Is a Degree in Cyber Security Worth It?

Hackers and thieves think it’s worth the time and effort to digitally attack businesses and organizations around the world, so the question is: what is it worth it to you to learn to stop them?

Cyber security is a phrase getting thrown around a lot these days. Whether we’re dealing with communist spies, malicious techies, or special interest groups, everyone is trying to protect themselves from the digital assault on their assets. The world has changed. We keep far less valuables in a vault these days than we do in our cloud storage, so it only makes sense that the nature of security is changing as well. That’s why the field of cybersecurity is booming, and the time is right for you to get on board and consider pursuing a degree in cybersecurity, but that begs the question: is a master’s in cyber security degree worth it?

After all, to embark on more education is always an extensive investment in itself. By signing up to pursue another degree program, you’re essentially laying a great chunk of finances, time, and effort on the chopping block. Degrees are costly in more ways than one, and you’ve got to count the costs to determine if it’s worth it for you. We can help you there!

Between 2016-2017 alone, Ransomware programs like WannaCry, Petya, and Bad Rabbit infected hundreds of thousands of computers in over 150 countries, causing disarray by holding people’s computers hostage in exchange for monetary reimbursement. The damage was great, and the paranoia it caused was even greater.

That was just one of the more recent, global occurrences that are still fresh on our minds. The history of the internet is a storied tale interspersed with Trojans, spyware, malware, viruses, hackers, and every type of digital attack in the book. However, our internet usage isn’t slowing down anytime soon, so it’s time to batten down the hatches.

The world is waking up, incident by incident, to the necessity of quality cyber security. The question is: are you? A cyber security degree salary might help you smell the coffee, but more on that later. There are a few things we’re going to need to give a fair amount of attention to in our investigation to determine whether or not a cyber security degree is worth it.

Cyber Security Masters Plan of Attack

To help you determine if a master’s degree in cyber security is worth it, we’ve got to have a good plan of attack. There’s a mountain range of information out there, and we’re here to help you carefully sort through the noise to truly determine if a cyber security degree is worth it.

1) Cyber Security Masters Program Evaluation

First, we are going to have to look at the fundamentals: what is a cyber security degree? At this point you’ve likely had some experience with higher education, but the ball game changes a bit when it comes to a master’s degree, let alone a master’s degree in cyber security. This isn’t just a bachelor’s of arts or science anymore, and we have to orient ourselves to the process, curriculum, and structure behind a master’s degree in cyber security that is actually worth it.

2) Cyber Security Candidate Self-Evaluation

Next, we need to do some self-evaluation and take a good moment for personal reflection. After all, pursuing a master’s degree in cyber security isn’t just about textbooks, curriculum, and tuition. A master’s degree in cyber security usually attracts and demands a certain kind of student with specific passions, interests, backgrounds, and future interests. We’ll have a look at who generally gets a cyber security degree, as well as the skills they’re hoping to learn and the jobs they typically dream of getting upon graduation. Who knows, maybe you fit the mold as well!

3)Jobs for Cyber Security Masters Graduates

Third, you’re going to want to take a look at a very practical component of a master’s degree in cyber security: what can you even do with it? That’s the big question we hear all the time when pursuing a degree: “What are you going to do with that?”

Well, hopefully you are asking the same question of yourself right now as you contemplate getting your master’s in cyber security, and we’re here to help you be sure of the answer. We’ve compiled a list of jobs that graduates with a master’s in cyber security usually pursue, and we’ve also done the legwork, so you can see just how many openings there are for these jobs and where they are hiring.

4) Cyber Security Masters Degere Starting Salaries

Finally, and far from the item of least importance, we’re going to hit on the inevitable subject of money! Higher education is an investment, and when you see the price tag on some of these programs, your stomach is likely to do a few loops. Quality master’s degree programs in cyber security that are worth it are not cheap, but spending so much money on education shouldn’t be a dead end. We pay for education because we expect it to pay off in the form of higher skills, capabilities, and of course, salaries.

We are going to hit you with all the information you need to know concerning the finances of a master’s degree in cyber security. That means you’ll know starting salaries, average program costs, and what you can expect in terms of a return on investment should you decide to pursue a master’s degree in cyber security.

Well, I hope you are primed and ready to get this journey underway. We’ve got a lot of information to cover, but hey, hackers aren’t taking a day off and neither should you. Plug in, buckle up, and let’s go!

