Cybersecurity BS

College of Sciences
Undergraduate major

Cybersecurity Student in Lab

About this program

Program accredited by

Na National Security Agency (NSA) and the Department of Homeland Security (DHS) Logos

Cybersecurity is a computing-based field that prepares individuals for careers in securing computer systems. It is an interdisciplinary course of study, including instruction in information technology and assurance, computer architecture, programming and systems analysis; cryptography; security system design; applicable law and regulations; risk assessment and policy analysis; contingency planning; investigation techniques; and troubleshooting, often in the context of adversaries.

Students completing the BS in Cybersecurity major will learn to assess the security needs of computer and network systems, recommend safeguard solutions to prevent unwanted security breaches, and manage the implementation of security devices, systems and procedures.  The program emphasizes lab-based courses designed to provide students with the conceptual and technical background necessary to secure jobs in cybersecurity and related areas.  

Metropolitan State University is designated as a National Center of Academic Excellence in Cyber Defense Education (CAE-CDE) by the National Security Agency (NSA) and the Department of Homeland Security (DHS). CAE-CDE institutions receive formal recognition from the U.S. Government as well as opportunities for prestige and publicity for their role in securing our Nation's information systems. The Cybersecurity program curriculum also conforms to the NSA requirements for maintaining the CAE-CDE designation.

Program Oversight

Positioned under the College of Sciences, MN Cyber Institute ( is a statewide initiative to position Minnesota as a national leader in cybersecurity through education, innovative public/private partnerships, interdisciplinary research, and community engagement. MN Cyber advisory board ( comprises of representatives from public/private sectors who provide advice and guidance on the Institute’s strategic plans and performance as well as ensure that Metro's cyber-related program offerings are relevant, valuable, and targeted to meet workforce needs.


Cybersecurity is in very high demand as a career field, with the projected number of jobs growing 28% over the next decade and starting salaries for well-qualified BS graduates approaching $100,000/year.   

Potential cybersecurity career titles include Security Auditor/Manager, Security Administrator, Security Analyst/Architect/Engineer, Penetration Tester, Vulnerability Assessor, Incident Responder, and Secure Software Developer.

Program Educational Objectives

The cybersecurity major program is designed to help graduates achieve the following career and professional objectives. The program's graduates will:

  1. Contribute to their communities and societies in the area of cybersecurity and demonstrating an understanding of contemporary security issues, both technological and societal.
  2. Advance their careers through the application of their cybersecurity knowledge.
  3. Work effectively as team members and demonstrating ethical and responsible behaviors.
  4. Apply cybersecurity methods and concepts to the general area of their bachelor’s degree in cybersecurity. 
  5. Maintain their skills through continuing professional development and life-long learning.

Curriculum Structure

The Bachelor of Science in Cybersecurity consists of 62 credits, of which 24-credits are prerequisites taken prior to declaring the major, 26-credits are required core courses, 8-credits of  elective courses from a selected list, and 4-credits are from a senior capstone project or a cyber-residency program.

Students must complete a minimum of 20 credit hours of their major required courses and/or major electives at Metropolitan State University. In addition, students must complete at least 30 credits at Metropolitan State University in order to graduate.

Student outcomes

After earning the BS in Cybersecurity, students will:

  1. Demonstrate the ability to apply knowledge of cybersecurityconcepts, tools, andtechnologies to prevent, detect, react, and recover from cyber-attacks.
  2. Articulate cybersecurity risks, threats, andcountermeasures and apply this understanding to develop cyber defense strategies.
  3. Demonstrate the ability to design seccuresystems to meet organizational needs within realistic constraints such as economic, environmental, social, and ethical expectations.
  4. Demonstrate proficiency in communicating technical information in formal reports, documentation, and oral presentations to users and security professionals.
  5. Identify, analyze, and synthesize scholarly and professional literature relating to the field of cybersecurity to help solve specific problems and to stay abreast of the rapidly changing security context.
  6. Participate as an active and productivemember of a project team engaged in achieving solutions to specific cybersecurity-relatedproblems.
  7. Demonstrate sensitivity to and sound judgment on ethical issues as they arise in information security and cyber defense and will adhere to accepted norms of professional responsibility.

Metro State connects you to your future. Receive information from Admissions about taking your first step toward a degree!

