Norwich University MSISA Progress

I have an MSM in Project Management and an MSM in Information Systems Security, but unfortunately the ISS degree is old enough that it's no longer useful for anything except nostalgia. Things change a LOT in seven years when you're talking security. I started out as a UNIX/Linux Systems Administrator for 15 years, moved over to help build a new NOC, had a short stint as a Network Infrastructure Planner, and now I'm in IT Audit focusing on Cybersecurity. I really like Cybersecurity a lot, so I leveraged my experience and earned the CISSP in April 2015. I'll be sitting for the CISM in June 2016, and meanwhile I decided to go back to grad school, because who doesn't like a little torture when they're middle-aged?

I chose Norwich's MS in Information Security and Assurance online program, and started in September 2015. The setup is three trimesters, each with 2 consecutive seminars worth 6 credits each, so 6 classes for 36 credits and one week residency to finish the degree in 18 months. Each seminar is 11 weeks long, and I just finished the first one which is called Foundations and Historical Underpinnings of Information Assurance. I immediately shortened that to Underpinnings of Info Ass, because deep inside I am a 12-year old boy who thinks girdles and butts are funny. But I digress. There were 9 students total in my cohort, plus the professor, so it was definitely very one-on-one for things. My graduation date is June 2017, so I've got a ways to go.

They do encourage people applying to the program to already have their CISSP in hand, in order to make it a little easier for them.

I wasn't sure what to expect when I started, but I found out very quickly - lots of writing and lots of labs. In those 11 weeks I posted to the forums every week (at least four "substantive" posts which means about 500 words and citations), wrote 3 2000-word papers, 2 2000-word memorandum essays, 1 10,000-word final paper and completed 6 labs that I found easy because of my sysadmin experience (I was lucky). The first lab had people modifying files in vi and it apparently did NOT go well for some. I'm a vi girl to the bone so it wasn't an issue for me.

I start my second core seminar on Monday December 7th. This one is Info Ass Tech, which is obviously all about becoming informed on butt technologies. So far the setup looks much the same as far as deliverables, but it's going to require a lot of networking knowledge. I'm looking forward to it, and I'll keep posting in this thread about how it goes if people are interested.

For the first 4 core seminars they use the same books:
Computer Security Handbook 6th Edition edited by Bosworth, Kabay, and Whyne (This is a two volume set, so it's huge and technical and a work of art)
Information Security Essentials which is apparently out of print and provided to the students via PDF

Scorecard:
Foundations & Historical Underpinnings of Info Ass - A
Info Ass Tech - in progress
Human Factors & Managing Risk - TBD
Info Ass Mgmt & Analytics - TBD
Computer Security Incident Response Team Management - TBD
Computer Forensic Investigation - TBD

Find more posts tagged with

Comments

Balantine

I read Computer Security Handbook 6th Edition edited by Bosworth, Kabay, and Whyne for fun but thought it was outdated. There were a few good chapters. A lot of NSA people go to Norwich AFAIK, and the program has serious credential. Good for you.

fullcrowmoon

Balantine wrote: »

I read Computer Security Handbook 6th Edition edited by Bosworth, Kabay, and Whyne for fun but thought it was outdated. There were a few good chapters. A lot of NSA people go to Norwich AFAIK, and the program has serious credential. Good for you.

I agree with some of it being outdated, but the fact is that the security landscape moves so quickly everything gets outdated. After going through it I think it provides a decent foundation to build on, and the rest I'll get from what I encounter at work

gespenstern

Lold at butt technologies.

Keep us posted, many of us are in the same boat (studying online being middleage) with WGU and would love to compare.

fullcrowmoon

My second seminar started last week and it was a little rough. There's a new professor (I think) and he basically posted something on Monday, December 7th, and then proceeded to disappear for over a week. Very not cool. This is the kind of program where you need to be proactive and show initiative, but I like to have some guidance as well. I finally had to email the associate program director and he got things going in the right direction.

