Complete OPSC-501
Upcoming Start Dates
Spring term 2 begins. Apply by Feb. 20.
Summer term 1 begins. Apply by April 24.
Master Strategic Defense in Information Security
Advance your cybersecurity career with Champlain College Online’s MS in Information Security with Management. Designed for professionals managing day-to-day information systems in complex environments, this program emphasizes the technical and strategic aspects of information security, preparing you to lead effective defenses in high-stakes settings.
Secure Systems with Strategic Leadership
- Risk and Resource Prioritization: Develop and apply classification criteria to protect critical systems and data, ensuring resources are allocated to high-priority areas based on value and sensitivity.
- Advanced Attack Analysis: Master techniques to assess and defend against sophisticated cyber attacks, recommending targeted strategies to mitigate risks.
- Vulnerability Detection and Remediation: Identify and address system vulnerabilities, implementing defenses that respond dynamically to observed and predicted threats.
- Proactive Defense and Detection: Design controls to detect and respond to suspicious activity, using data sources and analysis to track and neutralize potential attacks.
- Leadership in Information Security: Learn strategic decision-making, combining technical acumen with communication and problem-solving skills that prepare you to lead cybersecurity initiatives.
A National Leader in Cybersecurity
Champlain is a nationally recognized leader in cybersecurity and digital forensics education and home of the Senator Patrick Leahy Center for Digital Investigation & Cybersecurity. With a robust faculty of expert-practitioner instructors who have significant experience working for top organizations and are sought-after thought leaders in the field, we specialize in building agile cybersecurity and digital forensics programs that the meet mission-critical needs of today's businesses, nonprofit organizations, and state and federal governments.
Champlain has been designated a National Center of Academic Excellence in Cyber Defense Education by the U.S. National Security Agency and the Department of Homeland Security since 2006, and Champlain cybersecurity programs have been named best in the nation by SC Magazine. Champlain is also designated as a National Center of Digital Forensics Academic Excellence by the Defense Cyber Crime Center (DC3) Air Force Office of Special Investigations - the fifth college in the nation to receive this distinction.
Program Curriculum
Learn more about Champlain's 100% online master's in information security with a management track, designed for working professionals.
Champlain's online infosec courses encompass the top skills needed by today's information security professionals. Complete 12 credits of required courses, and then complete your focus in Management.
- Required Courses: 12 Credits
- Management Track: 18 Credits
* For admission to this program, students must demonstrate previous coursework and/or experience in information technology (IT) and Digital Forensics. Students who do not display sufficient IT knowledge and skills will need to complete CMIT-500 before starting the program.
Understanding risk and identifying the threats organizations face are essential skills for today's information security professionals. In this course that introduces students to the graduate degree program, students learn to compute impact scores for vulnerabilities, classify data, and use Champlain College Online's virtual environment to explore how to use IOCs (Indicators of Compromise).
Security controls are used to maintain confidentiality, integrity and availability of systems and typically enterprise architectures are built using frameworks. Students move beyond defense in depth and breadth strategies and "learn by doing" in this course, working in the virtual environment with tools like Nmap, Open-AduIT, Splunk, and more.
Prerequisites
Hands-on labs and assignments using Kali Linux, Metasploitable, Nessus and Armitage build on previously acquired knowledge of threat and vulnerability classification in this course that allows students to use the knowledge of a vulnerability to perform threat analysis. Vulnerability and patch management processes are also addressed.
Prerequisites
Complete OPSC-501
It's not a question of if an incident will take place, but when. Organizations must assume they will suffer a breach, data loss or other security event that will impact operations. Students learn to prioritize events, develop and document an incident response plan, and identify the role of forensic investigations in incident response as well as use tools to perform USB and memory forensics exercises.
Prerequisites
Complete OPSC-520 and OPSC-501
Choose One of the following courses
Students will gain an understanding and respect for emerging technology by exploring current trends in security and examining topics such as artificial intelligence, machine learning, blockchain and behavior analytics. Students will analyze the science behind these technologies as well as the ethical and privacy concerns and implications that may hinder their widespread adoption.
Prerequisites
Take OPSC-501
Today's adversaries are organized and well-funded which is why security professionals must understand their tactics and targets. Students in this course learn to distinguish cyberwarfare from cybercrime, and the differences between nation-states and APTs (Advanced Persistent Threats). The methods may differ but the target stays the same, especially when social engineering is involved.
