Learn more about the program LIVE on February 22, 2012 at 12PM EST.

Register for our Information Assurance Graduate Program Prospective Student Webinar.

Prepare to Combat Information Security Threats Train for a Career That’s in Demand! 

Northeastern University’s interdisciplinary Master of Science in Information Assurance program provides the broad knowledge you need to make strategic decisions about information security issues, including identity theft, computer viruses, and electronic fraud. 

• Focus on information technology as well as relevant knowledge from the social sciences, law, criminology, and management.
• Learn from highly qualified faculty how to assess and manage information security risks, and how to present your recommendations to management.
• Customize your program with courses that meet your professional needs.
• Study full-time or part-time, on campus or online, in a program ideal for working professionals.
• Complete your degree requirements in as few as four semesters.

With cyber attacks accelerating, there is a shortage of trained information assurance professionals and a tremendous need for their skills.

View the requirements for admission to the Master of Science in Information Assurance program that prepares you for these career opportunities.

In Northeastern’s Master of Science in Information Assurance program, students take courses tailored to their backgrounds. Students with social science and other backgrounds strengthen their technical skills, and those with prior technical experience add to their understanding of the context in which they will apply technology. All students learn about the key issues in information security and how technology can help resolve them.

Electives let students customize their program to meet their organization’s needs and their own professional goals.

The required capstone project enables students to tackle an information security issue important to their organizations, demonstrate their industry knowledge, and collaborate with others.

The program requires completion of 32 semester hours of coursework. This includes:

• IA 5010 Foundations of Information Assurance (4 semester–hour core course)
• At least two 4 semester–hour courses from each of the technical and contextual tracks (a total of 16 semester hours)
• Electives (8 semester hours)
• Interdisciplinary Capstone Team Project (4 semester hours)

Required Courses

• IA5010 Foundations of Information Assurance 4 semester hours
• IA7900 Capstone Project 4 semester hours

Technical Track (complete at least 2 courses)

• IA5120 Applied Cryptography 4 semester hours
• IA5130 Computer System Security 4 semester hours
• IA5150 Network Security Practices 4 semester hours
• IA6120 Software Security Practices 4 semester hours

Contextual Track (complete at least 2 courses)

• IA5200 Security Risk Management and Assessment 4 semester hours
• IA5210 Information System Forensics 4 semester hours
• IA5240 Ethics, Privacy, and Digital Rights 4 semester hours
• IA5250 Decision Making in Critical Infrastructure 4 semester hours

Electives

All information assurance courses may be taken as electives. With approval from the Master of Science in Information Assurance program director, computer science, criminal justice, engineering, and business administration courses can also be accepted as electives.  Examples of elective courses are:

IA5976 Directed Study

IA5978 Independent Study

IA5984 Research

IA8982 Readings

CJ7224 Law and Psychology

CJ7252 White Collar Crime

CJ7242 Terrorism and International Crime

CS5500 Managing Software Development

CS5600 Computer Systems

CS5200 Database Management Systems

CS5700 Fundamentals of Computer Networking

CS6710 Wireless Networks

CS6540 Foundations of Formal Methods and Software Analysis

MGMT6215 Strategic Security Management

Sample Course Plan

First Semester

Second Semester

IA5010

Foundations of IA

Elective from Technical Track

Elective from Technical Track

Elective from Contextual Track

Third Semester

Fourth Semester

Elective from Contextual Track

IA7900 

Capstone Project

Total Semester Hours = 32

IA5001 Cyberspace Technology and Applications

This course provides a systematic understanding of Cyberspace Technology and Applications deployed in the global digital infrastructure. Students are trained in PC hardware architectures, server architectures and operating systems. Students are also trained in computer and networking standards, such as Open Systems Interconnection Model and the wireless family of IEEE standards dealing with local area networks and metropolitan area networks. Relational database technology and storage systems are discussed and an overview of virtualization technologies and cloud computing models is also provided. Combines online lectures with computer-based labs and assignments.

