Cybersecurity Policy & Risk Management (M.S.)

Cybersecurity Policy & Risk Management (M.S.)
Woman presenting about cyber

The online M.S. in Cybersecurity Policy and Risk Management (CPRM) cultivates strategic thinking, policy development and risk-management skills for a more secure future. The program features expert faculty who help blend strategy and policy with preparedness, incident response, recovery, and resilience.

  Credit Hours: 30   |     Program Length: 12 months  |    Tuition Cost


What is cybersecurity policy and risk management?

The University of New Hampshire’s fully online Master of Science in Cybersecurity Policy and Risk Management (CPRM) blends strategy and policy with preparedness, incident response, continuity and resilience — the heart of the security studies discipline. In as few as 12 months, you will graduate prepared to assess cybersecurity risk and to design, implement and oversee the necessary cybersecurity policies and processes for resilient, secure and successful organizations.

Why study cybersecurity policy and risk management at UNH?

The demand for master’s-level cybersecurity and risk management professionals is on the rise in the U.S. and globally. Guided by full-time faculty, practicing experts and senior executives, the CPRM degree fosters the strategic thinking, policy development and risk management skills that will set you apart in the high-demand cybersecurity field. Our highly interdisciplinary program is designed for students and working professionals with a variety of backgrounds — business, healthcare, IT, finance, homeland security, law and more — so you do not need an undergraduate degree in a technical field to be successful.

Potential careers

Technical background:

  • Cyber Risk Analyst
  • Cybersecurity Strategist
  • Product Security Strategist
  • Security Architect
  • Chief Information Security Officer
     

Non-Technical background:

  • Business Cyber Risk Associate
  • Security Risk and Compliance Associate
  • Cyber Policy and Strategy Planner
  • Cyber Resilience Coordinator
  • Director of Cybersecurity Business Alignment

Request Information
We use text messages to communicate important event and application information (msg and data rates may apply).



Assess Threats. Implement Policy. Secure Organizations.

Online Master of Science in Cybersecurity Policy and Risk Management blends strategy and policy with preparedness, incident response, continuity, and resilience. Learn from expert faculty and in as few as 12 months, you will graduate prepared to assess cybersecurity risk and to design, implement and oversee the necessary cybersecurity policies and processes for resilient, secure, and successful organizations.

National Security Agency Seal

 

National Center of Academic Excellence in Cyber Defense Education

UNH is the first institution in New Hampshire to be designated a National Center of Excellence in Cyber Defense Education by the U.S. National Security Agency and the Department of Homeland Security.

Learn more

DHS Seal

 

Student Spotlights & Program News

Student at desk in cybersecurity program

National Cyber Security Awareness Month

National Cyber Security Awareness Month

USNH to host virtual and in-person events

Article
Brett White '21G, graduate of the UNH Master of Science in cybersecurity policy and risk management

Cybersecurity Spotlight: Brett White '21G

Cybersecurity Spotlight: Brett White '21G

Article
James Glennon '12, '20G, recent graduate of the cybersecurity policy and risk management program

Cybersecurity Spotlight: James Glennon '12, '20G

Cybersecurity Spotlight: James Glennon '12, '20G

Article
Read more Cybersecurity Policy and Risk Management stories

Curriculum & Requirements

This program is offered online.

The M.S. in Cybersecurity Policy and Risk Management (CPRM) program cultivates strategic thinking, policy development, and risk-management skills for students interested in careers in business or government. The program features full-time faculty and industry experts who help blend strategy and policy with preparedness, incident response, recovery, and resilience – the heart of our security studies discipline.

Students may come from business, public administration, healthcare, finance, homeland defense and security, retail, law, insurance, and a myriad of technical and engineering disciplines. Prior experience or undergraduate degrees in technical fields are not required.

This is an online only program, taught over five 8-week terms per academic calendar year.

The degree requires a minimum 30 graduate credits made up of nine core courses and culminating with a required capstone experience. The capstone involves a project custom-designed by each student (in cooperation with an advisor) to address real-world or work-related challenges in cybersecurity. Students research into the chosen challenge/problem, and then synthesize and apply their knowledge to recommend solutions or other deliverables that help address the problem.