Already admitted? Find your advisor.

Enrolling in this program

Current students: Declare this program

Once you’re admitted as an undergraduate student and have met any further admission requirements your chosen program may have, you may declare a major or declare an optional minor.

Future students: Apply now

Apply to Metropolitan State: Start the journey toward your Cybersecurity BS now. Learn about the steps to enroll or, if you have questions about what Metropolitan State can offer you, request information, visit campus or chat with an admissions counselor.

Get started on your Cybersecurity BS

Program eligibility requirements

Students expressing interest in the Cybersecurity BS when applying for admission to the university will be assigned an academic advisor in the College of Sciences and will be given pre-major status. Official admission to this major program and review of prior course credentials is done directly through the Computer Science and Cybersecurity (CSC) Department.

To be eligible for acceptance to the cybersecurity major, students must submit a College of Sciences Undergraduate Program Declaration Form when the following is completed:

  • Have a minimum cumulative GPA of 2.5 for ICS 141 and MATH 215 or equivalents.
  • Complete the General Education Goal I Writing Requirement
  • Complete all prerequisite courses with a grade of C- or better.
  • Demonstrate competency in the Java (or C/C++) programming language either by coursework (e.g., ICS 141) or passing a Java competency exam.  

Students who do not meet the above requirements or are on academic probation will not be accepted to the major. Students not accepted to the major will not be allowed to take 400-level courses in the discipline. All prerequisite and required courses must be completed with grades of C- or above. Transfer coursework equivalency is determined by the Computer Science and Cybersecurity Department.

Program requirements

Guidelines for completing the Cybersecurity major

  • Students expressing interest in the Cybersecurity BS when they apply for admission to the university will be assigned an academic advisor in the College of Sciences and will be given pre-major status. 
  • In order to declare the major, students should reference the program eligibility requirements noted in this catalog on the previous page and also noted on a student’s Degree Audit Report (DARs).
  • All courses for the major must be completed with a grade of C- or better.
  • A minimum of 20 semester credits of major requirements must be completed at Metropolitan State. At least 24 credits of coursework must be completed at the upper division level.
  • Students are responsible to both be aware of and abide by prerequisites for CFS and ICS courses for which they enroll, and will be administratively dropped from a course if they have not met prerequisites.
  • Transfer coursework equivalency is determined by the Computer Science and Cybersecurity (CSC) Department and additional guidelines are noted below.

Course requirements

Pre-Major Foundation (24 credits)

In order to declare a Cybersecurity major, students are required to complete the following pre-major foundation courses with a grade of C- or better and a minimum cumulative GPA of 2.5 for ICS 141 and MATH 215 or equivalents. Math courses should be taken before, or concurrently with, ICS and CFS courses. Reference the CSC department's General Guidelines section of this catalog page for further details.

College Math Introduction

Choose one

MATH 115 College Algebra

4 credits

This course develops the fundamental concepts of algebra with an emphasis on the classification and analysis of linear, quadratic, polynomial, exponential and logarithmic functions. Applications to the natural and social sciences are given throughout. It aims to provide insights into the nature and utility of mathematics, and helps students develop mathematical reasoning skills.

Full course description for College Algebra

MATH 120 Precalculus

4 credits

This course is designed to prepare students for calculus. Topics include polynomial, rational, exponential, logarithmic, and trigonometric functions; the algebra of functions; multiple function representations; and an introduction to analytic geometry.

Full course description for Precalculus

Complete all of the following courses. A minimum cumulative GPA of 2.5 for ICS 141 and MATH 215 or transfer equivalents is required for admission into major.

ICS 140 Computational Thinking with Programming

4 credits

An introduction to the formulation of problems and developing and implementing solutions for them using a computer. Students analyze user requirements, design algorithms to solve them and translate these designs to computer programs. The course also provides an overview of major areas within the computing field. Topics include algorithm design, performance metrics, programming languages and paradigms, programming structures, number representation, Boolean algebra, computer system organization, data communications and networks, operating systems, compilers and interpreters, cloud computing, data analytics, mobile computing, internet of things, and artificial intelligence) database, internet, security, privacy, ethics, and other societal and legal issues. Lab work and homework assignments involving flow charting tools and programming using a language such as Python form an integral part of the course.