Now I know what my 3 papers will involve as well as the final paper, and I can get started on them early. The jury is still out on this professor, though. My last professor was so very kick ass, so this guy has a very high bar to meet. We'll see!

snakeuptilit

currently in Info Ass Mgmt & Analytics. So far so good.

fullcrowmoon

snakeuptilit wrote: »

currently in Info Ass Mgmt & Analytics. So far so good.

I'm glad you understand the importance of referring to everything as Info Ass.

dmoore44

I just finished my first semester in the Carnegie Mellon program, so it's interesting to read other people's accounts of what they're studying, the assignments and such.

fullcrowmoon wrote: »

The first lab had people modifying files in vi and it apparently did NOT go well for some. I'm a vi girl to the bone so it wasn't an issue for me.

Oh god. Well, at least you didn't say emacs.

As soon as I can get nano on a machine, emacs/vi/vim get left in the dust.

fullcrowmoon

dmoore44 wrote: »

I just finished my first semester in the Carnegie Mellon program, so it's interesting to read other people's accounts of what they're studying, the assignments and such.

Oh god. Well, at least you didn't say emacs. As soon as I can get nano on a machine, emacs/vi/vim get left in the dust.

To which I reply, "Pfffft, sir! Pfffft!"

fullcrowmoon

It's about time for an update.

This seminar got off to a rough start due to the professor failing to show up really. This seminars are only 11 weeks long, you write approximately 20k words in papers and exams, and however many more words in the weekly forum discussions, and it's really important to get feedback from the professor so you know you're headed in the right direction.

Long story short, I got tired of receiving no grades and no commentary on anything I'd turned in, so I got the rest of my cohort together and organized a protest. We sent an email to the Program Director with all of our names on there on a Saturday evening. She responded on Sunday morning, and Sunday night grades began to trickle in. I'm calling it the Mutiny of the U.S.S. Norwich, teehee. (This is after I emailed the Associate Program Director that first week.)

Now that the professor has decided to show up, things are going well. He grades hard as ****, but his grading is fair and his comments on my first paper were very helpful. Really that's all I'm looking for. I can do the work on my own, just point me in the right direction and tweak what I'm doing when it needs tweaking.

This course focuses on networks, and the papers are all about encryption and designing a network, etc., etc., and so forth. It's fun!

Week 5 of the course ends tomorrow. Six more weeks to go!

Rumblr33

Fullcrowmoon, how's the progress going? I just applied to Norwich and I am looking to start in March. It's great to read your progress.

fullcrowmoon

I'm in the middle of my second seminar and it's going well. I have two papers, two exams, several labs, and one final paper left to do. If you didn't realize it already, it is a TON of writing. I see you have your Security+ cert and CEH - those will help you with the program. I feel like you really need to have some operations experience behind you in order to do well in this program. Keep in touch with me! I'll be just one trimester ahead of you so we can share notes.

FSF150

Hi All,

I just started my MSISA from Norwich in December. Ran across this thread, thought it might be nice to swap advice (and vent

).

Definitely a lot of writing. I finished up business school earlier this year and was looking forward to not writing papers for a while. Oh well. So far the labs are my favorite part. The conferences are a necessary evil. Really enjoying what we're studying though!

FSF150

Three weeks from owing that first 10,000-worder. Not looking forward to all that typing...

Labs are done, I'd say anyone with basic computer experience could follow them fairly well. I really like the hands-on aspect and I think they were just as valuable as the higher-level reading/writing each week. The exams aren't bad. It does seem that much of a CISO's job involves justifying resource allocation as well as providing security guidance, so I think it makes sense to structure them in the memo format.

