Skip to main content

Apply now! Spring priority deadline is October 1.

Secure
Professor pointing at computer screen with students using wearables

Cybersecurity Minor

About The Program

The Cybersecurity Minor provides students with a foundational and interdisciplinary education in the protection of digital systems and information assets. Cybersecurity is a computing-based field that integrates technical, analytical, and ethical components—preparing individuals to secure computer systems in both public and private sectors.

This 24-credit minor is primarily designed for students majoring in Computer Science (CS), Computer Information Technology (CIT), or Computer Forensics (CFS). The curriculum covers key areas such as information assurance, cryptography, computer architecture, security system design, programming, risk assessment, legal frameworks, and incident response—often examined in the context of real-world adversarial threats.

Through a combination of theoretical instruction and hands-on experience, the program equips students with the problem-solving and technical skills necessary to pursue entry-level positions in cybersecurity. The minor also emphasizes the importance of ethical responsibility, legal compliance, and societal impact, ensuring that graduates are prepared to contribute meaningfully to both the workforce and their communities.

Program highlights

  • Interdisciplinary foundation
    Combines principles from computer science, information technology, law, and policy to provide a well-rounded introduction to the cybersecurity field.
  • Designed for non-cybersecurity majors
    Ideal for students majoring in Computer Science, Computer Information Technology, Computer Forensics, and related disciplines who want to broaden their career opportunities.
  • Hands-on, skills-based learning
    Includes lab-based coursework that builds practical experience in cryptography, system security, risk assessment, and incident response.
  • Ethical and legal emphasis
    Prepares students to navigate the legal, regulatory, and ethical dimensions of cybersecurity in professional environments.
  • Career-enhancing credential
    Equips students with in-demand cybersecurity competencies that increase employability across industries such as technology, finance, healthcare, and government.

Learn more about the BS in Cybersecurity Program.

Learn more about the MS in Cyber Operations program.

Learn more about the accelerated combined (BS + MS) degree in Cybersecurity Operations.

Seals of the DoD Cyber Academic Engagement Office, National Security Agency, National Centers of Academic Excellence in Cybersecurity, and the Centers of Academic Excellence in Cybersecurity Community, with the CAE-CD and CAE-CO cyber defense and cyber operations submarks

Metro State University is Minnesota’s only institution recognized by the National Security Agency (NSA) with dual designations as a National Center of Academic Excellence in Cyber Defense (NCAE-CD) and Cyber Operations (NCAE-CO).

The Bachelor of Science in Cybersecurity degree is aligned with the NCAE-CD designation, ensuring the program meets rigorous national standards in technical depth, applied learning, and ethical practice. This recognition provides students with a competitive edge in the workforce and validates their readiness to defend critical systems and data in a rapidly evolving cyber landscape.

The Master of Science in Cyber Operations is aligned with the NCAE-CO designation, awarded by the National Security Agency. This elite recognition underscores the program’s focus on the operational side of cybersecurity—emphasizing advanced technical skills, adversarial thinking, and mission-oriented training beyond traditional cybersecurity practices. The NCAE-CO designation affirms that the program meets the nation’s most rigorous standards for preparing professionals to conduct complex cyber operations in support of national defense, critical infrastructure protection, and intelligence missions.

As an active participant in the national CAE community, Metro State continues to lead in cybersecurity workforce development, education, and public service—equipping graduates to protect the digital assets of government, industry, and society.

Student outcomes

A student graduating with the cybersecurity minor will be able to:

  • Demonstrate the ability to apply knowledge of cybersecurity concepts, tools and technologies to prevent, detect, react, and recover from cyber-attacks.
  • Understand cybersecurity risks, threats, and related countermeasures and apply this understanding to develop cyber defense strategies.
  • Participate as an active and effective member of a project team engaged in achieving solutions to specific cybersecurity related problems.
  • Demonstrate sensitivity to and sound judgment on ethical issues as they arise in information security and cyber defense and adhere to accepted norms of professional responsibility.

Program educational objectives

Within a few years of completing the Cybersecurity Minor, graduates are expected to:

  1. Enhance their primary field of study by effectively applying cybersecurity principles, tools, and techniques to address digital security challenges within their respective disciplines.
  2. Contribute ethically and collaboratively to multidisciplinary teams focused on securing systems and data, demonstrating professional responsibility and sound judgment in real-world cybersecurity contexts.
  3. Support and advance organizational cybersecurity efforts by recognizing emerging threats, assessing risks, and participating in the development and implementation of cyber defense strategies across various sectors.

Program oversight

MN Cyber icon. Train, Test, Detect. Protect.

