Brown University offers Ivy League CISO creds
The Executive Master in Cybersecurity set to launch in October is a 16-month program to instruct students in technology, law and policy, human behavior, and leadership-skills development. “What the industry is crying out for is interdisciplinary training,” says Alan Usas, the program director.
The idea is to prepare cybersecurity leaders who not only understand the technical needs of protecting data and privacy but who can also talk effectively to the boards of directors about these issues in a way that nets results for security and for business goals, he says.
But the program is also seeking professionals who have other uses for this broad education. For example, among applicants are employees of high-tech firms in sales positions who deal daily with CISOs, some newly appointed CISOs looking to solidify their skills, lawyers who deal with security and privacy policy, and tech investors seeking to develop a handbook on how startups should address their own cybersecurity.
This cross-pollination will give the class a variety of perspectives on cybersecurity and the opportunity to learn from others’ areas of expertise, Usas says.
The master’s program lasts 16 months starting Oct. 16 with a class of 25 to 30. It includes a week at Brown to kick off the program and another at the end to wrap it up, plus two more during the program. A fifth group week is planned for San Francisco where the class will meet with Silicon Valley executives who plot cybersecurity product strategies and non-profits who study policy issues.
The rest of the program is online, requiring 15 to 18 hours per week, most of the courses are designed so students can login to fit their own schedules. Some classes that require interaction among the students may have firm meeting times, he says.
Most applicants plan to keep their day jobs and to get help from their employers paying the $97,500 tuition and fees that doesn’t include travel and lodgings for the group gatherings during the program.
Everyone takes the same set of nine courses: Introduction to Computer Security; Advanced Topics in Computer Security; Applied Cryptography and Data Privacy; Human Factors in Computer Security and Data Privacy; Privacy and Personal Data Protection; Management of IT Systems and Cybersecurity Risks; Global Cyber Conflict: Law, Policy and Governance; The Future of Cybersecurity: Technology and Policy; Effective Leadership.
In addition, every student must complete a Critical Challenge Project that examines a security or privacy challenge facing an organization from multiple points of view and comes up with recommended solutions. They must write brief proposals for their projects as part of their applications.
The qualifications for acceptance are very broad, but there is no requirement for a computer science background. The program seeks people with five to 15 years’ experience.
The school came up with the idea two years ago and has been working since then to flesh out the curriculum.
Brown’s School of Professional Studies had a similar program for health care leadership, and there’s an executive MBA program in conjunction with a business school in Spain. The organizers reached out to corporations directly and via the university’s alumni associations.