Evaluating a Master’s in Cyber Security Program

Isn’t it interesting to think that a phrase like “cyber security” didn’t exist in our English vocabulary 100 years ago, and now here we are doing whole master’s degree programs around it? A master’s degree in cyber security is definitely a new phenomenon, and as such, there are components of a cyber security program that will be rather unorthodox or cutting edge compared to traditional programs, but, at the same time, there will be things remarkably similar to any other program. Let’s get started with some of the ins and outs.

To start at the most fundamental level, a master’s degree in cyber security is just that: a master’s. Usually, this type of degree will fall under the master’s of science category of master’s degrees, as opposed to a master’s of arts. A master’s of science degree generally tends to be suited towards more technical and scientific disciplines, this includes things like engineering, computer science, and mathematics; whereas, a Master’s of Arts is usually the next step after a Bachelor’s of Arts degree and geared towards more of the humanities disciplines like politics, history, and languages.

Given the scientific and technical nature of a master’s of science degree, the program makeup can often be expected to be more research based, through a combination of research/lab work and traditional course style work is not uncommon. Therefore, when it comes to scoping out a master’s degree in cyber security that is worth it, look for programs with plenty of hands on projects and labs that are sure to give you a chance to indulge in practical skills.

Another thing that you should be aware of when scoping out a master’s degree in cyber security is that, well, you might often find there isn’t one! Don’t panic! What we mean is that a master’s degree in cyber security is often hiding under the umbrella of more general information technology or computer science degrees. Keep in mind, cyber security is still a fairly new field, as such, many universities are only just now starting to dedicate and title entire programs after it. There are quite a few focused master’s degree programs in cyber security that are worth it out there, but don’t be afraid to scope out some computer science and information technology programs as well to see if they offer cyber security as a specialization within the broader program.

What you will learn while obtaining your masters in cyber security

So what are the specific things you might be diving into as a graduate student in cyber security? Well, you’ll find the individual objectives and topic exposure to vary a bit between programs; however, there are some common and recurring themes you’ll find amongst most programs. On the technical side, students pursuing their master’s degree in cyber security will have a chance to dive deeper into how digital threats are created and function than they were able to in their bachelor’s degree. For instance, you might get to look at how a malware program operates, infects a system, and then how such a system can expect to recover afterwards.

You might also be able to get your feet wet in digital forensics. Imagine your stereotypical crime scene investigator looking at fingerprints, hearing testimonies, and searching histories to find out who was at the scene of a crime and what might motivate a criminal. Now, throw all of that into a computer. As a graduate student in cyber security, you’ll get to learn the ins and outs of examining evidence left in computers and digital media to solve problems, investigate attacks, and nail down hackers.

In addition to forensics, you’ll also likely get a chance to learn about network defense. Network defense, or network security, essentially means learning how to utilize activities and tools that ensure the people who are supposed to be using an organization’s software, network, and data are able to do so securely, while unwanted intruders are kept out. This includes things like beefing up antivirus defenses, protecting from data loss, securing applications, and more.

These are just some of the realms of knowledge you’ll get exposed to with a master’s degree in cyber security. Other possibilities include, but are far from limited, to ethical hacking, intrusion detection, cloud security, and cyber intelligence.

What About Cyber Security Skills?

While the above mentioned components encompass some of the overall academics you’ll be diving into during your two or more years as a graduate student in cyber security, those aren’t the specific skill sets you’ll be acquiring. After all, we don’t just take classes to stuff our heads full of knowledge, no, we have an expectation that this acquired knowledge will translate into practical skills. So what are these skills that will accompany you as you walk the stage and graduate with a master’s degree in computer science?

One skill you’ll learn as a cyber security graduate student is management. Not just any type of management, but “day zero” management. Think about it for a minute: you’re working for a high end oil company as their senior cyber security director, when all of a sudden their systems come under a huge cyber-attack from another party trying to steal their customer data. You’re the one they come to for protocol and how to technically respond and manage the attack. There can be lots of moving parts in that process, and you’ll learn how to manage those parts should you get a master’s degree in cyber security.

Another skill set you could find yourself learning as a graduate student is how to deploy technologies aimed at preventing attacks and securing systems. This could include everything from firewalls, intrusion detection systems, VPNs, and a whole host of other preventative technologies.