Housed within the College of Sciences, the MN Cyber Institute is a statewide initiative dedicated to positioning Minnesota as a national leader in cybersecurity education and workforce development. The Institute advances this mission through strategic public-private partnerships, interdisciplinary research, and community engagement.

Program oversight is provided by the MN Cyber Advisory Board, a group of cybersecurity leaders from industry, government, and academia. The board ensures the program remains responsive to current and emerging threats, provides strategic guidance, and helps align the curriculum with real-world workforce demands.

Career prospects

The Cybersecurity Minor provides students with a competitive edge by integrating critical cybersecurity knowledge into their primary field of study. As cyber threats continue to impact every industry—from healthcare and finance to manufacturing, education, and government—employers are increasingly seeking professionals who bring both domain-specific expertise and foundational cybersecurity awareness.

By completing this minor, students significantly increase their employability in roles that require security-conscious thinking, risk mitigation, and basic technical understanding of how to protect data and systems. Whether paired with a major in computer science, information technology, digital forensics, business, criminal justice, or public administration, the cybersecurity minor opens doors to job functions that intersect with information security.

Graduates with a cybersecurity minor may pursue roles such as:

  • IT Support or Systems Analyst with a cybersecurity focus
  • Security-aware Software Developer
  • Cybersecurity Compliance Analyst
  • Digital Forensics Technician
  • Risk and Data Privacy Analyst
  • Cybersecurity Project Assistant or Coordinator
  • Technical Roles in Law Enforcement or Government Agencies

As cybersecurity continues to be a cross-cutting priority across industries, students with this minor are better prepared to contribute to organizational resilience and meet growing workforce demands for cyber-literate professionals.

How to enroll

Current students: Declare this program

Once you’re admitted as an undergraduate student and have met any further admission requirements your chosen program may have, you may declare a major or declare an optional minor.

Future students: Apply now

Apply to Metropolitan State: Start the journey toward your Cybersecurity Minor now. Learn about the steps to enroll or, if you have questions about what Metropolitan State can offer you, request information, visit campus or chat with an admissions counselor.

Get started on your Cybersecurity Minor

Program eligibility requirements

Students interested in pursuing a minor in Cybersecurity are encouraged to consult with their assigned academic advisor to assess their eligibility. To be considered for admission to the Cybersecurity minor, students must submit an Undergraduate Program Declaration Form once the following criteria have been met:

  • Active enrollment at the university with a declared major;
  • Successful completion of the General Education Goal I Writing Requirement; and
  • A minimum of 30 earned college credits with a cumulative GPA of 2.5 or higher.

Formal acceptance into the minor, along with the evaluation of transfer coursework and eligibility, is conducted by the Department of Computer Science and Cybersecurity (CSC).

Courses and Requirements

SKIP TO COURSE REQUIREMENTS

Guidelines for completing the Cybersecurity Minor

The Cybersecurity Minor is designed primarily for students majoring in Computer Science (CS), Computer Information Technology (CIT), or Computer Forensics (CFS) who seek to pursue dynamic and competitive careers in cybersecurity.

Students are encouraged to consult with their assigned academic advisor to determine eligibility and to ensure proper planning. To declare the Cybersecurity Minor, students should review the program eligibility requirements outlined in this catalog or refer to their Degree Audit Report System (DARS).

To complete the minor, the following conditions must be met:

  • A minimum grade of C- is required in all courses applied toward the minor.
  • At least 12 upper-division credits within the minor must be completed at Metropolitan State University.
  • Students should review and adhere to the guidelines regarding transfer credits and prerequisites, as detailed in the General Guidelines section.

Minor Requirements (24 credits)

+ Core (16 credits)

This course introduces fundamental cybersecurity principles with hands-on labs, preparing students to protect information assets from evolving threats and vulnerabilities. Covering key security concepts, students will learn to identify, analyze, and mitigate cyber threats while securing hybrid environments like cloud, mobile, IoT, and operational technology. The course explores security architecture, operations, and program management, including risk management, compliance, vulnerability management, incident response, and best practices for securing hardware, software, and data. Students will also develop essential governance, communication, and reporting skills for real-world cybersecurity roles. Aligned with CompTIA Security+ objectives, this course equips students with the technical expertise and industry knowledge needed for entry-level cybersecurity roles, such as Security Analyst, SOC Analyst, and IT Security Administrator.