Core Courses (All Required)
CPRM 810Foundations of Cybersecurity Policy3
CPRM 820Policy Development and Communication3
CPRM 830Security Measures I3
CPRM 840Cybersecurity Standards, Regulations, and Laws3
CPRM 850Security Measures II3
CPRM 860Incident Response and Investigation3
CPRM 870Cybersecurity Risk Management3
CPRM 880Cybersecurity Metrics and Evaluation3
CPRM 890Organizations, Change Management, and Leadership3
Concluding Experience
CPRM 898Capstone Project3
Total Credits30

UNH students may be considered for “Accelerated Master’s” (AM) dual degree status which permits you to begin studying for a master’s degree while still finishing your bachelor’s degree.

When taking courses in AM status, you earn course credit toward both your undergraduate and graduate degrees.

This saves time and money and gives a boost to your career prospects and workplace advancement.

See the Graduate School site for AM application requirements and support.

The AM option for MS CPRM is open to UNH students at Durham and Manchester campuses.

Undergraduate degrees

The MS CPRM program accepts students from all undergraduate degrees, both non-technical and technical. Students may come from business, public administration, healthcare, finance, homeland defense and security, retail, law, insurance, and a myriad of technical and engineering disciplines. Prior experience or education in technical fields is not required.

The AM program for MS CPRM also aligns with UNH’s minor in Cybersecurity Policy, which means that you can earn the Cybersecurity Minor alongside your chosen major.

Timeline

  • Junior year: Apply for the MS CPRM program under the “Accelerated Master’s” (AM) option.
  • Senior year: If accepted as an AM student, begin taking the approved classes (see below) and receive credit toward both your undergraduate and graduate degrees. For MS CPRM, you may start taking classes only in Fall or in Spring. Students must begin with CPRM 810 Foundations of Cybersecurity Policy as their first class.

Program Rules

All CPRM courses are taught asynchronously online in our intensive 8-week term structure and at the graduate level only. There are two consecutive terms in the Fall semester and two in the Spring.

AM students may start their MS CPRM studies only at the beginning of Fall or Spring (first taking CPRM 810 Foundations of Cybersecurity Policy). A Summer start is not permitted.

AM students are not permitted to take more than one CPRM class per term without prior approval by the CPRM program coordinator.

This rule is put into place because AM students will be starting CPRM classes while also completing bachelor degree requirements in the senior year (typically including demanding classes such as capstones or other challenging classes), and we want to preserve the best option for student success in both your undergraduate and graduate pursuits.

To complete the MS CPRM degree, students must fulfill all requirements for the program.

Courses

While in AM status, you may take up to 12 credits of the following courses. These credits will apply to both your undergraduate and MS CPRM degree.

You must begin with CPRM 810 Foundations of Cybersecurity Policy (which is offered in Term 1 in the Fall and Term 3 in the Spring).

CPRM 810Foundations of Cybersecurity Policy3
CPRM 820Policy Development and Communication3
CPRM 830Security Measures I3
CPRM 840Cybersecurity Standards, Regulations, and Laws3
CPRM 850Security Measures II3
CPRM 890Organizations, Change Management, and Leadership3

Example Schedules

These are only examples. Once accepted into the AM option for MS CPRM, you will work with your MS CPRM advisor to establish a schedule that works best for you.

Fall Start

Plan of Study Grid
FallCredits
Junior Year
Apply for the MS CPRM program under the “Accelerated Master’s” (AM) option
Fall of Senior Year
CPRM 810 Foundations of Cybersecurity Policy (Term 1) 3
CPRM 830 Security Measures I (Term 2) 3
Spring of Senior Year
CPRM 850 Security Measures II (Term 3) 3
CPRM 840 Cybersecurity Standards, Regulations, and Laws (Term 4) 3
After Bachelor's Degree Awarded
Transition to normal graduate student status and continue with the remaining requirements for the MS CPRM program. See important comments below re: this transition.
 Credits12
 Total Credits12