IA5010 Foundations of Information Assurance

Prerequisite: IA5001 for students with a social sciences background or permission of instructor

In this course, students will build a common cross-disciplinary understanding of the foundations of information assurance. The course presents an overview of basic principles and security concepts related to information systems, including workstation security, system security, and communications security. The course introduces information security via database technology. It discusses the legal infrastructure, including DMCA, the Telecommunications Act, and wire fraud and other ethical issues. The course also covers security methods, controls, and procedures; the economics of cyber crime; criminal procedure; and forensics. In addition, the course describes the use of cryptography as a tool, software development processes, and protection. Students will develop an understanding of the information assurance profession and how they can apply this knowledge to support their organizations.

IA5120 Applied Cryptography

Prerequisite: IA5010 and permission of instructor

This course provides a survey of both the principles and the practice of cryptography. Among the topics covered are symmetric encryption schemes, including DES and AES; public key cryptosystems such as RSA; Discrete Logarithm; hash functions, authentication, and digital signatures; key management; and digital certificates. Also discussed are network security protocols and applications, including Kerberos and SSL.

IA5130 Computer Systems Security

Prerequisite: IA5010 and permission of instructor

Study issues involved in the security of computer systems. Topics include security models, authentication issues, access control, intrusion detection, and damage control. The course incorporates case studies and laboratory exercises.

IA5150 Network Security Practices

Prerequisite: IA5010 and IA5130 or permission of instructor

Study issues involved in the security of computer networks. Topics include firewalls, viruses, virtual private networks, Internet security, and wireless security. The course incorporates case studies and laboratory exercises.

IA5200 Risk Management for Information Assurance

Prerequisite: IA5010 and permission of instructor
This course provides the principles and methodologies involved in identifying and addressing information risk management issues in organizations. Students are trained in information security risk assessment and the creation of security plans. They are also trained to create policies and procedures to manage risks related to identity and access management, network, database and application monitoring, and infrastructure vulnerabilities. The course provides the necessary knowledge and understanding of the requirements for compliance with U.S. and International laws, federal systems guidelines, standards, directives, and industry best practices. It combines classroom lectures with practical projects and presentations.

IA5210 Information System Forensics

Prerequisite: IA5010 and permission of instructor

Designed to allow students to explore the techniques used in computer forensic examinations, this course examines computer hardware, physical and logical disk structures, and computer forensic techniques. Hands-on experiences will be conducted on DOS; Windows operating systems; Macintosh, Novell, and Unix/Linux platforms; and network devices such as switches and routers. Students will build on basic computer skills and gain hands-on experience with the tools and techniques to investigate, seize, and analyze computer-based evidence, using a variety of specialized forensic software in an IBM-PC environment.

IA5240 Ethics, Privacy, and Digital Rights

Prerequisite: IA5010 and permission of instructor

Understand the legal and ethical issues associated with information security, including access, use, and dissemination. Emphasis is on the legal infrastructure relating to information assurance, such as the Digital Millenium Copyright Act, Telecommunications Decency Act, HIPAA, and Sarbanes-Oxley Act, and on emerging technologies for management of digital rights, such as PCI-DSS. Examine the role of information security in various domains, including healthcare; scientific research; and personal communications, such as e-mail. Also examine such criminal activities as computer fraud and abuse, desktop forgery, embezzlement, child pornography, computer trespass, and computer piracy.

IA6120 Software Security Practices
Prerequisites: IA5010 and IA5130 or IA5150 or permission of the instructor
This course provides the principles and methodologies for addressing software security risk issues in organizations. Students are trained in software security vulnerabilities and creation of software security controls. Students are also trained to create software solutions to address software security issues in accordance with Information Assurance requirements and in compliance with US and International laws, Federal systems guidelines, standards, directives and industry best practices. Combines lectures with hands-on lab assignments and labs.  

IA7900 Capstone Project

Prerequisite: IA5010 and permission of instructor

The team project is intended to draw together candidates from diverse backgrounds (technical, legal, and/or law enforcement) in a collaborative activity to address one or more security issues from an integrated perspective. The project is generally oriented toward industry. A project proposal is submitted and accepted prior to the semester in which the project is to be undertaken.

Faculty

Faculty with extensive experience in industry and research teach you the best and latest practices in information assurance.

