Skip to main content

eServices scheduled downtime, July 11–July 13 | Fall 2025 Registration window now open. | Undergraduate Final Deadline is July 28 for fall term
Metropolitan State University (Home)
Secure
Professor pointing at computer screen with students using wearables

Cybersecurity Minor

College of Sciences / Computer Science and Cybersecurity
Undergraduate minor

About The Program

The Cybersecurity Minor provides students with a foundational and interdisciplinary education in the protection of digital systems and information assets. Cybersecurity is a computing-based field that integrates technical, analytical, and ethical components—preparing individuals to secure computer systems in both public and private sectors.

This 24-credit minor is primarily designed for students majoring in Computer Science (CS), Computer Information Technology (CIT), or Computer Forensics (CFS). The curriculum covers key areas such as information assurance, cryptography, computer architecture, security system design, programming, risk assessment, legal frameworks, and incident response—often examined in the context of real-world adversarial threats.

Through a combination of theoretical instruction and hands-on experience, the program equips students with the problem-solving and technical skills necessary to pursue entry-level positions in cybersecurity. The minor also emphasizes the importance of ethical responsibility, legal compliance, and societal impact, ensuring that graduates are prepared to contribute meaningfully to both the workforce and their communities.

Program highlights

  • Interdisciplinary foundation
    Combines principles from computer science, information technology, law, and policy to provide a well-rounded introduction to the cybersecurity field.
  • Designed for non-cybersecurity majors
    Ideal for students majoring in Computer Science, Computer Information Technology, Computer Forensics, and related disciplines who want to broaden their career opportunities.
  • Hands-on, skills-based learning
    Includes lab-based coursework that builds practical experience in cryptography, system security, risk assessment, and incident response.
  • Ethical and legal emphasis
    Prepares students to navigate the legal, regulatory, and ethical dimensions of cybersecurity in professional environments.
  • Career-enhancing credential
    Equips students with in-demand cybersecurity competencies that increase employability across industries such as technology, finance, healthcare, and government.

Learn more about the BS in Cybersecurity Program.

Learn more about the MS in Cyber Operations program.

Learn more about the accelerated combined (BS + MS) degree in Cybersecurity Operations.

Seals of the DoD Cyber Academic Engagement Office, National Security Agency, National Centers of Academic Excellence in Cybersecurity, and the Centers of Academic Excellence in Cybersecurity Community, with the CAE-CD and CAE-CO cyber defense and cyber operations submarks

Metro State University is Minnesota’s only institution recognized by the National Security Agency (NSA) with dual designations as a National Center of Academic Excellence in Cyber Defense (NCAE-CD) and Cyber Operations (NCAE-CO).

The Bachelor of Science in Cybersecurity degree is aligned with the NCAE-CD designation, ensuring the program meets rigorous national standards in technical depth, applied learning, and ethical practice. This recognition provides students with a competitive edge in the workforce and validates their readiness to defend critical systems and data in a rapidly evolving cyber landscape.

The Master of Science in Cyber Operations is aligned with the NCAE-CO designation, awarded by the National Security Agency. This elite recognition underscores the program’s focus on the operational side of cybersecurity—emphasizing advanced technical skills, adversarial thinking, and mission-oriented training beyond traditional cybersecurity practices. The NCAE-CO designation affirms that the program meets the nation’s most rigorous standards for preparing professionals to conduct complex cyber operations in support of national defense, critical infrastructure protection, and intelligence missions.

As an active participant in the national CAE community, Metro State continues to lead in cybersecurity workforce development, education, and public service—equipping graduates to protect the digital assets of government, industry, and society.

Student outcomes

A student graduating with the cybersecurity minor will be able to:

  • Demonstrate the ability to apply knowledge of cybersecurity concepts, tools and technologies to prevent, detect, react, and recover from cyber-attacks.
  • Understand cybersecurity risks, threats, and related countermeasures and apply this understanding to develop cyber defense strategies.
  • Participate as an active and effective member of a project team engaged in achieving solutions to specific cybersecurity related problems.
  • Demonstrate sensitivity to and sound judgment on ethical issues as they arise in information security and cyber defense and adhere to accepted norms of professional responsibility.