Spring Start

Plan of Study Grid
SpringCredits
Junior Year
Apply for the MS CPRM program under the “Accelerated Master’s” (AM) option
Fall of Senior Year
Take only your undergraduate courses per your bachelor’s study plan
Spring of Senior Year
CPRM 810 Foundations of Cybersecurity Policy (Term 3) 3
CPRM 830 Security Measures I (Term 4) 3
Summer of Senior Year
If you are still pursuing your bachelor’s degree (e.g., will graduate in September rather than May), you may elect to take CPRM 850 in Term 5 of the summer semester.
CPRM 850 Security Measures II (Term 5) 3
After Bachelor's Degree Awarded
Transition to normal graduate student status and continue with the remaining requirements for the MS CPRM program. See important comments below re: this transition.
 Credits9
 Total Credits9

Transition to normal graduate student status

Upon completion and award of your undergraduate degree, you will no longer be an “AM” student but will transition to normal graduate student status.

It is important to plan for this transition in advance, as there will be both academic and financial implications to consider.

Be sure to reach out to all available advisors to help you plan for a smooth transition.

  • Describe & explain the conceptual framework of cybersecurity and its role in risk management; and discuss the history and various approaches to cybersecurity.
  • Analyze the conceptual framework of cybersecurity, and identify & integrate the standards and other resources for the professional development, implementation, and management of cybersecurity policies and methods.
  • Reflect on the organizational structures, information, and skillsets required for ongoing evaluation & revision of cybersecurity in a variety of real-world organizations.
  • Communicate professionally and effectively with upper management, regulators, partners, colleagues, clients, and other end-users regarding cybersecurity planning and incident management.
  • Explain & justify the needs for cybersecurity policy development, implementation, and management (within or across businesses, agencies, other organizations, industries, sectors, and nations).
  • Strategize & customize cybersecurity risk management policies and processes for private or public organizations, with balanced consideration of organizational goals, regulatory mandates, industry best practices, and professional ethics.

Apply now

Requirements

Applicants must hold a baccalaureate degree from an accredited college or university, but a specific major is not required. For example, students may come from business, public administration, healthcare, finance, homeland defense and security, retail, law, insurance, and a myriad of technical and engineering disciplines.

Current UNH undergraduates may apply for accelerated admission before completion of the baccalaureate degree. Read more information about this below.

The admissions committee uses a portfolio approach: applications are reviewed and decisions are made based on past academic performance, letters of recommendation, professional experience, civic engagement, and other qualities expressed via your personal statement.

Deadlines

Applications must be completed by the following deadlines in order to be reviewed for admission:

  • Fall: July 1
  • Spring: December 1
  • Summer: N/A

For current UNH undergraduates seeking accelerated admission (see below), you must apply and be admitted to the program during the admissions cycle before the senior-year semester during which you want to enroll in courses for graduate credit.

Application fee: $65

Campus: Online

New England Regional: No

Accelerated Masters: Yes (for more details see the accelerated masters information page)

Transcripts

If you attended UNH or Granite State College (GSC) after September 1, 1991, and have indicated so on your online application, we will retrieve your transcript internally; this includes UNH-Durham, UNH-Manchester, UNH Non-Degree work and GSC. 

If you did not attend UNH, or attended prior to September 1, 1991, then you must upload a copy (PDF) of your transcript in the application form. International transcripts must be translated into English.

If admitted, you must then request an official transcript be sent directly to our office from the Registrar's Office of each college/university attended. We accept transcripts both electronically and in hard copy:

  • Electronic Transcripts: Please have your institution send the transcript directly to grad.school@unh.edu. Please note that we can only accept copies sent directly from the institution.
  • Paper Transcripts: Please send hard copies of transcripts to: UNH Graduate School, Thompson Hall- 105 Main Street, Durham, NH 03824. You may request transcripts be sent to us directly from the institution or you may send them yourself as long as they remain sealed in the original university envelope.

Transcripts from all previous post-secondary institutions must be submitted and applicants must disclose any previous academic or disciplinary sanctions that resulted in their temporary or permanent separation from a previous post-secondary institution. If it is found that previous academic or disciplinary separations were not disclosed, applicants may face denial and admitted students may face dismissal from their academic program.

Letters of Recommendation: 2 Required

Two letters of recommendation are required. Recommendations should support your application with professional and academic confirmation of your suitability for this particular program. Recommendations submitted by relatives or friends, as well as letters older than one year, will not be accepted.