Themis Papageorge, Information Assurance Program Director and Associate Clinical Professor For ten years before he joined the College of Computer and Information Science, Themis Papageorge was vice president of services at Guardium a market leader in database security, auditing, and monitoring, and at Courion, a leader in identity access management, authentication, and security. He has a total of twenty-five years of corporate experience in technology, planning, and process and system redesign, including twelve years at the Digital Equipment Corporation. He received his PhD in risk management and engineering economics from the MIT Sloan School of Management, an MS in naval architecture and marine engineering from MIT, and a BS in naval architecture and marine engineering from National Technical University of Athens, Greece.

Kevin Amorin is the Director of Technology at Nexage where he is responsible for high performance, high volume infrastructure. He has more than twelve years of IT industry experience including organizations such as Microsoft, Motorola, and seven years as the network security manager at Harvard Kennedy School. Kevin Amorin received his MS degree in computer science from Northeastern University's College of Computer and Information Science. Since 2008, Kevin has been the coach/adviser to the Northeastern Cyber Defense team. The team competes in the Collegiate Cyber Defense Competition, which is a three-day annual event designed to help students sharpen their skills and boost their knowledge about administering and protecting a large corporate network. The NU team won the Northeast region twice, and in 2010 won the National Collegiate Cyber Defense Competition title beating out over 80 universities.

Derek Brodeur is an IA professional. Derek received his MS degree in Information Assurance from Northeastern University's College of Computer and Information Science in 2010. He is currently an information systems engineer at The MITRE Corporation and provides network security and systems engineering support to the US Air Force.

Kyle Courtneyis an attorney presently working at Harvard Law School as the Head of External Resource Sharing and Faculty Research.  He currently maintains a dual appointment at Northeastern University teaching for the School of Law and also teaching for the interdisciplinary Information Assurance program at the College of Computer and Information Science.  He has continued to design and teach seminars in legal research methods for the Columbia Law’s Human Rights Institute.  Courtney also lectures on intellectual property and plagiarism for the graduate Communication Management Program at Emerson College.  He graduated with distinction from Suffolk University School of Law, where he was accepted into the school’s specialized Intellectual Property program. He received his MLS from Simmons College in Boston. He is a published author and writes a monthly column on research methods for Massachusetts Lawyer’s Weekly.

Michael Higgins is a veteran security executive with more than 20 years of experience working in the Government and in private industry.  As the founder of the DOD Computer Emergency Response Team (DOD-CERT), Mike was one of the earliest advocates in the leadership role of the Federal Government through the identification of critical infrastructures.  Currently, Mike serves as the Chief Security Officer (CSO) for The New York Times Company leading the company’s risk, compliance, security, and privacy programs.  Previously Mike held the CSO position at LexisNexis following their highly visible public breach in 2005.  For more than a decade Mike was an executive security consultant to Fortune 500 companies including Time Warner, Citigroup, Sun Microsystems, Merrill Lynch, JPMorgan Chase, and British Petroleum.  Mike holds dual certifications as a Certified Information Security Manager (CISM) and a Certified Protection Professional (CPP) and is the recipient of the Defense Intelligence Agency’s Director’s Medal and Federal Computer Week’s Federal 100 Award.  Mike has also been a visiting lecturer for over 10 years at the McIntire School of Commerce at the University of Virginia and a former adjunct professor in the Information Assurance Program at The George Washington University. Mike received his Bachelor’s degree from Northeastern University and his Master’s from the Viterbi School of Engineering at the University of Southern California.

Frederick J. Howell, Jr., MBA, CISSP is a senior information security assurance specialist with the Bose Corporation. He is an experienced information security consultant for Fortune 500 companies and has also worked for the office of the attorney generals in Massachusetts and New Hampshire. He is currently completing his PhD in information assurance at the University of Fairfax in Virginia.

Richard Moore, CISSP, CISM, GPEN received a master's degree in Information Assurance from Norwich University in 2005. He is currently the Vice President- Senior Audit Manager, Security & Risk for RBS Americas.  Prior to joining RBS Americas he was an information security consultant for Fortune 500 companies and federal government agencies. His professional credentials include Certified Industry Systems Security Professional (CISSP), Certified Information Security Manager (CISM), and Global Information Assurance Certification Penetration Tester (GPEN). He serves on several professional boards and is a contributing author for the fifth version of the Computer Security Handbook.

David LaPorte received his MS degree in information assurance from Northeastern University’s College of Computer and Information Science in 2009. He is the security manager for Harvard University’s network and server systems and a teaching fellow at Harvard University Extension School.