Program educational objectives

Within a few years of completing the Cybersecurity Minor, graduates are expected to:

  1. Enhance their primary field of study by effectively applying cybersecurity principles, tools, and techniques to address digital security challenges within their respective disciplines.
  2. Contribute ethically and collaboratively to multidisciplinary teams focused on securing systems and data, demonstrating professional responsibility and sound judgment in real-world cybersecurity contexts.
  3. Support and advance organizational cybersecurity efforts by recognizing emerging threats, assessing risks, and participating in the development and implementation of cyber defense strategies across various sectors.

Program oversight

MN Cyber icon. Train, Test, Detect. Protect.

Housed within the College of Sciences, the MN Cyber Institute is a statewide initiative dedicated to positioning Minnesota as a national leader in cybersecurity education and workforce development. The Institute advances this mission through strategic public-private partnerships, interdisciplinary research, and community engagement.

Program oversight is provided by the MN Cyber Advisory Board, a group of cybersecurity leaders from industry, government, and academia. The board ensures the program remains responsive to current and emerging threats, provides strategic guidance, and helps align the curriculum with real-world workforce demands.

Career prospects

The Cybersecurity Minor provides students with a competitive edge by integrating critical cybersecurity knowledge into their primary field of study. As cyber threats continue to impact every industry—from healthcare and finance to manufacturing, education, and government—employers are increasingly seeking professionals who bring both domain-specific expertise and foundational cybersecurity awareness.

By completing this minor, students significantly increase their employability in roles that require security-conscious thinking, risk mitigation, and basic technical understanding of how to protect data and systems. Whether paired with a major in computer science, information technology, digital forensics, business, criminal justice, or public administration, the cybersecurity minor opens doors to job functions that intersect with information security.

Graduates with a cybersecurity minor may pursue roles such as:

  • IT Support or Systems Analyst with a cybersecurity focus
  • Security-aware Software Developer
  • Cybersecurity Compliance Analyst
  • Digital Forensics Technician
  • Risk and Data Privacy Analyst
  • Cybersecurity Project Assistant or Coordinator
  • Technical Roles in Law Enforcement or Government Agencies

As cybersecurity continues to be a cross-cutting priority across industries, students with this minor are better prepared to contribute to organizational resilience and meet growing workforce demands for cyber-literate professionals.

How to enroll

Current students: Declare this program

Once you’re admitted as an undergraduate student and have met any further admission requirements your chosen program may have, you may declare a major or declare an optional minor.

Future students: Apply now

Apply to Metropolitan State: Start the journey toward your Cybersecurity Minor now. Learn about the steps to enroll or, if you have questions about what Metropolitan State can offer you, request information, visit campus or chat with an admissions counselor.

Get started on your Cybersecurity Minor

Program eligibility requirements

Students interested in a Cybersecurity minor should work with their assigned academic advisors to determine the eligibility requirements. For acceptance into the Cybersecurity minor, students must submit an Undergraduate Program Declaration Form when the following conditions are met:

  • Currently enrolled in the university with a specific major program;
  • Completed the General Education Goal I Writing Requirement; and
  • Have earned at least 30 college credits with a cumulative GPA of 2.5 or better.

Official acceptance into this minor program and the review of transfer coursework equivalency and qualifications are done through the Computer Science and Cybersecurity (CSC) Department.

Courses and Requirements

SKIP TO COURSE REQUIREMENTS

Guidelines for completing the Cybersecurity Minor

The Cybersecurity Minor is primarily intended for students majoring in Computer Science (CS), Computer Information Technology (CIT), or Computer Forensics (CFS) who want to secure challenging jobs in cybersecurity.

