and budget.
Curriculum & Requirements
This program is offered online.
The M.S. in Cybersecurity Policy and Risk Management (CPRM) program cultivates strategic thinking, policy development, and risk-management skills for students interested in careers in business or government. The program features full-time faculty and industry experts who help blend strategy and policy with preparedness, incident response, recovery, and resilience – the heart of our security studies discipline.
Students may come from business, public administration, healthcare, finance, homeland defense and security, retail, law, insurance, and a myriad of technical and engineering disciplines. Prior experience or undergraduate degrees in technical fields are not required.
This is an online only program, taught over five 8-week terms per academic calendar year.
The degree requires a minimum 30 graduate credits made up of nine core courses and culminating with a required capstone experience. The capstone involves a project custom-designed by each student (in cooperation with an advisor) to address real-world or work-related challenges in cybersecurity. Students research into the chosen challenge/problem, and then synthesize and apply their knowledge to recommend solutions or other deliverables that help address the problem.
Code | Title | Credits |
---|---|---|
Core Courses (All Required) | ||
CPRM 810 | Foundations of Cybersecurity Policy | 3 |
CPRM 820 | Policy Development and Communication | 3 |
CPRM 830 | Security Measures I | 3 |
CPRM 840 | Cybersecurity Standards, Regulations, and Laws | 3 |
CPRM 850 | Security Measures II | 3 |
CPRM 860 | Incident Response and Investigation | 3 |
CPRM 870 | Cybersecurity Risk Management | 3 |
CPRM 880 | Cybersecurity Metrics and Evaluation | 3 |
CPRM 890 | Organizations, Change Management, and Leadership | 3 |
Concluding Experience | ||
CPRM 898 | Capstone Project | 3 |
Total Credits | 30 |
UNH students may be considered for “Accelerated Master’s” (AM) dual degree status which permits you to begin studying for a master’s degree while still finishing your bachelor’s degree.
When taking courses in AM status, you earn course credit toward both your undergraduate and graduate degrees.
This saves time and money and gives a boost to your career prospects and workplace advancement.
See the Graduate School site for AM application requirements and support.
The AM option for MS CPRM is open to UNH students at Durham and Manchester campuses.
Undergraduate degrees
The MS CPRM program accepts students from all undergraduate degrees, both non-technical and technical. Students may come from business, public administration, healthcare, finance, homeland defense and security, retail, law, insurance, and a myriad of technical and engineering disciplines. Prior experience or education in technical fields is not required.
The AM program for MS CPRM also aligns with UNH’s minor in Cybersecurity Policy, which means that you can earn the Cybersecurity Minor alongside your chosen major.
Timeline
- Junior year: Apply for the MS CPRM program under the “Accelerated Master’s” (AM) option.
- Senior year: If accepted as an AM student, begin taking the approved classes (see below) and receive credit toward both your undergraduate and graduate degrees. For MS CPRM, you may start taking classes only in Fall or in Spring. Students must begin with CPRM 810 Foundations of Cybersecurity Policy as their first class.
Program Rules
All CPRM courses are taught asynchronously online in our intensive 8-week term structure and at the graduate level only. There are two consecutive terms in the Fall semester and two in the Spring.
AM students may start their MS CPRM studies only at the beginning of Fall or Spring (first taking CPRM 810 Foundations of Cybersecurity Policy). A Summer start is not permitted.
AM students are not permitted to take more than one CPRM class per term without prior approval by the CPRM program coordinator.
This rule is put into place because AM students will be starting CPRM classes while also completing bachelor degree requirements in the senior year (typically including demanding classes such as capstones or other challenging classes), and we want to preserve the best option for student success in both your undergraduate and graduate pursuits.
To complete the MS CPRM degree, students must fulfill all requirements for the program.
Courses
While in AM status, you may take up to 12 credits of the following courses. These credits will apply to both your undergraduate and MS CPRM degree.
You must begin with CPRM 810 Foundations of Cybersecurity Policy (which is offered in Term 1 in the Fall and Term 3 in the Spring).
Code | Title | Credits |
---|---|---|
CPRM 810 | Foundations of Cybersecurity Policy | 3 |
CPRM 820 | Policy Development and Communication | 3 |
CPRM 830 | Security Measures I | 3 |
CPRM 840 | Cybersecurity Standards, Regulations, and Laws | 3 |
CPRM 850 | Security Measures II | 3 |
CPRM 890 | Organizations, Change Management, and Leadership | 3 |
Example Schedules
These are only examples. Once accepted into the AM option for MS CPRM, you will work with your MS CPRM advisor to establish a schedule that works best for you.