Also have scheduled my ISACA CSX exam at the end of the one week gap between classes. Seems to parallel a bunch of Sec+ curriculum, so I've been watching the Sec+ cybrary videos to augment the study material. I'll definitely take advantage of the CISSP class Norwich offers next year, but for now I think I'll stick to the basics.

zxbane

I looked into this program at one point (switching directions and going towards Computer Science now) and Norwich has a wonderful reputation but I must say I don't envy all of that writing!

fullcrowmoon

Get started on it now. Get the formatting in place, and figure out your topics. (You probably already know since you've had to turn in an outline for it, right?) Then work on it a bit each day. Write one section, or half a section, or for 15 minutes, or something. I have to force myself to do it this way because otherwise I end up waiting 'til three days before it's due and find myself in a writing frenzy of stress and angst, the well-known WFSA.

The professor for this second seminar continues to be a non-participatative annoying person, but it's ok. The Norwich people have been very responsive to the cohort's issues with him and I'm already looking forward to my third class once this is done. Almost 1/3 finished, whoo!

FSF150

fullcrowmoon wrote: »

Get started on it now. Get the formatting in place, and figure out your topics. (You probably already know since you've had to turn in an outline for it, right?) Then work on it a bit each day. Write one section, or half a section, or for 15 minutes, or something. I have to force myself to do it this way because otherwise I end up waiting 'til three days before it's due and find myself in a writing frenzy of stress and angst, the well-known WFSA.

The professor for this second seminar continues to be a non-participatative annoying person, but it's ok. The Norwich people have been very responsive to the cohort's issues with him and I'm already looking forward to my third class once this is done. Almost 1/3 finished, whoo!

I'm one of those procrastinators who does his best work in a state of last-minute panic, unfortunately. I actually scored better on the exam and paper 2, when I reached a point where I just said "hell with it, good enough!" and submitted, rather than paper 1 which I started early and stressed over.

We have done the outlines. This prof is very responsive to those. I'll survive... but I accept that I'm going to be in quite a grumpy mood for the last week of this seminar!

FSF150

zxbane wrote: »

I looked into this program at one point (switching directions and going towards Computer Science now) and Norwich has a wonderful reputation but I must say I don't envy all of that writing!

So does ODU, at least it seemed well represented in the officer ranks when I was in the USN. Good luck to you!

As for the writing, I've sent screenshots of the assignments to my business school classmates so they can laugh at my pain...

fullcrowmoon

That's a great idea!

Rumblr33

I am currently doing my Industry Case Study proposal. Really interested to see how this turns out once the final product is complete. My industry is Retail, and we know about the recent years the Retail industry has had. I look forward to writing this proposal. Did the people that are currently enrolled chose the Industry or Organization case study?

fullcrowmoon

I've worked ahead on my assignments because of life getting a bit crazy. At this point everything that's due is turned in except for my final paper, which is due Saturday February 27th. I think I'm going to make my A in this class, but the professor certainly hasn't made it easy. I think when it's all over with I might go to ratemyprofessor.com and leave some comments. :P

Despite this seminar being so difficult due to the lame professor, I've learned a lot and really gotten close to my cohort, which makes for good feedback on stuff when there's questions. I'm still really happy with the program.

This class on 02/27 and the next one starts on 03/07, so I'll have a small break before back to the writing.

fullcrowmoon

Ugh, why can't I edit my original post? So annoying.

Scorecard:
09/07/2015 - 11/22/2015: Foundations & Historical Underpinnings of Info Ass - A
12/07/2015 - 02/28/2016: Info Ass Tech - in progress
03/07/2016 - 05/22/2016: Human Factors & Managing Risk - TBD
06/06/2016 - 08/21/2016: Info Ass Mgmt & Analytics - TBD
09/05/2016 - 11/20/2016: Computer Security Incident Response Team Management - TBD
12/05/2016 - 02/26/2017: Computer Forensic Investigation - TBD
June 2017: One week residency

FSF150

Rumblr33 wrote: »

I am currently doing my Industry Case Study proposal. Really interested to see how this turns out once the final product is complete. My industry is Retail, and we know about the recent years the Retail industry has had. I look forward to writing this proposal. Did the people that are currently enrolled chose the Industry or Organization case study?