Lennart E Long is a consultant in security and high technology. Len graduated from Northeastern University with a Bachelors and a Masters Degree in Electrical Engineering and has taken graduate courses there, at the University of New Hampshire, and Johns Hopkins University. He is a Certified Protection Professional and Quintilian Peer. Mr. Long has over 30 years of experience in security, business development, program management, training, physical security consulting, as well as electronic systems trouble shooting and design. He work on the White House Security Policy Board Technical Committee in Risk Assessment Methodologies, chaired a White House sponsored international committee on instrumentation, and worked for the White House Communications Agency. He also worked with most government agencies as a technical security and electronics consultant. He has held positions as a Management and Training Consultant and Program Manager for large and small projects or programs for the Government, as well as industry, and was the technical security consultant to the US Deputy Secretary of State. Mr. Long has experience teaching at UNH, UMASS-Lowell, Federal Law Enforcement Center, many elements of the Government including USDOT, GSA, SSA, DOS, and the IRS, and was the Training Lead for the New York City MTA's $212 million dollar IESS/C3 System of Systems Project. He has organized and managed 25 security and homeland security conversces and was invited to be the keynote speaker for the NATO/IEEE Homeland Security Conference in Houston, New Orleans, and Boston. He managed the design and upgrade of a new command center and the consolidation of several command centers into one at the US Bureau of Engraving and Printing as part of a $30 million dollar security upgrade. He holds several patents and is well published.    

Dennis Treece is the director of corporate security for Massport and responsible for all aspects of security at Logan International Airport. He has over thirty years of security experience and has worked with intelligence, security, and law enforcement agencies at all levels.

Leonard Wisniewski is currently Director of Technology Services for the Institute of Quantitative Social Sciences at Harvard University.   Len has held various engineering and management roles in High Performance Computing at Sun Microsystems, Thinking Machines (acquired by Sun), and Acopia Networks (acquired by F5 Networks).  He received a PhD in computer science from Dartmouth College and has taught at Endicott College, Daniel Webster College, and Dartmouth College.

Admission Requirements

Admission to the Master of Science in Information Assurance program requires:

• A bachelor’s degree
• Knowledge of basic information technology concepts and mathematics
• To ensure an adequate background, students are expected to have taken courses or have experience in introductory computer systems and discrete mathematics. If students do not have this preparation, their advisers will assign the necessary prerequisite courses.

The Graduate Record Examination (GRE) is highly recommended for applicants to the MS in Information Assurance program who would like to be considered for financial assistance. A combined GRE score of 1100 and writing score of 3, or a TOEFL score of 250 CBT/100 IBT, is recommended. English tests may be required of international students when they arrive on campus.

International students must submit official scores on the TOEFL examination and a Declaration and Certification of Finances (DCF) form (if applicable).

All applicants must submit:

• A completed application form
• Three confidential letters of recommendation
• The application fee of US$50
• Official transcripts from all colleges/universities attended

The following items must accompany the application:

• A recent professional resume listing detailed responsibilities in each position
• A written statement of purpose,career orientation, and expected outcomes and benefits from the program

Admission is granted upon the recommendation of the program's Graduate Committee after a review of complete application materials.

Financial Aid

Eligible students may be considered for financial aid. Provisional, special, and other students are not eligible for scholarships.

Scholarship Programs  

Two scholarship programs that provide full-tuition and stipend are available to qualified U.S. citizens: 

• Department of Defense Information Assurance Scholarship Program
• NSF Federal Cyber Service: Scholarship for Service

Dean’s Scholarship Program  

The Dean’s Scholarship Program covers tuition according to the following guidelines:

• Full-time students are eligible for a graduate tuition scholarship of up to one-third of tuition. The maximum dollar amount may not exceed the tuition charged for 4 semester hours in each term of full-time registration.
• Part-time students are eligible for a graduate tuition scholarship of up to one-quarter of their tuition. The maximum dollar amount may not exceed the tuition charged for 2 semester hours in each term of part-time registration.
  

For detailed information, contact the Office of Student Financial Services, 354 Richards Hall, 617.373.3190.

Request More Information

For more information please contact msia@lists.ccs.neu.edu