Full course description for Computational Thinking with Programming

ICS 141 Programming with Objects

4 credits

Structure, design, and implementation of object-oriented computer programs. Topics include objects, classes, GUI, and layout managers. Introduction to containment, inheritance, and polymorphism. Programming projects involving multiple classes. Emphasis on methods, parameter passing, and arrays of objects. Exploration of problem-solving and algorithm-design techniques using pseudocode, Unified Modeling Language (UML) class diagrams, and simple patterns. Design of good test cases and debugging techniques.

Full course description for Programming with Objects

CFS 262 Computer and Operating Systems Fundamentals I

4 credits

This course covers the fundamental concepts of a single user operating system. The topics discussed in the course are the basic concepts of computer organization and architecture, memory management, process handling, disk and file management and control, and peripherals operation. Students also have the opportunities to learn the techniques and procedures of system installation, configuration, administration, and trouble shooting. The operating systems illustrated in the course are MS Windows and/or Mac OS X.

Full course description for Computer and Operating Systems Fundamentals I

CFS 264 Computer and Operating Systems Fundamentals II

4 credits

This course covers the fundamental concepts of a multi-user operating system. The topics discussed in the course are conventional computer organization and architecture, memory management, process handling, disk and file management and control, and peripherals operation. Students also have the opportunities to learn the techniques and procedures of system installation, configuration, administration, and trouble shooting. The operating systems illustrated in the course are Linux and Unix.

Full course description for Computer and Operating Systems Fundamentals II

Major Requirements (62 credits)

Once the pre-major foundation courses are complete, the following courses are required with a grade of C- or better. Students who haven’t declared or not accepted into the major will not be allowed to take 400-level courses in the discipline. Students are advised to reference the CSC department's General Guidelines section of this catalog page for further details on prerequisites.

Core Requirements (26 credits)

ICS 251 may be waived with a demonstrated industry experience of 3 years AND with CSC Program Coordinator’s permission. If waived, an additional two credits needed in the elective category to total 62 credits.

ICS 251 IT Work Skills

2 credits

This course prepares students for effective employment in the IT workplace. Through readings, activities, case studies, and assignments, the student will develop competency with interpersonal skills, teamwork, professionalism, adaptability, flexibility, communication, planning, organizing, entrepreneurial thinking, problem solving and decision-making.

Full course description for IT Work Skills

STAT 201 Statistics I

4 credits

This course covers the basic principles and methods of statistics. It emphasizes techniques and applications in real-world problem solving and decision making. Topics include frequency distributions, measures of location and variation, probability, sampling, design of experiments, sampling distributions, interval estimation, hypothesis testing, correlation and regression.

Full course description for Statistics I

ICS 311 Database Management Systems

4 credits

Covers concepts and methods in the definition, creation and management of databases. Emphasis is placed on usage of appropriate methods and tools to design and implement databases to meet identified business needs. Topics include conceptual, logical and physical database design theories and techniques, such as use of Entity Relationship diagrams, query tools and SQL; responsibilities of data and database administrators; database integrity, security and privacy; and current and emerging trends. Use of database management systems such as MySQL. Coverage of HCI (Human Computer Interaction) topics. Development of GUI front ends to databases with application of HCI principles to provide a high level usability experience. Overlap: ICS 311T Database Management Systems.

Full course description for Database Management Systems

ICS 382 Computer Security

4 credits

This course introduces principles of computer security with integrated hands-on labs. The course prepares students to effectively protect information assets by providing fundamental details about security threats, vulnerabilities, and their countermeasures ranging from a simple computer to enterprise computing. Topics include broad range of today's security challenges, common security threats and countermeasures, security management, access control mechanisms, applied cryptography, privacy issues, computer ethics, file system security, and network security.

Full course description for Computer Security

ICS 383 Networking Protocols and Analysis

4 credits

Networks are the backbone of information technology operations within an enterprise and are responsible for a significant portion of an organization's security posture. Cybersecurity professionals are often tasked with securing network operations and responding to network threats which demonstrates the importance to networking knowledge in the cybersecurity industry. As a cybersecurity practitioner, it is imperative that there is an understanding of network operations, protocols, and administration practices. This course focuses on developing skills and taking a deep dive into networking protocols including TCP, UDP, ICMP, and IP, network design and architecture, network administration automation, network analysis, and network protocol and design impacts on security and defense measures.