Full course description for Cybersecurity Principles and Applications

To properly secure an organization¿s information infrastructure and assets, periodic assessments of security posture at multiple levels are critical. This course provides a comprehensive approach to penetration testing and vulnerability assessment, covering key phases from reconnaissance to exploitation and post-exploitation techniques. Students will apply industry-standard penetration testing methodologies, use advanced tools such as Nmap, Wireshark, Metasploit, and Snort, and conduct controlled cybersecurity testing to simulate real-world attacks. Emphasis is placed on reporting and remediation, ensuring students can document findings and recommend actionable security improvements. This course aligns with CompTIA PenTest+ certification objectives, equipping students with essential offensive security skills needed for penetration testing, ethical hacking, and vulnerability analysis.

Full course description for Vulnerability Assessment and Penetration Testing

In today's digital landscape, safeguarding information as a vital asset is paramount. This course delves into the operational aspects of managing and securing corporate network infrastructures and business information systems. Students will develop situational awareness of organizational networks and learn to manage and maintain a defensive infrastructure comprising log servers, network firewalls, and intrusion detection systems. Key topics include information security operations, access control, risk management, business continuity planning, disaster recovery, and ethics. Additionally, the course addresses the challenges of securing cloud assets, aligning with select objectives from the CompTIA Cloud+ certification, to equip students with strategies to enhance cloud security and address threats such as misconfigurations, unauthorized access, and data breaches. Overlap: ICS 484.

Full course description for Cyber Operations

Choose from one of the following courses:

Networks are the foundation of modern IT operations and play a critical role in cybersecurity, defense, and threat mitigation. As cybersecurity professionals, understanding network operations, protocols, secure network architectures, and network management is essential for protecting enterprise environments. This course provides an in-depth analysis of networking protocols, including TCP, UDP, ICMP, and IP, and explores network design, security controls, intrusion detection, automation, and troubleshooting techniques. Students will gain hands-on experience using industry-standard networking tools and security solutions. This course aligns with the CompTIA Network+ certification objectives, preparing students for real-world network security and operations challenges.

Full course description for Networking Protocols and Analysis

Computer networking is the core of our today's lives and is rapidly advancing. Hence, computer scientists must be familiar with the fundamentals of computer networking. This course introduces computer networking, including network topologies, network protocols, algorithms, layering concepts (for example, ISO/OSI, TCP/IP reference models). After covering the principles of computer networking, the course introduces network security fundamentals, including the weaknesses of networks and networked systems and their countermeasures.

Full course description for Networks and Security

+ Electives (8 credits)

Students must complete eight elective credits from the list of approved courses below, adhering to the following guidelines: CYBR 490: Special Topics in Cybersecurity offers rotating content that changes each semester. Students may take this course multiple times for elective credit, provided each enrollment covers a distinct topic and prior approval is obtained from either the Cybersecurity Director or the Chair of the Computer Science and Cybersecurity (CSC) Department. An approved cybersecurity internship (CYBR 350I) may also count toward the major elective requirement. Students must obtain prior approval from the Cybersecurity Internship Coordinator before beginning the internship experience.

In this course, students continue not only to learn how to identify and collect digital evidence through forensics search tools, but also to study the emerging data mining techniques. The topics include how to design a plan for a computer crime investigation; how to select a computer software tool to perform the investigation; how to articulate the laws applying to the appropriation of computers for forensics analysis; how to verify the integrity of the evidence being obtained; how to prepare the evidence collected for the use in the court; and how to present the evidence as an expert eyewitness in court. Some hypothetical and real cases are also discussed in class.

Full course description for Digital Evidence Analysis

In this course, students will learn the law relating to computer software, hardware, and the Internet. The areas of the law include intellectual property, cyberspace privacy, copyright, software licensing, hardware patent, and antitrust laws. Legislation and public policies on cyberspace technology, cryptographic method export controls, essential infrastructure protection and economic development are also discussed in class.

Full course description for Computer Laws

This course provides a comprehensive, hands-on exploration of mobile device security and forensic investigation techniques, equipping students with both foundational principles and advanced practical skills. Through the use of modern forensic tools and methodologies, students will learn to conduct structured investigations that adhere to forensically sound procedures, ensuring the integrity and admissibility of digital evidence in legal proceedings. The course covers the entire mobile forensic process for Android and iOS devices, including data acquisition, extraction (including recovery of deleted data), analysis, and forensic reporting. Students will gain proficiency in identifying and examining digital artifacts, utilizing command-line and graphical open-source forensic tools, and assessing mobile application security to uncover vulnerabilities. Additionally, the course emphasizes the ethical and legal considerations essential for forensic investigators and teaches students how to…

Full course description for Mobile Device Security and Forensics

This course provides an in-depth exploration of fundamental concepts in Artificial Intelligence (AI) and Machine Learning (ML), with a focus on their applications in cybersecurity. Students will analyze AI principles, classical algorithms, and modern ML techniques, evaluating their role in enhancing security protocols and predicting cyber threats. The course emphasizes ethical considerations, governance frameworks, and the responsible use of AI technologies. Through case studies and hands-on applications, students will apply AI and ML tools to solve complex cybersecurity challenges, developing critical skills for securing digital environments.

