Picking a grad school

fullcrowmoon

In my current job as a cybersecurity auditor there's no room for promotion. People tend to stay 2 or 3 years, get good experience in all the different business units, and then get promoted out of Internal Audit back out into the company somewhere. I've been in tech for a good long time (UNIX Admin, NOC, Network Planning, etc.), and I want to move into a security organization within my company, eventually.

I have an MSM in Information Systems Security, but it feels completely outdated now (I received it in 200. That said, given my career goals, I've decided to go back to grad school for Information Assurance. I flirted with WGU a couple of years ago but I didn't enjoy the experience at all, and withdrew. I see plenty of threads complaining about the whole grading process and I feel lucky I gave it a pass.

I went looking for good (online) cybersecurity schools, and came across the 2014 Ponemon Institute's paper on cybersecurity schools. You can find it here: http://www.ponemon.org/local/upload/file/2014%20Best%20Schools%20Report%20Final%202.pdf.

I ended up choosing Norwich University for a few reasons:

1. It's the #2 school in the US for cybersecurity and is recognized by the NSA and the DHS as a Center for Academic Excellence in Information Assurance education.
2. The capstone case study allows you to work within your own organization and produce something that will be of value to your company.
3. I get a (small) grant for having my CISSP already.
4. The program can be completed in 18 months, 3 six month terms with two classes per term (4 core, 2 concentration)
5. They have a deal with my company for a discount, so after tuition assistance I'll be paying about 10k out of pocket, which is reasonable.
6. I earn CPEs towards maintaining my CISSP.
7. Classes are taught by CISOs from large organizations and not academics only.
8. The Computer Forensic Investigation / Incident Response Team Management concentration sounds hella fun.

I'll be busting my butt for 18 months but I'll be having fun while I do it, I'm pretty sure.

kurosaki00

Do you got link for the #2 school in the US for cybersecurity fact?
What I could find was that it was ranked #2 by ponemon institute, which is a private security company.

Per USnews Ranking the MSISA is not ranked.

aspiringsoul

fullcrowmoon wrote: »

In my current job as a cybersecurity auditor there's no room for promotion. People tend to stay 2 or 3 years, get good experience in all the different business units, and then get promoted out of Internal Audit back out into the company somewhere. I've been in tech for a good long time (UNIX Admin, NOC, Network Planning, etc.), and I want to move into a security organization within my company, eventually.

I have an MSM in Information Systems Security, but it feels completely outdated now (I received it in 200. That said, given my career goals, I've decided to go back to grad school for Information Assurance. I flirted with WGU a couple of years ago but I didn't enjoy the experience at all, and withdrew. I see plenty of threads complaining about the whole grading process and I feel lucky I gave it a pass.

I went looking for good (online) cybersecurity schools, and came across the 2014 Ponemon Institute's paper on cybersecurity schools. You can find it here: http://www.ponemon.org/local/upload/file/2014%20Best%20Schools%20Report%20Final%202.pdf.

I ended up choosing Norwich University for a few reasons:

1. It's the #2 school in the US for cybersecurity and is recognized by the NSA and the DHS as a Center for Academic Excellence in Information Assurance education.
2. The capstone case study allows you to work within your own organization and produce something that will be of value to your company.
3. I get a (small) grant for having my CISSP already.
4. The program can be completed in 18 months, 3 six month terms with two classes per term (4 core, 2 concentration)
5. They have a deal with my company for a discount, so after tuition assistance I'll be paying about 10k out of pocket, which is reasonable.
6. I earn CPEs towards maintaining my CISSP.
7. Classes are taught by CISOs from large organizations and not academics only.
8. The Computer Forensic Investigation / Incident Response Team Management concentration sounds hella fun.

I'll be busting my butt for 18 months but I'll be having fun while I do it, I'm pretty sure.

You can't go wrong with Norwich. I strongly considered them as well, but backed out due to cost concerns. If you can afford it, more power to you, but I'm paying out of pocket for my program at WGU, and it's much more affordable. No doubt that degree from Norwich will open doors for you though, especially the networking aspect of it.

fullcrowmoon

kurosaki00 wrote: »

Do you got link for the #2 school in the US for cybersecurity fact?
What I could find was that it was ranked #2 by ponemon institute, which is a private security company.

Per USnews Ranking the MSISA is not ranked.

That's a really good point. Yes, Ponemon is a private security company, but the white paper was requested by HP.

I can't find anything specific about their MSISA either, other than the Ponemon report and the fact that the NSA and the DHS like them a lot.

iBrokeIT

I've heard good things about Dakota State's program:

Master of Science in Information Assurance | Dakota State University

NetworkNewb

kurosaki00 wrote: »

Do you got link for the #2 school in the US for cybersecurity fact?
What I could find was that it was ranked #2 by ponemon institute, which is a private security company.

Per USnews Ranking the MSISA is not ranked.

I don't really trust college rankings that much, different opinions everywhere. In the link he supplied, that was a survey based on opinions from 2,000 people... Here are some other random people's opinion below. I'm not saying it isn't a great school at all btw. Just wouldn't base my decision of off that.

Top 10 Universities for Cybersecurity | DSST | Get College Credit

What are the 3 Top Cyber Security Schools?

10 Best Online Cyber Security Degree Programs - Security Degree Hub

fullcrowmoon

Those are all good links. I think I need to remove the #2 bit and just keep the fact that it's approved by NSA/DHS (I live in the DC area, btw). All the rest still applies for me.

There really are a lot of programs out there. They're proliferating!

NetworkNewb

Yea, if you live that area it is probably a good pick.

kurosaki00

I was wondering about the credentials. The degree itself looks solid.

fullcrowmoon

kurosaki00 wrote: »

I was wondering about the credentials. The degree itself looks solid.

By credentials do you mean accreditation? If so, it's accredited by the New England Association of Schools and Colleges.

Khaos1911

NetworkNewb wrote: »

Yea, if you live that area it is probably a good pick.

What if he wasn't in an area with prestigious cyber/info assurance grad program? In this day and age, are online options still frowned upon?

fullcrowmoon

Khaos1911 wrote: »

What if he wasn't in an area with prestigious cyber/info assurance grad program? In this day and age, are online options still frowned upon?

I'm doing the online program. Norwich is in Vermont and I'm in Northern Virginia.

anoeljr

Khaos1911 wrote: »

What if he wasn't in an area with prestigious cyber/info assurance grad program? In this day and age, are online options still frowned upon?

Some people may still have that mindset, but I don't think it's as prevalent as it was when online options first began. If it's from a brick and mortar school I don't think most will care. They might say something about an online only program, but that's starting to fade.

NetworkNewb

Khaos1911 wrote: »

What if he wasn't in an area with prestigious cyber/info assurance grad program? In this day and age, are online options still frowned upon?

I feel it will definitely help if you go to online school that is your region so your employers will have heard of it. You don't want to give any reason for them to question your degree.

fullcrowmoon

NetworkNewb wrote: »

I feel it will definitely help if you go to online school that is your region so your employers will have heard of it. You don't want to give any reason for them to question your degree.

I think that depends on your employer, really.

NetworkNewb

Maybe, I guess I just like to do everything I can do help my odds. I just go off the recommendations from the wife, who is the HR manager at a decent size engineering firm. If your good and know your stuff anyone can do just fine though.