Check it Out: Raising an Internet Safety-Savvy Kid in the Digital Age

In relation to learning how to deploy preventative technologies, you’ll also get to learn how to manage them, keep them updated, and test them to ensure their up to speed and ready for everything. Specifically, you’ll probably learn how to do Pen Tests, or penetration testing. This is essentially designing a simulated attack on a system to reveal where vulnerabilities might be and how to address them!

These are just some of the skills you might expect to walk across the stage with after receiving your master’s degree in cyber security. Obviously, some programs might address some of these skill sets with a little more fervor than other, so it helps to have a general idea of practical things you’d like to be able to do and learn when choosing between programs. Remember like we said, the more hands on practice and application you can find, the better!

Cyber Security Credentials?

Another perk to getting your master’s degree in cyber security that helps make it even more worth it is the addition of some pretty stellar credentials that look good on almost any resume. At the end of the day, it is your practical skills that will make a difference in your ability to contribute and lead within the field; however, a fancy credential or two can also be a good boost to getting your foot in the door or catching a few eyes.

For instance, many of the universities and colleges offering a master’s degree in cyber security are able to offer their programs to a certain standard of quality that places them among the National Centers of Academic Excellence in Cyber Defense as recognized by the NSA (National Security Agency) and Department of Homeland Security. Ensuring you get your degree from one of the programs that fall under this specification is sure to add some extra pizzazz to your credentials.

Outside of gaining the prestige of NSA and Homeland Security recognized programs, there are also many additional certifications you can earn while working towards your master’s degree in cyber security. For instance, if you did your master’s degree in cyber security at Carnegie Mellon, you could earn a certificate in cyber ops along the way. Likewise, at Champlain College in Vermont you can gain certificates in things like Digital Investigations or Linux Administration.

The certificates you can add while pursuing your master’s degree vary according to the program, so if there’s one specific one you’re looking for to add, that could be a deciding factor of where you choose to enroll.

Curriculum and Structure of a Cyber Security Masters

Another thing you’ll want to keep in mind when deciding if a master’s degree in cyber security is worth it, or trying to choose between different programs, is the curriculum and structure a university or program uses to educate you. Curriculum and structure basically serve as the bridge a university uses to take their valuable information and transport it into your brain and add to your skill set, so at the end of the day you want a quality bridge!

Most programs out there will have a curriculum that revolves around some core foundational courses they expect all students to take, and then a series of electives or specializations that students can choose to pursue afterwards. In addition to this, you can expect to find the courses to vary in terms of format, for instance some policy courses might be more lecture based, while other technical courses could be more lab oriented. A lot of programs might also feature a capstone course that revolves around working alone, or with other students, to complete a strenuous project that showcases your skills.

Something else to be on the lookout for that distinguishes a quality master’s degree in cyber security that is worth it is an interdisciplinary curriculum. Believe it or not, cyber security revolves around far more than what just goes on behind a keyboard. As such, you want to find curriculums that engage with fields of law, politics, and management as well. After all, you’re pursuing a master’s degree, so the goal isn’t just to “do” cyber security, but lead and make meaningful contributions in the field as well. As an example, the MSSI program at John Hopkins requires students to take its core courses, but also intersperses policy, health, and management courses throughout the required curriculum as well.

In terms of program structure, most high-quality programs tend to follow more or less the same structure while varying on the specifics within it. For starters, you’ll find that both in-person and online master’s degrees in cyber security are available. Given the technical nature of the degree and its focus on technology, cyber security degrees can be earned online and still maintain high quality.

In general, whether online or in person a master’s degree in cyber security that is worth it will require some 30 credit hours, which translates to about 10 courses. Upon enrolling, you’ll probably be knocking out your core courses first. This will usually be the category a majority of your courses fall under and include topics all cyber security students should be familiar with like Internet Security, Principles of Operating Systems, Human Factors in Information Security, and more. After these core courses, you’ll likely have the option to delve into specific electives tailored towards your specialization. In addition to specializations, many programs will also require that you indulge in some non-technical electives. These expose you to the other fields related to cyber security that we mentioned earlier, classes like law, health, and management that are sure to rear their head as you work in the field of cyber security.

Candidate Self-evaluation

Now that we’ve got a good grasp of what all goes into the academic makeup of a master’s degree in cyber security, we need to look at the stock you, a potential student pursuing a degree in cyber security, might be expected to have.