Full course description for Fundamentals of AI and ML in Cybersecurity

This course provides students with the practical skills and theoretical knowledge required to proactively hunt for cyber threats and conduct advanced intelligence analysis. Students will explore methods to synthesize complex data into actionable intelligence, leveraging tools for data mining, information gathering, and threat management. Emphasis is placed on understanding and applying Indicators of Compromises (IOCs), adversary Tactics, Techniques, and Procedures (TTPs), and integrating cyber threat intelligence into security operations. Through hands-on exercises, case studies, and projects, participants will gain proficiency in detecting, investigating, and mitigating advanced threats. The course also addresses the ethical and legal dimensions of cyber intelligence, equipping students with the expertise to conduct thorough and effective intelligence operations. This curriculum prepares students to utilize advanced methodologies and technologies to enhance the accuracy and…

Full course description for Cyber Threat Hunting and Intelligence Analysis

As medical devices become increasingly interconnected and reliant on digital technologies, they introduce new cybersecurity risks that can impact patient safety and healthcare operations. This course provides an in-depth examination of the security challenges, regulatory requirements, and risk management strategies associated with medical device cybersecurity. Students will explore the evolving landscape of medical device threats and vulnerabilities while analyzing relevant cybersecurity regulations, standards, and best practices. Through case studies, technical labs, and real-world scenarios, students will develop the foundational knowledge necessary to secure medical devices throughout their lifecycle. Topics include threat modeling, security controls, patching strategies, incident response, and emerging technologies such as artificial intelligence (AI), mobile health applications, and wearables. By the end of the course, students will be equipped with practical skills to assess,…

Full course description for Cybersecurity for Medical Devices

The medical device industry faces unique cybersecurity challenges due to the direct impact of security threats on patient health and safety. To address these risks, cybersecurity professionals leverage established control frameworks and risk management methodologies to assess and mitigate potential threats.This course provides an in-depth exploration of cybersecurity risk management in the medical device sector, emphasizing the application of industry-recognized control frameworks such as those developed by the National Institute of Standards and Technology (NIST) and the International Organization for Standardization (ISO). Students will gain hands-on experience in identifying, evaluating, and mitigating cybersecurity risks through threat modeling, security assessments, and the implementation of appropriate security controls. Key topics include cybersecurity risk assessment methodologies, security-by-design principles, technical solutions for securing connected medical devices, and…

Full course description for Risk and Security Controls for Medical Devices

The integration of Internet of Things (IoT) technologies with critical infrastructure has revolutionized essential services such as energy, water, transportation, and healthcare, including medical devices. However, this growing connectivity also introduces significant cybersecurity risks. This course examines the security challenges unique to IoT systems in critical infrastructure and explores effective strategies for protecting these environments from cyber threats. Students will analyze IoT-specific vulnerabilities, assess security risks, and evaluate potential attack vectors targeting critical infrastructure systems. The course covers essential cybersecurity principles, risk assessment methodologies, threat modeling techniques, security protocols, and incident response strategies tailored for IoT environments. Through hands-on labs, case studies, and applied projects, students will develop the technical expertise necessary to design, implement, and manage security measures that…

Full course description for IoT and Critical Infrastructure Security

Internships offer students opportunities to gain deeper knowledge and skills in their chosen field. Students are responsible for locating their own internship. Metro faculty members serve as liaisons to the internship sites¿ supervisors and as evaluators to monitor student work and give academic credit for learning. Students are eligible to earn 1 credit for every 40 hours of work completed at their internship site. Students interested in internships within the Computer Science and Cybersecurity Department should work with their advisor and/or faculty internship coordinator to discuss the process for your specific major.

Full course description for Cybersecurity Individualized Internship

This course focuses on applying Artificial Intelligence (AI) in defensive cybersecurity operations and security assessments. Students will explore AI-driven tools and techniques to enhance threat detection, strengthen defenses, and conduct comprehensive security assessments in a secure and ethical manner. Emphasis is placed on practical applications, critical evaluation of AI methods, and the ethical implications of utilizing AI to protect systems. Through hands-on exercises and case studies, students will develop expertise in employing AI technologies to address modern defensive cybersecurity challenges.