  • Students should work with their assigned academic advisors to determine the eligibility requirements.
  • To declare the cybersecurity minor, students should reference the program eligibility requirements noted in this catalog or on the student’s Degree Audit Report System (DARS) report.
  • All courses in the minor must be completed with a grade of C- or better.
  • Students must complete at least 12 upper-division credits of the minor requirements at Metro State University.
  • Read and understand the guidelines for transfer courses and prerequisites listed in the General Guidelines section.

Minor Requirements (24 credits)

+ Core (16 credits)

This course introduces principles of computer security with integrated hands-on labs. The course prepares students to effectively protect information assets by providing fundamental details about security threats, vulnerabilities, and their countermeasures ranging from a simple computer to enterprise computing. Topics include broad range of today's security challenges, common security threats and countermeasures, security management, access control mechanisms, applied cryptography, privacy issues, computer ethics, file system security, and network security. Overlap: ICS 382 Computer Security

Full course description for Computer Security

To properly secure any organization's information infrastructure and assets, a periodic assessment of its security posture at various levels of the organization is essential. One key area is the direct assessment of vulnerabilities in the IT infrastructure, systems and applications, followed by targeting and exploitation of the same. This course covers the theoretical bases for cyber threats and vulnerabilities, and delves into selection and application of penetration testing methodologies ranging from reconnaissance to the exploitation of vulnerabilities by probing infrastructure, services and applications. The course places a strong emphasis on the use of these methodologies to demonstrate, document, report on, and provide a clear roadmap for remediation of exposed security issues.

Full course description for Vulnerability Assessment and Penetration Testing

Information is an asset that must be protected. Without adequate protection or network security, many individuals, businesses, and governments are at risk of losing that asset. It is imperative that all networks be protected from threats and vulnerabilities so that a business can achieve its fullest potential. Security risks cannot be eliminated or prevented completely; however, effective risk management and assessment can significantly minimize the existing security risks. In order to provide effective protection to the organization's critical infrastructure and services, continuous monitoring as well as various processes, procedures, and technology is required to detect and prevent cyber-attacks, breaches, and security violations. In addition, existence of a comprehensive incident response plan is vitally connected to the survivability of an organization after a severe security breach or compromise of critical business operations. This course focuses on the operational aspect of…

Full course description for Cyber Operations

Choose from one of the following courses:

Networks are the backbone of information technology operations within an enterprise and are responsible for a significant portion of an organization's security posture. Cybersecurity professionals are often tasked with securing network operations and responding to network threats which demonstrates the importance to networking knowledge in the cybersecurity industry. As a cybersecurity practitioner, it is imperative that there is an understanding of network operations, protocols, and administration practices. This course focuses on developing skills and taking a deep dive into networking protocols including TCP, UDP, ICMP, and IP, network design and architecture, network administration automation, network analysis, and network protocol and design impacts on security and defense measures. Overlap: ICS 383 Networking Protocols and Analysis

Full course description for Networking Protocols and Analysis

Principles and practices of the OSI and TCP/IP models of computer networks, with special emphasis on the security of these networks. Coverage of general issues of computer and data security. Introduction to the various layers of network protocols, including physical, data link, network, and transport layers, flow control, error checking, and congestion control. Computer system strengths and vulnerabilities, and protection techniques: Topics include applied cryptography, security threats, security management, operating systems, network firewall and security measures. Focus on secure programming techniques. Programming projects.

Full course description for Networks and Security

+ Electives (8 credits)

Fulfill eight elective credits from the selection provided below, with the following stipulations: The content of CYBR 490: Special Topics in Cybersecurity varies from semester to semester. Students may enroll in this course multiple times for elective credit, provided each instance covers different topics, and they have obtained approval from either the cybersecurity coordinator or the CSC department chair. To count certification preparation courses (CYBR 313, CYBR 323, and CYBR 343) towards major or technical elective requirements, students must successfully pass the related certification exam and submit proof of this achievement. An approved cybersecurity internship (CYBR 350I) is eligible to count as a major elective requirement. Students should obtain approval from the Cybersecurity Internship Coordinator before commencing the internship.