Full course description for Networking Protocols and Analysis

ICS 482 Vulnerability Assessment and Penetration Testing

4 credits

To properly secure any organization's information infrastructure and assets, a periodic assessment of its security posture at various levels of the organization is essential. One key area is the direct assessment of vulnerabilities in the IT infrastructure, systems and applications, followed by targeting and exploitation of the same. This course covers the theoretical bases for cyber threats and vulnerabilities, and delves into selection and application of penetration testing methodologies ranging from reconnaissance to the exploitation of vulnerabilities by probing infrastructure, services and applications. The course places a strong emphasis on the use of these methodologies to demonstrate, document, report on, and provide a clear roadmap for remediation of exposed security issues.

Full course description for Vulnerability Assessment and Penetration Testing

ICS 483 Cryptography for Cybersecurity Practitioners

4 credits

This course provides students with a thorough foundation of applied cryptography for cybersecurity practitioners. As encryption technologies continue to integrate into everyday culture, the importance of cryptography and encryption knowledge of cybersecurity practitioners continues to increase. Students will learn and be able to apply and analyze: the history of cryptography from the earliest ciphers to current encryption methodology, mathematical foundations for cryptography, symmetric and asymmetric algorithms, and applied cryptography pertaining to Virtual Private Networks (VPNs), SSL/TLS, strategies for defense utilizing encryption and cryptography, military applications, steganography, cryptanalysis, and more. Additionally, students will look to the future of cryptography and encryption including a look into quantum cryptography and encryption in cloud environments.

Full course description for Cryptography for Cybersecurity Practitioners

Capstone Project OR Cyber Residency (4-credit minimum)

In the last semester, students will need to complete 4 credits integrative cybersecurity capstone project (ICS 495 Cybersecurity Capstone) that combines multiple aspects of their learning in the cybersecurity program The students may complete 4 credits of cyber residency (ICS 350I ICS Individualized Internship) in lieu of capstone project to satisfy the graduation requirements. Should they desire, the students may be able to extend the residency for an additional 4 credits for a total of 8 credits

ICS 495 Cybersecurity Capstone (pending curriculum review and approval)

ICS 350I Information and Computer Sciences Individualized Internship

1-6 credits

Students obtain internships in selected areas of study to gain deeper understand of knowledge, skills and the context of a given field. Site supervisors give guidance and direction to customized internship projects. Faculty members serve as liaisons between the internship sites and the university, providing information to students and potential supervisors and supervising the learning experience. Students interested in internships within the Information and Computer Science department should work with their advisor and/or faculty internship coordinator to discuss the process for your specific major.

Full course description for Information and Computer Sciences Individualized Internship

Electives (8 credit minimum)

Eight credits of elective coursework are required from the list below. The contents of ICS 490 Special Topics in Information and Computer Sciences vary from semester to semester, and may be taken more than once so long as its related to Cybersecurity topic for elective credit. No student may be enrolled in an ICS or CFS course unless they have completed all course prerequisites with a grade of C- or better.

ICS 484 Cyber Operations

4 credits

Information is an asset that must be protected. Without adequate protection or network security, many individuals, businesses, and governments are at risk of losing that asset. It is imperative that all networks be protected from threats and vulnerabilities so that a business can achieve its fullest potential. Security risks cannot be eliminated or prevented completely; however, effective risk management and assessment can significantly minimize the existing security risks. In order to provide effective protection to the organization's critical infrastructure and services, continuous monitoring as well as various processes, procedures, and technology is required to detect and prevent cyber-attacks, breaches, and security violations. In addition, existence of a comprehensive incident response plan is vitally connected to the survivability of an organization after a severe security breach or compromise of critical business operations. This course focuses on the operational aspect of…

Full course description for Cyber Operations

ICS 325 Internet Application Development

4 credits

This course focuses on how to design and establish information services over the Internet from the server side. Topics include advanced concepts and issues on Internet architecture, server-side design strategies, current technologies and Internet security. Through labs and programming projects, students learn how to use current scripting and markup languages to build nontrivial state-of-the-art applications.