Full course description for Applied AI in Cyber Defense Operations

In today's rapidly evolving digital landscape, cryptography is fundamental to securing sensitive information, protecting communications, and maintaining data integrity. This course provides a comprehensive foundation in applied cryptography, covering the historical evolution, mathematical principles, encryption techniques, and real-world implementations of cryptographic security. Students will explore symmetric and asymmetric encryption methods, including Feistel networks, S-Box design, RSA, Diffie-Hellman, and Elliptic Curve Cryptography, while also applying cryptographic principles to security technologies such as SSL/TLS, Virtual Private Networks (VPNs), and military-grade encryption. The course delves into cryptanalysis techniques to assess cryptographic vulnerabilities and adversarial attack methods used to bypass encryption defenses. Additionally, students will evaluate the future of cryptography, including quantum-resistant encryption, cloud-based cryptographic applications,…

Full course description for Cryptography for Cybersecurity Practitioners

In the face of escalating cyber breaches and intrusions, organizations seek professionals adept at identifying and responding to security incidents proactively. This course offers an in-depth exploration of Digital Forensics and Incident Response (DFIR) methodologies, emphasizing frameworks such as NIST and US-CERT. Students will learn to effectively detect, analyze, contain, eradicate, and recover from cyber attacks within enterprise networks. Throughout the course, students will develop expertise in identifying threat actors and security breaches, analyzing artifacts and logs, conducting post-mortem analyses, and implementing and refining mitigation strategies. The curriculum aligns with the CompTIA CySA+ objectives, ensuring students are equipped with the competencies required for effective cybersecurity analysis and incident response. By the end of the course, students will be proficient in using industry-standard forensic tools, assessing cyber attack stages, and developing…

Full course description for Cyber Incident Response and Handling

Malware threats continue to evolve, with millions of new variants emerging each year, rendering traditional antivirus solutions insufficient. This course provides an in-depth exploration of malware analysis techniques, equipping students with the skills to identify, analyze, and mitigate malicious software threats. Through static and dynamic analysis, students will leverage antivirus scanning, hashing, string searching, and forensic tools to extract meaningful threat intelligence. They will also employ system and network monitoring to detect data exfiltration attempts and advanced malware behavior. Hands-on labs will guide students in setting up secure virtual environments, utilizing industry-standard tools to safely analyze real-world malware samples. The course introduces reverse engineering principles, empowering students to assess malware capabilities, vulnerabilities, and mitigation strategies while emphasizing ethical considerations and responsible disclosure in malware research.

Full course description for Malware Analysis

This course explores specialized and emerging topics in cybersecurity, addressing cutting-edge threats, technological advancements, and evolving best practices not covered elsewhere in the Cybersecurity program. Designed to keep pace with the rapidly changing cybersecurity landscape, this course provides students with opportunities to analyze and evaluate recent developments, apply advanced tools and methodologies, and synthesize scholarly and professional literature to solve real-world cybersecurity challenges. Emphasis is placed on ethical decision-making, professional responsibility, and adherence to legal and industry standards in addressing contemporary cybersecurity issues. The specific topic of study varies by semester, ensuring alignment with current industry trends and demands.

Full course description for Special Topics in Cybersecurity

This is an alternate capstone course for MIS majors that emphasizes both the technical and strategic planning and as well as organization frameworks necessary to successfully select, deploy and manage information systems. Other areas of study include the roles of executive and staff, administrative structures, outsourcing decisions and outsourcing frameworks. Several IT management methodologies will be examined, including ITIL and COBIT. This course was formerly numbered MIS 312.

Full course description for Administration of the Management Information Systems Function

+ General Guidelines
Transfer Courses

The evaluation of transfer coursework equivalency is conducted by the Computer Science and Cybersecurity (CSC) Department. This process is initiated at the time of admission, with any resulting determinations reflected in the student’s DARS (Degree Audit Reporting System) report. When transferring coursework, students should be aware that many institutions—universities, community colleges, and technical colleges—offer courses that may be considered equivalent to our Pre-Major requirements. In certain cases, a lower-division course from another institution may be deemed equivalent to one of our upper-division courses, or vice versa. However, for the purpose of satisfying upper-division major electives or university graduation requirements, the classification of the course at the originating institution (i.e., whether it is designated as lower or upper division) is the determining factor.

Prerequisites

Students are responsible for understanding and meeting all prerequisite requirements for the courses in which they enroll. Enrollment in a course is contingent upon successful completion of all prerequisites with a minimum grade of C-. Students who do not meet these requirements will be administratively dropped from the course. While the registration system enforces prerequisites for many courses, discrepancies can occasionally occur. If your DARS report indicates that you have met the prerequisites, but you are unable to register due to a system error, please contact your academic advisor for assistance.