Fall Start
Fall | Credits | |
---|---|---|
Junior Year | ||
Apply for the MS CPRM program under the “Accelerated Master’s” (AM) option |
||
Fall of Senior Year | ||
CPRM 810 | Foundations of Cybersecurity Policy (Term 1) | 3 |
CPRM 830 | Security Measures I (Term 2) | 3 |
Spring of Senior Year | ||
CPRM 850 | Security Measures II (Term 3) | 3 |
CPRM 840 | Cybersecurity Standards, Regulations, and Laws (Term 4) | 3 |
After Bachelor's Degree Awarded | ||
Transition to normal graduate student status and continue with the remaining requirements for the MS CPRM program. See important comments below re: this transition. |
||
Credits | 12 | |
Total Credits | 12 |
Spring Start
Spring | Credits | |
---|---|---|
Junior Year | ||
Apply for the MS CPRM program under the “Accelerated Master’s” (AM) option |
||
Fall of Senior Year | ||
Take only your undergraduate courses per your bachelor’s study plan |
||
Spring of Senior Year | ||
CPRM 810 | Foundations of Cybersecurity Policy (Term 3) | 3 |
CPRM 830 | Security Measures I (Term 4) | 3 |
Summer of Senior Year | ||
If you are still pursuing your bachelor’s degree (e.g., will graduate in September rather than May), you may elect to take CPRM 850 in Term 5 of the summer semester. |
||
CPRM 850 | Security Measures II (Term 5) | 3 |
After Bachelor's Degree Awarded | ||
Transition to normal graduate student status and continue with the remaining requirements for the MS CPRM program. See important comments below re: this transition. |
||
Credits | 9 | |
Total Credits | 9 |
Transition to normal graduate student status
Upon completion and award of your undergraduate degree, you will no longer be an “AM” student but will transition to normal graduate student status.
It is important to plan for this transition in advance, as there will be both academic and financial implications to consider.
Be sure to reach out to all available advisors to help you plan for a smooth transition.
- Describe & explain the conceptual framework of cybersecurity and its role in risk management; and discuss the history and various approaches to cybersecurity.
- Analyze the conceptual framework of cybersecurity, and identify & integrate the standards and other resources for the professional development, implementation, and management of cybersecurity policies and methods.
- Reflect on the organizational structures, information, and skillsets required for ongoing evaluation & revision of cybersecurity in a variety of real-world organizations.
- Communicate professionally and effectively with upper management, regulators, partners, colleagues, clients, and other end-users regarding cybersecurity planning and incident management.
- Explain & justify the needs for cybersecurity policy development, implementation, and management (within or across businesses, agencies, other organizations, industries, sectors, and nations).
- Strategize & customize cybersecurity risk management policies and processes for private or public organizations, with balanced consideration of organizational goals, regulatory mandates, industry best practices, and professional ethics.
Requirements
Applicants must hold a baccalaureate degree from an accredited college or university, but a specific major is not required. For example, students may come from business, public administration, healthcare, finance, homeland defense and security, retail, law, insurance, and a myriad of technical and engineering disciplines.
Current UNH undergraduates may apply for accelerated admission before completion of the baccalaureate degree. Read more information about this below.
The admissions committee uses a portfolio approach: applications are reviewed and decisions are made based on past academic performance, letters of recommendation, professional experience, civic engagement, and other qualities expressed via your personal statement.
Deadlines
Applications must be completed by the following deadlines in order to be reviewed for admission:
- Fall: July 1
- Spring: December 15
- Summer: N/A
For current UNH undergraduates seeking accelerated admission (see below), you must apply and be admitted to the program during the admissions cycle before the senior-year semester during which you want to enroll in courses for graduate credit.
Application fee: $65
Campus: Online
New England Regional: No
Accelerated Masters: Yes (for more details see the accelerated masters information page)
Transcripts
If you attended UNH or Granite State College (GSC) after September 1, 1991, and have indicated so on your online application, we will retrieve your transcript internally; this includes UNH-Durham, UNH-Manchester, UNH Non-Degree work and GSC.