Full course description for Internet Application Development

ICS 486 Malware Analysis

4 credits

Malware infections have reached epidemic proportions with over 600 million types of infection reported to date. Traditional antivirus techniques are not sufficient to stem the tide. This course will introduce students to the fundamentals of malware analysis techniques which will allow them to recognize, analyze and remediate infections. Basic static analysis techniques using antivirus scanning, hashing, string searching and other automated analysis tools will be reviewed. Dynamic approaches using system and network monitoring will be employed to detect snooping and attempts to exfiltrate data. Students will set up virtual workspaces, download tools and malware and analyze software in a secure environment. Reverse engineering will be introduced.

Full course description for Malware Analysis

CFS 484 Computer Laws

4 credits

In this course, students will learn the law relating to computer software, hardware, and the Internet. The areas of the law include intellectual property, cyberspace privacy, copyright, software licensing, hardware patent, and antitrust laws. Legislation and public policies on cyberspace technology, cryptographic method export controls, essential infrastructure protection and economic development are also discussed in class.

Full course description for Computer Laws

CFS 485 Mobile Device Security and Forensics

4 credits

This course takes a hands-on approach to provide students with foundational concepts and practical skills in Mobile Device Forensics, which can be leveraged to perform forensically sound investigations against crimes involving the most complex mobile devices currently available in the market. Using modern tools and techniques, students will learn how to conduct a structured investigation process to determine the nature of the crime and to produce results that are useful in criminal proceedings. The course will provide walkthrough on various phases of the mobile forensics process for both Android and iOS based devices including forensically extracting, collecting, and analyzing, data and producing and disseminating reports. The course modules and labs will involve certain specialized hardware and software to perform data acquisition (including deleted data), and the analysis of extracted information.

Full course description for Mobile Device Security and Forensics

ICS 487 Cyber Incident Response and Handling

4 credits

As cyber breaches and intrusions continue to increase, enterprises are now looking to hire professionals who can identify and respond to breaches and incidents before they have adverse impacts on information systems and data networks. This course provides an in-depth coverage of applying Digital Forensics and Incident Response methodologies and frameworks to address and manage the aftermath of security breaches or incidents with the goal of limiting the damages and reducing the recovery time and costs. The student will be able to identify, contain, eradicate and recover from an attack in an enterprise network. Topics include identifying threat actors and security breaches, analyzing artifacts and logs, restoring back the system, performing postmortem analysis, and implementing and/or modifying mitigating techniques.

Full course description for Cyber Incident Response and Handling

CFS 380 Digital Evidence Analysis

4 credits

In this course, students continue not only to learn how to identify and collect digital evidence through forensics search tools, but also to study the emerging data mining techniques. The topics include how to design a plan for a computer crime investigation; how to select a computer software tool to perform the investigation; how to articulate the laws applying to the appropriation of computers for forensics analysis; how to verify the integrity of the evidence being obtained; how to prepare the evidence collected for the use in the court; and how to present the evidence as an expert eyewitness in court. Some hypothetical and real cases are also discussed in class.

Full course description for Digital Evidence Analysis

Electives Pending 2019-20 curriculum review and approval

ICS 487 Cyber Incident Response and Handling and ICS 488 Offensive and Defensive Security

General Guidelines

Transfer coursework equivalency is determined by the Computer Science and Cybersecurity (CSC) Department and initially evaluated upon admission with updates documented on Degree Audit Report (DARs). When transferring coursework, please be aware of the following:

Transfer Courses

Many universities and community colleges offer courses equivalent to all of our Pre-Major courses. Many technical colleges offer some courses equivalent to some of our Pre-Major courses. • Sometimes a course at the lower division at another university or college is equivalent to one of our upper division courses, or an upper-division courses at another university is equivalent to one of our lower-division courses. • For the purpose of calculating upper division credits for the major electives or for university graduation requirements, the status of the course at the institution where the student took the course is what matters.


Math courses should be taken before, or concurrently with, foundation ICS courses. • Students are responsible to both be aware of and abide by prerequisites for CFS and ICS courses for which they enroll, and will be administratively dropped from a course if they have not met prerequisites • For some courses, prerequisites are enforced automatically by the registration system. • If your DARS report shows you have met the prerequisites for a course, and the registration system will not let you register, please contact your academic advisor.