Technology permeates our lives. The significant conveniences and advantages this brings are evident. The equally significant dangers posed by hackers and other cyber threats? Perhaps less so. And yet the dangers are quite real. In 2019 alone, the FBI’s Internet Crime Complaint Center (IC3) recorded more than $3.5 billion in losses to victims across the United States as the result of cyber crime.
Cyber security is critical in effectively detecting and responding to data privacy risks. That’s why small businesses, mid-sized corporations, government agencies, and educational institutions alike seek cyber security professionals with expertise in information security and risk management. They understand that their survival depends on protecting themselves from a broad variety of cyber attacks.
Cyber security is currently a seller’s market, the result of a substantial shortfall in cyber security management talent. In 2023, (ICS)2 estimated the worldwide shortage of cyber security professionals at 3 million. With 4.7 million professionals currently in the field, that’s a shortfall of more than 60 percent.
Cyber security has long embraced people with nontraditional backgrounds. Even so, you need expertise to succeed in this field. Those with a master’s degree and work experience will find that career opportunities are vast, with high-paying job prospects across private and public sectors. A master’s in cyber security qualifies you for many of the best jobs available in the field. As the website for the University of Tulsa‘s MS in Cyber Security program notes, students with this degree “master the theory, concepts and techniques of information assurance and network defense in real-world environments.”
If you’re considering completing a cyber security master’s degree, you’ll need to know how to gain admission to a program. Fortunately, the admission requirements (i.e., prerequisites) for cyber security masters programs tend to be similar, although the application process may differ slightly from one school to the next.
Our guide to masters in cyber security prerequisites covers:
Cyber security master’s degree program applicants must complete and submit an application for admission along with a nonrefundable application fee. On average, application fees cost around $100. Some programs charge higher fees. Others may require prospects to pay for additional testing to confirm their readiness to attend.
When researching programs, you may also come across graduate-level programs that don’t charge an application fee. Others provide application fee waivers to students based on criteria like financial hardship or active military status. Some schools waive fees for students who visit their school before applying or provide all required materials by the school’s application deadline. In other cases, waivers may be granted to students who simply ask for them. It never hurts to ask.
In its 2022 Cybersecurity Workforce Study, (ISC) estimates the size of the the global cyber security workforce at 4.7 million. It also indicates that the current workforce is 3.4 million workers short. That’s over 3 million positions waiting to be filled by qualified cyber security experts (nearly half a million of them in North America alone). (
According to the Bureau of Labor Statistics, top-paying employers in cyber security analytics include those in:
- Information services: $149,500
- Securities, commodity contracts, and other financial instruments: $142,000
- Research and development in the physical, engineering, and life sciences: $129,000
- Scientific research and development services: $128,500
- Software publishers: $126,000
- Publishing: $125,700
The average salaries of professionals with a Master's degree are between $91,000 and $109,000, respectively. About half of all professionals in this field hold a graduate degree. ( )
|University and Program Name||Learn More|
Applicants typically need an undergraduate education to qualify for graduate school. Master’s-level cyber security degree programs are no different. Some schools’ admissions requirements may highlight a preference for students with a bachelor’s degree in engineering, computer science, or other information technology-related fields. Others may cast a wider net.
Many graduate schools prefer applicants with foundational knowledge in such essential areas as programming languages and information systems architecture. Such expertise can be demonstrated through undergraduate coursework, standalone classes, or certifications. Prospective graduate students who lack this expertise are usually required to complete a series of foundation courses either before starting a program. Bridge programs are another option for candidates to gain the expertise needed to continue on to master’s programs in the field.
The Tandon Bridge Program at New York University, for example, provides applicants who lack a STEM background with the requisite knowledge. The program covers candidates to Master of Science in Cyber Security programs as well as other select master’s degree programs at the school. An added benefit, this program is certified by the Center of Academic Excellence (CAE), created by the National Security Agency (NSA) and the Department of Homeland Security (DHS) to recognize schools that offer rigorous degree programs in information security.
The minimum undergraduate grade point average (GPA) varies from program to program. Most schools require applicants to submit official transcripts demonstrating a minimum cumulative undergraduate GPA of 3.0. More competitive programs may require an even higher minimum.
In other cases, schools are more flexible and admit students with a lower minimum GPA, or may not even have a GPA “cutoff.” Some, such as the online master of science in cyber security at the University of Arizona, offer students with a low GPA “probationary” admission status. This changes to unconditional admission once they achieve a cumulative GPA of 3.0 or higher in their first round of non-degree seeking classes at the school.
Most cyber security degree programs require a statement of purpose. Submitted in essay form, this document allows you to highlight your education, professional experience, skills, and interests in the program. Your goal in writing this is to convince the admissions committee of your potential to succeed in graduate study.
If necessary, the statement of purpose may also address any blemishes, gaps, or weaknesses in your academic record. Detail how you overcame these obstacles. Also, make sure to explain how the experience helped you become a better student and/or professional.
Most cyber security graduate programs also require two to three letters of recommendation. Some schools limit recommenders to employers, supervisors, or others who can comment on a candidate’s personality, strengths, and professional potential. Others may stipulate that at least one letter must be penned by a former professor or related academic faculty members.
Your goal is to demonstrate that you have impressed others with your skills and responsibility. That’s why these letters should be written by someone who has supervised or taught you. Letters from family members are a bad idea: they signal that you haven’t impressed anyone outside your family.
Cyber security masters degree programs may also require students to meet additional requirements as part of the admissions process. These may include:
Many schools prefer applicants who have both an undergraduate degree and some relevant professional experience. Your work experience could include jobs in information assurance, digital forensics, penetration testing, or other niche areas of IT or cyber security.
Candidates with extensive industry experience may have the option to pursue an accelerated cyber security program. These programs, pursued full-time, can be completed in as few as 14 months.
In some cases, programs in the field may accept working professionals who lack formal undergraduate education but have work experience in computer security. Other programs may consider applicants from a range of professional backgrounds and note that although prior work experience is preferred, it is not required for admission.
Many master’s programs require standardized test scores. Cyber security programs typically ask for GRE scores. The GRE tests math (nothing beyond high-school level), English language, and logic.
Not every school requires applicants to submit their scores. Some issue waivers to students with sufficient previous work experience. Others waive the requirement for those who meet minimum undergraduate GPA requirements. Some waive the requirement for alumni or those who hold another graduate degree.
When applying to cyber security masters programs in the United States, prospective students whose native language is not English typically need to certify their English language ability. They’re usually required to submit TOEFL scores to confirm they have the English-language skills necessary to succeed in an academic setting.
Like GRE waivers, schools may allow students to skip this requirement if they hold a degree from an accredited institution where English is the primary language of instruction. Others may allow international students to bypass the TOEFL prerequisite if they complete an intensive English language program that’s either recognized by, or affiliated with, their program of choice.
Questions or feedback? Email firstname.lastname@example.org