In this course, students continue not only to learn how to identify and collect digital evidence through forensics search tools, but also to study the emerging data mining techniques. The topics include how to design a plan for a computer crime investigation; how to select a computer software tool to perform the investigation; how to articulate the laws applying to the appropriation of computers for forensics analysis; how to verify the integrity of the evidence being obtained; how to prepare the evidence collected for the use in the court; and how to present the evidence as an expert eyewitness in court. Some hypothetical and real cases are also discussed in class.

Full course description for Digital Evidence Analysis

In this course, students will learn the law relating to computer software, hardware, and the Internet. The areas of the law include intellectual property, cyberspace privacy, copyright, software licensing, hardware patent, and antitrust laws. Legislation and public policies on cyberspace technology, cryptographic method export controls, essential infrastructure protection and economic development are also discussed in class.

Full course description for Computer Laws

This course takes a hands-on approach to provide students with foundational concepts and practical skills in Mobile Device Forensics, which can be leveraged to perform forensically sound investigations against crimes involving the most complex mobile devices currently available in the market. Using modern tools and techniques, students will learn how to conduct a structured investigation process to determine the nature of the crime and to produce results that are useful in criminal proceedings. The course will provide walkthrough on various phases of the mobile forensics process for both Android and iOS based devices including forensically extracting, collecting, and analyzing, data and producing and disseminating reports. The course modules and labs will involve certain specialized hardware and software to perform data acquisition (including deleted data), and the analysis of extracted information.

Full course description for Mobile Device Security and Forensics

This course's primary focus is to teach the latest commercial-grade hacking tools, techniques, and methodologies used by hackers and information security professionals to hack an organization lawfully for the sole purpose of discovering vulnerabilities. It is imperative to identify vulnerabilities in your working environment before the attackers and guide your employer towards a better overall security posture. Ethical Hacking is an in-demand skill, primarily because the best defense is a good offense. The course will prepare students for the EC-Council CEH certification exam. The CEH certification, a well-recognized industry certification, helps students develop the necessary skills needed to work in a red team environment, focused on attacking computer systems and gaining access to networks, applications, databases, and other critical data on secured systems.

Full course description for EC-Council Certified Ethical Hacker (CEH) Certification Preparation

This course's primary focus is to provide targeted content and integrated hands-on skills in Linux Operating System and prepare students for the CompTIA Linux+ certification exam. The CompTIA Linux+, a well-recognized industry certification, helps students develop baseline skills needed to perform common tasks in major distributions of Linux, including the Linux command line, essential maintenance, installing and configuring workstations, and networking.

Full course description for CompTIA Linux+ Certification Preparation

This course's primary focus is to provide targeted content and integrated hands-on skills to apply behavioral analytics to networks and devices to prevent, detect, and combat cybersecurity threats through continuous security monitoring. The course will prepare students for the CompTIA CySA+ certification exam. The CompTIA CySA+, a well-recognized industry certification, helps students develop baseline skills needed to proactively capture, monitor, and respond to network traffic findings and emphasize software and application security, automation, and threat hunting, and IT regulatory compliance, which affects the daily work of security analysts.

Full course description for CompTIA CySA+ Certification Preparation

Internships offer students opportunities to gain deeper knowledge and skills in their chosen field. Students are responsible for locating their own internship. Metro faculty members serve as liaisons to the internship sites¿ supervisors and as evaluators to monitor student work and give academic credit for learning. Students are eligible to earn 1 credit for every 40 hours of work completed at their internship site. Students interested in internships within the Computer Science and Cybersecurity Department should work with their advisor and/or faculty internship coordinator to discuss the process for your specific major.

Full course description for Cybersecurity Individualized Internship

This course provides students with a thorough foundation of applied cryptography for cybersecurity practitioners. As encryption technologies continue to integrate into everyday culture, the importance of cryptography and encryption knowledge of cybersecurity practitioners continues to increase. Students will learn and be able to apply and analyze: the history of cryptography from the earliest ciphers to current encryption methodology, mathematical foundations for cryptography, symmetric and asymmetric algorithms, and applied cryptography pertaining to Virtual Private Networks (VPNs), SSL/TLS, strategies for defense utilizing encryption and cryptography, military applications, steganography, cryptanalysis, and more. Additionally, students will look to the future of cryptography and encryption including a look into quantum cryptography and encryption in cloud environments. Overlap: ICS 483.