Prerequisites
Complete OPSC-530
This course is designed to introduce a systematic process for planning, organizing and controlling projects. The course will present a practical methodology for completing projects more quickly with fewer problems. Student work will consist of readings, research, class special-topic presentations, group activities, a project management journal, and participation in a real world IT business project. Students will be encouraged to apply project-management techniques to solve existing real-world technology-related business problems.
Self-leadership is defined by a developed sense of who you are, what you can do, and where you are going, coupled with the ability to affect your behavior and emotions and to communicate effectively through the process. Students will develop a sense of self-awareness to include the values and habits of mind that drive one's practie as an innovative and creative leader, in a global and diverse workplace.
Prerequisites
Complete MGMT-525 or have equivalent knowledge or coursework.
This course provides the framework for understanding the dynamics of human interaction within an organizational context. It is built from the perspective that a key function of management is to negotiate for resources and build collaborative relationships with employees, vendors, suppliers and distributors.
Students will learn to differentiate privacy from security and how international, federal and state regulations impact organizations and govern the security of information systems and data. They will also identify security standards, survey compliance frameworks, measure return on security investment and assess the effectiveness of a security awareness program.
Prerequisites
Complete OPSC-501 and OPSC-515
Students will demonstrate advanced understanding of information security concepts, including the ability to assess risk, classify vulnerabilities and threats, and respond/recover to/from security incidents. They will be expected to utilize appropriate written and oral communication skills to showcase their ability to analyze security strategies within organizations, and manage/lead compliance and awareness efforts. Successful completion of a Capstone Project is required.
Prerequisites
Complete 27 credits in OPSC
Additional Program Details
In addition to developing advanced communication and analytical skills, and an agile, strategic mindset, graduates of the information security master's online program will demonstrate a mastery of the following industry-specific competencies:
- Develop system and data classification criteria based on both stated and innate levels of value and sensitivity.
- Evaluate systems and data resources using established criteria to prioritize their value and respond strategically.
- Assess attack strategies through the use of analysis techniques and recommend defenses to those attacks.
- Identify vulnerabilities within an enterprise system, and propose and implement effective remediation/response.
- Recommend strategies to improve existing network and system protection schemes based on observed attack patterns.
- Analyze common intrusion patterns to identify potential attack vectors and strategically enhance defenses.
- Protect systems through informed selection and application of exploits, based on known or observed vulnerabilities.
- Propose appropriate data sources and create methods of analysis to aid in tracking and detection attacks.
- Determine appropriate controls to detect suspicious behavior within systems and networks and provide recommendations to leadership.
- Angri IP Scanner
- Armitage
- Kali Linux
- Metasploitable
- Nash Equilibrium
- netcat
- Nessus
- Nmap
- Open-AduIT
- Python
- Splunk
Students will also be able to:
- Use Indicators of Compromise (IOCs)
- Evaluate threats using game theory principles
- Use honeypots and effective defenses against Distributed Denial of Service (DDos) attacks
- Conduct port and network scans
- Perform USB and memory forensics exercises
- Attack MD5 hashes
- Perform web scraping, parse security logs, and break a cipher
- Configure firewalls and patch systems
- Understand how to exploit vulnerabilities
- Evaluate malware samples to determine infection vectors, identify strategies used, and recommend solutions to prevent and detect attacks
- Distinguish cyberwarfare from cybercrime, and nation-states from APTs (Advanced Persistent Threats)
In addition to the admission requirements for all graduate program applicants, our online master's of information security program has specific requirements that must be met.
Related Work Experience Requirement
We expect that applicants have a minimum of 2 years work experience. Applicants with limited work experience will be considered on a case-by-case basis. Due to the cybersecurity talent shortage, Champlain no longer requires applicants to have work experience in an IT or cybersecurity field. However, applicants who lack 2 years experience in the field may need to complete additional requirements while in the program.
Related Bachelor's Degree Requirement
Applicants to the master's in information security program must hold a bachelor's degree from a regionally accredited institution with at least a 2.5 GPA or equivalent. While a focus in information technology, computer science, cyber security or similar discipline is preferable, those who hold a bachelor's degree in another discipline are encouraged to apply.