Personal Statement

This is your opportunity to personalize the application and help us better understand who you are and how well this programs suits your background, current situation, and future goals. Your well-crafted statements should range from 700 to 1,800 words. Applicants must provide a personal statement responsive to all four of these prompts:

  1. Describe some examples of professional, personal, or academic experiences that helped develop your interest in cybersecurity policy and risk management.
  2. Explain your career objectives. Discuss your expectations as to how this program could impact these objectives.
  3. Identify and explain any important aspects of your professional or academic background that may not be reflected in your resume or undergraduate degree transcripts. (For example, if your past college grades do not reflect your current learning abilities, please explain. Also, if there is any additional information which you feel should be considered by the Admissions Committee, please explain.)
  4. Please indicate your prior experience and levels of comfort and competence in online learning, and also describe the support (from work, family, or others) and plans you have to fit this time requirement in your life. Generally, online learners must be self-motivated, comfortable interacting through technologies, and confident in expressing their ideas in writing and orally. Time management is also important, since each 3 credit graduate course requires about 9 hours of study time a week.

Statements must be included with your submitted application.

Resume

A current resume is required with your submitted application.

New Hampshire Residents

Students claiming in-state residency must also submit a Proof of Residence Form. This form is not required to complete your application, but you will need to submit it after you are offered admission or you will not be able to register for classes.

International Applicants

Prospective international students are required to submit TOEFL, IELTS, or equivalent examination scores. English Language Exams may be waived if English is your first language. If you wish to request a waiver, then please visit our Test Scores webpage for more information.

We welcome international applicants, but please note that this is an online program. Any program that is conducted primarily online is not eligible for a student visa for study, but students may enroll at a distance or study under a different eligible visa type. 

Questions

If you have questions about the application or admissions process, please contact the UNH Online Student Success Coaches at: unh.online@unh.edu or +1 (855) 250-6699


 

Accelerated Masters

Isaah Gray | Cybersecurity Policy and Risk Management

One thing that I truly value when it comes to this program is the flexibility it allows towards my ability to work full-time while simultaneously earning an advanced degree. My UNH education has prepared me for the next steps in my career by constructing the confidence needed to support any organization’s cybersecurity initiatives. Throughout the CPRM program, I developed an understanding and root causes of complex, cybersecurity-related issues, while also gaining exposure to industry tools and solutions needed to mitigate those issues. In five years, I see myself as a leader within the cybersecurity risk management field. I hope to one day support an organization’s decision-making process at a high level by strategically aligning necessary business objectives with cybersecurity risk.

Isaah Gray Headshot

 

 

Explore Program Details

Tuition & Fees:

The University of New Hampshire’s online graduate tuition and fees information is available on the UNH Business Services Website. Program costs and technology fees are subject to change.

Course Fees: Specific courses may have additional course fees. Visit the course schedule for more information. 

TUITION & FEES INFORMATION

Financial Aid:

Federal Unsubsidized Direct Loans are a form of federal financial aid available to Graduate Students. To apply, you must complete the Free Application for Federal Student Aid (FAFSA).

ADDITIONAL FINANCIAL AID INFORMATION

The CPRM degree prepares you to develop strategy and policy for managing risks to the data and infrastructure that businesses and society rely on, building a skillset that can help you advance or change your career trajectory in a variety of fields. In this program, you will learn the skills:

  • To develop policy and plans for managing risks to the data and infrastructure that business and society rely on.
  • To construct cybersecurity frameworks that support regulatory reporting, insurance auditing and other corporate or legal requirements.
  • To create methodologically sound procedures for measuring the effectiveness of cybersecurity.
  • To design strategies that promote an organizational culture of cybersecurity.
  • To influence executive decision-making by effectively communicating organizational impacts of cybersecurity risks.
  • To justify cybersecurity efforts within the structure, function and mission of any organization (private or public). 
  • To integrate cybersecurity into enterprise risk-management strategies and policy.

Our program has five 8-week terms per academic calendar year. Students who successfully complete two courses per term, as outlined below, earn their degrees in 12 months. Taking fewer courses per term will extend the completion timeframe.

 

 

University of New Hampshire at Manchester

We emphasize analytical skills and real-life experience to help you become a forward-thinking problem-solver and communicator and pursue a career within a wide range of professions.
Learn more