Full course description for Cryptography for Cybersecurity Practitioners

In the face of escalating cyber breaches and intrusions, organizations seek professionals adept at identifying and responding to security incidents proactively. This course offers an in-depth exploration of Digital Forensics and Incident Response (DFIR) methodologies, emphasizing frameworks such as NIST and US-CERT. Students will learn to effectively detect, analyze, contain, eradicate, and recover from cyber attacks within enterprise networks. Throughout the course, students will develop expertise in identifying threat actors and security breaches, analyzing artifacts and logs, conducting post-mortem analyses, and implementing and refining mitigation strategies. The curriculum aligns with the CompTIA CySA+ objectives, ensuring students are equipped with the competencies required for effective cybersecurity analysis and incident response. By the end of the course, students will be proficient in using industry-standard forensic tools, assessing cyber attack stages, and developing…

Full course description for Cyber Incident Response and Handling

Malware infections have reached epidemic proportions with over 600 million types of infection reported to date. Traditional antivirus techniques are not sufficient to stem the tide. This course will introduce students to the fundamentals of malware analysis techniques which will allow them to recognize, analyze and remediate infections. Basic static analysis techniques using antivirus scanning, hashing, string searching and other automated analysis tools will be reviewed. Dynamic approaches using system and network monitoring will be employed to detect snooping and attempts to exfiltrate data. Students will set up virtual workspaces, download tools and malware and analyze software in a secure environment. Reverse engineering will be introduced. Overlap: ICS 486.

Full course description for Malware Analysis

This course explores specialized and emerging topics in cybersecurity, addressing cutting-edge threats, technological advancements, and evolving best practices not covered elsewhere in the Cybersecurity program. Designed to keep pace with the rapidly changing cybersecurity landscape, this course provides students with opportunities to analyze and evaluate recent developments, apply advanced tools and methodologies, and synthesize scholarly and professional literature to solve real-world cybersecurity challenges. Emphasis is placed on ethical decision-making, professional responsibility, and adherence to legal and industry standards in addressing contemporary cybersecurity issues. The specific topic of study varies by semester, ensuring alignment with current industry trends and demands.

Full course description for Special Topics in Cybersecurity

This is an alternate capstone course for MIS majors that emphasizes both the technical and strategic planning and as well as organization frameworks necessary to successfully select, deploy and manage information systems. Other areas of study include the roles of executive and staff, administrative structures, outsourcing decisions and outsourcing frameworks. Several IT management methodologies will be examined, including ITIL and COBIT. This course was formerly numbered MIS 312.

Full course description for Administration of the Management Information Systems Function

+ General Guidelines
Transfer Courses

The evaluation of transfer coursework equivalency is conducted by the Computer Science and Cybersecurity (CSC) Department. This evaluation is initially carried out upon admission, and any updates are recorded in the DARS report. When transferring coursework, it's important to note that courses equivalent to our Pre-Major offerings may be available at various universities, community colleges, and technical colleges. In some cases, a lower-division course from another institution may correspond to one of our upper-division courses, or conversely, an upper-division course elsewhere may match one of our lower-division courses. The designation of the course at the originating institution (whether it is considered lower or upper division) is the determining factor for crediting upper-division courses towards major electives or university graduation requirements.

Prerequisites

Students must understand and comply with the prerequisites for any course they enroll in. Enrollment in a course is contingent upon completing all its prerequisites with a minimum grade of C-. Students who fail to meet these prerequisites will be administratively dropped from the course. While the registration system automatically enforces prerequisites for certain courses, discrepancies may occur. If your DARS report indicates that you satisfy the prerequisites for a course, but the registration system denies your enrollment, please contact your academic advisor for assistance.