Aim of the studies
The objective of the Master's Degree Programme Cyber Security Management is to enable the graduates to:
- Plan and apply technical cyber defense and digital forensics to protect IT systems,
- Lead projects to implement information security management systems (ISMS),
- Introduce management applications to existing system landscapes according to relevant quality and security features, manage and audit them,
- define performance requirements for external service providers for a security operation center, and manage and monitor them,
- assess ICT crime in terms of evidence and fraud.
- design individual early warning systems and protective methods using the knowledge gained from digital forensics,
- plan and take responsibility for the integration of new solution concepts into the existing IT architecture while ensuring a secure infrastructure for the system landscape in the institution,
- evaluate audit processes and audit programs with regard to opportunities and challenges and take the lead in implementing them,
- use project management and leadership methods to successfully plan and manage security-related and cross-divisional projects and provide technical leadership to cross-company teams.
With the knowledge they have gained, graduates of the Master's programme Cyber Security Management are important employees for companies in managing and implementing procedural and organizational information security, in IT operations and in information technology.
Graduates deal with the design, development, selection and use of IT security architects, IT security procedures and technologies in business and government. The studies enable the graduates to take over leading tasks in a company at the interface between the specialist department and IT security in a qualified and competent manner.
Content and structure of the studies
The following qualification focuses are set within the framework of 6 specialisation semesters, which are determined on the basis of several qualification areas and distributed over individual modules that reflect the individual learning objectives and thus form the content per qualification objective.
Q1 Digital Forensics & Technical Cyber Defense
- Various aspects from the areas of network forensics, mobile forensics, electronic forensics, and compliance topics.
- Specifics and challenges in forensic analysis
- Methods for digital forensics with threat mitigation plans
- Concepts and action items, as well as detection of attack vectors and measures to combat them in the long term
- Cyber attacks and the different methods
- Planning of cyber incident & response processes
- Analysis of log data from the network area and derivation of appropriate measures
- Resilience, cloud, container security architectures as well as security features in tokens and certificates, open source intelligence.
Q2 Cyber Security Management
- Vulnerability of IT systems
- Preventive and detective IS deployment
- Introduction to management systems according to relevant quality and security features (QA + IT security) using PDCA cycle and CIP
- Auditing of SIEM management systems
- Concepts of the second and third line of defense
- Security processes and projects leading to long-term increase of IT systems resilience
- Processes of implementing information security management systems and frameworks according to ISO/IEC 27001, IT security law, COBIT, NIST, ITIL
- Management of external service providers (especially security operation centers).
Q3 Aspects of cybercrime
- ICT crime: understanding evidence management and fraud
- Early warning concepts and prodetective methods in digital forensics.
Q4 System architecture security.
- Examination of the ability to integrate new solution concepts into the existing architecture and verification of security-relevant features
- Infrastructure of system landscapes (clients, Windows/Linux servers, network, firewalls, storage, etc.), (embedded systems).
Q5 Soft Skills
- Preparation of and for (internal and external) audits
- Control, implementation and monitoring of audit processes and audit programs
- Efficiently designing processes for personnel recruitment, development, motivation and leadership
- Project management methods: Prince 2, Scrum, Six Sigma etc.
- Methods for planning, implementing and managing safety-specific projects
- Project assignments and presentation of results: internal research projects and external, application-oriented projects from industry.
In the sixth semester, the master's thesis is carried out and documented in written form. The degree is completed with an oral examination in which the master's thesis is presented and defended.
Here you will find a graphical overview of your course of studies and the programme content(see figure WiSe & figure SoSe).
Occupational fields and future prospects
The Degree programme Cyber Security Management (M.Sc.) is just right for today's security-ambitious and design-minded young brains who aspire to an innovative and future-oriented course of studies with a high practical component in order to effectively and efficiently design the technical world of tomorrow with its digitalized and automated basic elements and to secure it in an economically and ecologically sustainable manner.
As a graduate of the Degree programme, you will be professionally and methodically qualified to best meet the current and future job profiles within Information and Communication Technology and Critical Infrastructures, depending on your chosen specialisation and personal interests. Later, you can occupy the following occupational fields, for example:
Within a company
- Head of Information Security
- Data protection manager
- IT security manager
- Cyber security expert in the area of network access control (network security)
- IT security expert in the area of Identity Access Management (Identity Management)
- as internal lead auditor or auditor
Job profiles as external employee / self-employed
- Network security specialist
- ISMS Implementer according to ISO/IEC 27001 and IT-Grundschutz
- Auditor according to ISO/IEC 27001 / EnWG of BNetzA and BSI
- Advisor/consultant with different main topics.
As a graduate, you will also be highly sought after by federal authorities, such as the Federal Office for Information Security (BSI).