For those without an IT or Cybersecurity background completion of CMIT 500 will be required. For those with an IT background, but not cybersecurity, CMIT 500 may be suggested.
Champlain College Online's computer science faculty, led by Department Chair Richard Pickering, are expert practitioners in the field. Their industry expertise ensures that our curriculum is aligned with the needs of employers, and reflects the skills today’s IT systems professionals need for success. Classes led by our seasoned experts will give you real-world insight into the world of information technology, and create a rich community of career-focused learning.
Tuition & Costs
Graduate Tuition Fall '23 - Summer '25
$595
per credit
$450**
PER CREDIT FOR ALUMNI, associate degree graduates, Servicemembers, Veterans, and family members of veterans and servicemembers
$150
One-time graduation fee
*Based on a 3-credit course; cost will vary if course is a different number of credits
See the graduate cost of attendance and fees here
Affordability and Paying For Your Education
We provide a number of options to make your online education affordable, including preferred tuition for alumni, associate degree graduates, community college graduates, and military.
Shape Your Career in Cybersecurity Leadership
As cyber threats grow, so does the need for information security experts with a blend of technical and management skills. According to the Bureau of Labor Statistics, there will be a 13% growth* in computer and information technology occupations through 2030, indicating a high demand for professionals skilled in proactive cyber defense and management.
Champlain’s MS in Information Security prepares you to drive impactful cybersecurity strategies, ensuring your organization stays resilient despite evolving digital threats.
*Source: Bureau of Labor Statistics, 2024
Top Careers for MS in Information Security Management Graduates:
- Chief Information Security Officer (CISO)
- Incident Response Manager
- Cybersecurity Consultant
- Digital Forensics Expert
- Vulnerability Management Lead
Why Champlain
Career Growth
"I learned so many things that were outside - yet integral to - my professional environment. This gave me the opportunity to future-proof my career. I've seen changes in my career already, and I've been able to apply so much of what I learned at Champlain at work."
Danielle Hewitt
Master's Degree in Information Security
Acquisition Program Manager
Academic Excellence and Recognition
Regionally accredited by the New England Commission of Higher Education
Designated as a Military Friendly School for our commitment to the military community
Ranked among the best by Tech Guide for game design and computer science
Named the among the best schools with accelerated bachelor's degrees by Intelligent.com
Meet the Program Director
Benjamin Luthy, MS, CISSP, CISM, CDPSE
Program Director, Cybersecurity and Information Security
Oversees
- Cybersecurity
- Cybersecurity Analytics
- Information Security
About
Benjamin Luthy has over 20 years of experience in delivering client-focused technical solutions to safeguard information systems and data in highly regulated environments. He holds multiple industry certifications reflecting his commitment to continuous learning and expertise in security and enterprise technologies. His research interests include information security, intelligence, and cloud computing and traditional infrastructure. As a recognized speaker at industry conferences, he has shared insights on strengthening cyber compliance and has been actively involved in competitive cybersecurity events, including winning the B-Sides Las Vegas Capture the Flag Competition on the 'Joes' team for his work in Windows Operating System Defense.
Outside of his professional pursuits, Ben is a professional musician, enjoys the outdoors, and spending quality time with his family.
Frequently Asked Questions
Following are some frequently asked questions about the information security management master's degree.
The MS in Information Security is an advanced online master’s degree program designed for professionals involved in day-to-day system and network operations at mid to large-sized enterprises. The management track ensures hands-on learning and real-world application, addressing both strategic and tactical aspects of information security.
The management track curriculum includes courses in project management, leadership, group dynamics, communication and negotiation, security regulations and compliance management, and ends with an information security capstone project.
Graduates can pursue roles such as information security analyst, cybersecurity consultant, risk manager, or computer and information systems manager.
You may also be interested in
Get You MS Information Security Program Guide
Learn what you can expect from our online master's in information security program.
Download Program Guide
I acknowledge that, by clicking the "submit" button, I am giving my express written consent to Champlain College and its representatives to contact me about educational opportunities via email, text, or phone, at the phone number above, including my mobile phone, using an automatic dialer, or pre-recorded message. Message and data rates may apply. I understand that my consent is not a requirement for enrollment, and I may withdraw my consent at any time.