I did the organization, because I work at a company with excellent resources for information. I'm a neophyte so I'm learning as much (or more) from interviewing coworkers for the assignments as I am from class.

I'd go industry if I didn't have the same level of resources at my job, since you'll be doing a lot more external stuff anyway in that case. The prompts for each paper are tailored to the direction you chose.

FSF150

fullcrowmoon wrote: »

Ugh, why can't I edit my original post? So annoying.

Scorecard:
09/07/2015 - 11/22/2015: Foundations & Historical Underpinnings of Info Ass - A
12/07/2015 - 02/28/2016: Info Ass Tech - in progress
03/07/2016 - 05/22/2016: Human Factors & Managing Risk - TBD
06/06/2016 - 08/21/2016: Info Ass Mgmt & Analytics - TBD
09/05/2016 - 11/20/2016: Computer Security Incident Response Team Management - TBD
12/05/2016 - 02/26/2017: Computer Forensic Investigation - TBD
June 2017: One week residency

Can't wait to hear about the human factors class. Really looking forward to that one, because.... people.

fullcrowmoon

FSF150 wrote: »

Can't wait to hear about the human factors class. Really looking forward to that one, because.... people.

Secure the human! With DUCT TAPE!

Rumblr33

FSF150 wrote: »

I did the organization, because I work at a company with excellent resources for information. I'm a neophyte so I'm learning as much (or more) from interviewing coworkers for the assignments as I am from class.

I'd go industry if I didn't have the same level of resources at my job, since you'll be doing a lot more external stuff anyway in that case. The prompts for each paper are tailored to the direction you chose.

FSF150, If you don't mind me asking, what industry do you currently work in? I work for a retail company and I do have resources available to me at work, but I decided it would benefit me more professionally if I did the Retail Services industry as a whole.

By the way, I was also in the Navy from 2002-2010. I look forward to starting classes on March 7 and meeting you all in June 2017.

FSF150

Rumblr33 wrote: »

FSF150, If you don't mind me asking, what industry do you currently work in? I work for a retail company and I do have resources available to me at work, but I decided it would benefit me more professionally if I did the Retail Services industry as a whole.

By the way, I was also in the Navy from 2002-2010. I look forward to starting classes on March 7 and meeting you all in June 2017.

Very cool. '07-'12 here, '12-'15 as reserves. MA type. May go back reserves if they'll direct commission me on the IT side. Maybe.

I work for company that offers an online payments/accounting platform. Small, but they're very serious about the InfoSec side as it is necessary to drive business relationships with financial firms who are subject to strict regulations in that area. Most of our IT team was poached from IT in very different fields, so it just seemed to make sense to focus on my own organization. I don't think there's a bad choice between the two.

I think we'll have to plan a "Team TechExams" meetup in June, for sure!

Rumblr33

About to embark on the Foundations and Historical Underpinnings of Information Assurance next week. I am currently trying to get a head start on a few things. How is the progress for my fellow Norwich students? What are the concentrations you all decided choose?

testing010101

This is a very interesting thread. Thanks to all who have posted. I seriously considered Norwich for quite sometime but I was less interested in theory/writing and more interested in practical application so I decided to go with Champlain College's MS in Information Security Operations program.

TheFORCE

Just to have a clear understanding, how many pages is a 10k, 20k paper? I've been researching school too and would like to apply to some that are accepting certifications or work experience in place of gmat, gre or gpa.

fullcrowmoon

TheFORCE wrote: »

Just to have a clear understanding, how many pages is a 10k, 20k paper? I've been researching school too and would like to apply to some that are accepting certifications or work experience in place of gmat, gre or gpa.

You will probably use Times New Roman 12 point. My final paper for my first class, including cover sheet, table of contents, executive summary, appendix of recommendations, references, etc., came to 25 pages, and my word count was 6940, so I was just under the 7k minimum. They give you plus/minus 100 words, though, so that was ok.