If you did not attend UNH, or attended prior to September 1, 1991, then you must upload a copy (PDF) of your transcript in the application form. International transcripts must be translated into English.
If admitted, you must then request an official transcript be sent directly to our office from the Registrar's Office of each college/university attended. We accept transcripts both electronically and in hard copy:
- Electronic Transcripts: Please have your institution send the transcript directly to grad.school@unh.edu. Please note that we can only accept copies sent directly from the institution.
- Paper Transcripts: Please send hard copies of transcripts to: UNH Graduate School, Thompson Hall- 105 Main Street, Durham, NH 03824. You may request transcripts be sent to us directly from the institution or you may send them yourself as long as they remain sealed in the original university envelope.
Transcripts from all previous post-secondary institutions must be submitted and applicants must disclose any previous academic or disciplinary sanctions that resulted in their temporary or permanent separation from a previous post-secondary institution. If it is found that previous academic or disciplinary separations were not disclosed, applicants may face denial and admitted students may face dismissal from their academic program.
Letters of Recommendation: 2 Required
Two letters of recommendation are required. Recommendations should support your application with professional and academic confirmation of your suitability for this particular program. Recommendations submitted by relatives or friends, as well as letters older than one year, will not be accepted.
Personal Statement
This is your opportunity to personalize the application and help us better understand who you are and how well this programs suits your background, current situation, and future goals. Your well-crafted statements should range from 700 to 1,800 words. Applicants must provide a personal statement responsive to all four of these prompts:
- Describe some examples of professional, personal, or academic experiences that helped develop your interest in cybersecurity policy and risk management.
- Explain your career objectives. Discuss your expectations as to how this program could impact these objectives.
- Identify and explain any important aspects of your professional or academic background that may not be reflected in your resume or undergraduate degree transcripts. (For example, if your past college grades do not reflect your current learning abilities, please explain. Also, if there is any additional information which you feel should be considered by the Admissions Committee, please explain.)
- Please indicate your prior experience and levels of comfort and competence in online learning, and also describe the support (from work, family, or others) and plans you have to fit this time requirement in your life. Generally, online learners must be self-motivated, comfortable interacting through technologies, and confident in expressing their ideas in writing and orally. Time management is also important, since each 3 credit graduate course requires about 9 hours of study time a week.
Statements must be included with your submitted application.
Resume
A current resume is required with your submitted application.
New Hampshire Residents
Students claiming in-state residency must also submit a Proof of Residence Form. This form is not required to complete your application, but you will need to submit it after you are offered admission, or you will not be able to register for classes.
International Applicants
Prospective international students are required to submit TOEFL, IELTS, or equivalent examination scores. English Language Exams may be waived if English is your first language. If you wish to request a waiver, then please visit our Test Scores webpage for more information.
We welcome international applicants, but please note that this is an online program. Any program that is conducted primarily online is not eligible for a student visa for study, but students may enroll at a distance or study under a different eligible visa type.
Questions
If you have questions about the application or admissions process, please contact the UNH Online Student Success Coaches at: unh.online@unh.edu or +1 (855) 250-6699
Explore Program Details
Tuition & Fees:
The University of New Hampshire’s online graduate tuition and fees information is available on the UNH Business Services Website. Program costs and technology fees are subject to change.
Course Fees: Specific courses may have additional course fees. Visit the course schedule for more information.
Financial Aid:
Federal Unsubsidized Direct Loans are a form of federal financial aid available to Graduate Students. To apply, you must complete the Free Application for Federal Student Aid (FAFSA).
The CPRM degree prepares you to develop strategy and policy for managing risks to the data and infrastructure that businesses and society rely on, building a skillset that can help you advance or change your career trajectory in a variety of fields. In this program, you will learn the skills:
- To develop policy and plans for managing risks to the data and infrastructure that business and society rely on.
- To construct cybersecurity frameworks that support regulatory reporting, insurance auditing and other corporate or legal requirements.
- To create methodologically sound procedures for measuring the effectiveness of cybersecurity.
- To design strategies that promote an organizational culture of cybersecurity.
- To influence executive decision-making by effectively communicating organizational impacts of cybersecurity risks.
- To justify cybersecurity efforts within the structure, function and mission of any organization (private or public).
- To integrate cybersecurity into enterprise risk-management strategies and policy.