Video Master of Science in Information Security and Assurance

Norwich’s Master of Science in Information Security and Assurance – A Program Director’s Perspective


Rosemarie: I’m Dr. Rosemarie Pelletier, and I’m the Director of Information Security and Assurance Program here at Norwich University.

Our program offers courses and concentrations that are cutting edge. Right now people are talking about global perspectives on the internet. How do you set policy globally? The internet has no bounds. How do we figure out how to do this as a global society? Our faculty look at that and say, well, let’s be proactive. Let’s see if we can become more proactive in setting policy and becoming involved in policy.

We have an international advisory board and one of the members actually did advise globally on some of these policies. She was with the Internet Society, she advised entities like The United Nations, The World Bank, places where people come together apolitically, right? They don’t look at politics, they look at how do we get something done.

So this program really teaches students how to apply theory. It’s not about, well, if you take this program or this piece of software or this software tool, you can hack into a system. It’s what does it look like and how do you prevent it?

We don’t look at the program and look for an ideal student. We look at the program’s students and say “How do we help you?” So we have a number of students who have come to us in the last 12 months because we’ve added new labs into our first four core courses. So we don’t expect you to have a high tech background in the beginning.

Standards and research says that people will change careers at least five times in their work lifetime. So if you look at the market for information security and assurance, if you left college with a Master’s degree in English and you want to make a career change, we could help you make the change using virtual labs.

These labs are – they’re incredible. You can see things happening on multiple machines all at the same time. You can crash the machines, you can stand them back up, you can then try and crash them again using different software tools. You can determine how flexible something is, you can determine the structure of something, you can determine how secure something is by continuously bombarding it using different software tools.

We don’t want you to panic. When you go back to work, when you’re in your workplace, when somebody comes to you and says this is happening, we want you to have the confidence level to turn around and say “Got it. Understand it. I can handle it.” Because you have seen it or something like it before.

If you’re already in the field and you’re looking for a better background in forensics, then we offer a concentration in computer forensics. If you’re looking for something in vulnerability management, or we call it ethical hacking, or penetration testing, then we offer vulnerability management to help you get those skills and get that up and running.

If you’re not interested in the high tech side of it, if you’re a student that says “Well, you know, I’m really more into the project management side” we offer project management in conjunction with the MBA program.

If you’re interested in the law side of this, in cyber law, in international perspectives on cyber space, then we have a concentration that looks at that, taught by someone who actually is an attorney who specializes in cyber law, cybercrime. If you’re concerned about critical infrastructure protection, if you’re concerned about cybercrime, we actually have a course taught by a DCIS who specializes in catching those people who are cyber criminals and who commit cybercrime, and in protecting critical infrastructure protection.

I would challenge any other information security and assurance program as far as faculty goes. Again, because ours have not only the academic background but they also have time in field. They know what they’re doing. They’ve done it. They’ve done it for careers.

They are incredibly diverse. So we have someone who is an IT director at a major automotive company. We also have someone who is an attorney who has worked with the Department of Defense and in DoJ looking at how to capture cyber criminals, how to anticipate cybercrime before it happens. We have someone from a major lab in the American Southwest, without getting too specific on where she works, who pulled together vulnerability management. What really happens when these different attacks occur and how can we make you better at anticipating or at seeing these things? So our faculty are very much involved in their field.