The exciting thing about higher education, and especially master’s degrees, is that they attract a wide range of students from all walks of life and motivations for pursuing more education. However, given the technical skill and relatively new emergence that lies at the foundation of cyber security, its student make up is a rather special breed. Here, we’ll take a look at some of the motivations, academic backgrounds, and skills graduate students and cyber security are after to help you better get an idea if you are the correct type of student to be going after a master’s degree in cyber security.

For starters, we have to say off the get go that a master’s degree in cyber security isn’t for just anyone. Granted, with the amount of programs out there you may be able to find some that will take anyone regardless of background, but a master’s degree in cyber security that is worth it usually comes with some prerequisites and requirements.

It goes without saying, the first thing expected of a graduate student getting a master’s degree in cyber security is a bachelor’s degree. The good news is, this bachelor’s degree doesn’t have to be in something tech related, but it could certainly help and smooth out some of the other requirements. We say this because many master’s programs expect you to have some sort of background or familiarity with computer software and networking. The exact extent of this qualification varies according to program, so that’ll be a specific you’ll want to look into if you doubt your background.

The good news is, some programs may offer foundational courses to make up for any lack of experience you have and get you up to speed, but the more you have prior to enrolling the more time you can save. You’ll also find that some, though not all, programs ask that you have some work experience, preferably in a technical field, prior to enrolling.

In general, your master’s degree in cyber security student is hungry. No, not tacos at 12am hungry, but let’s get out there into a new field and make a difference hungry. The thought of battling cyber attacks thrill them. They likely come from past experiences in the IT or computer science field, and are wanting to make a jump into a new developing field like cyber security to advance their career and learn a few things along the way.

As such, students in a master’s program in cyber security are looking to add valuable new skills to their repertoire. They want to learn how to test and improve systems against cyber-attacks, they want to learn how to manage tough situations where a company’s data and security is on the line, and they may even be wanting to learn all this to serve their country’s cyber security needs through a program like the CyberCorps.

Like we said, people who pursue a master’s degree in cyber security that is worth it are doing so to advance their careers. They’re itching for the next step and new college. Many are looking to advance into high-level jobs in either the private or public sector and want to use their cyber security skills to manage security and databases for everything from hospitals, to local businesses, and government offices. The good news is, a lot of this comes with a nice, boosted master’s in cyber security salary.

Cyber Security Career Paths for Grads

All of that leads us to our next realm of interest: what exactly can we do with our shiny new master’s degree in cyber security? The answer: tons! Here’s a quick overview of some of the more in demand cyber security related jobs, how many openings there are (as listed by, and where these jobs generally tend to be located.

Information Security

Information security jobs are usually listed as roles such as Information Security Engineer or Security Specialist. These people are the ones setting up systems and infrastructure to backup organizations’ data and test it against threats. Our initial search provided some 200,000 listings for Information Security positions, with the top three cities for these jobs being Washington DC, Chicago, and New York.


Our search for Information Security Analysts produced over 20,000 listings centered around Washington DC, New York City, and Arlington, Virginia. Security analysts usually function as a member of a cyber security team, and a great deal of their work involves analyzing cybersecurity event data to better detect, protect against, and correct cyber-attacks.


The role of a Cyber Security Manager may be a little more prestigious and hard to come by, as our search only listed 9,700 openings, also in Washington DC, New York, and Arlington, Virginia. The Cyber Security Manager usually leads the cyber security team and is to go to contact in the event of cyber-attack as well as implementing preventative measures.

Investigator/Forensic Expert

Digital Forensics jobs aren’t highly listed at the get go, our initial search only returned roughly 1,500 results, but they are nonetheless a valuable asset to cyber security teams. They’re often listed under titles like Digital Forensics Engineer or Technician, and these jobs tend to be located around Washington DC, New York, and Linthicum, Maryland. A forensics investigator gets to analyze the most recent cyber incidents, look for patterns, and help the team prepare against future attacks. They also generally get to analyze and stay up to date on the latest software, storage systems, and other technology.

Chief Information Security Officer (CISO)

Our search for Chief Information Security Officer listed around 3,600 findings, mostly in New York, Washington DC, and Dallas. A Chief Information Security Officer is usually one of the heads of command in terms of cyber security and is responsible for establishing and maintaining information security programs to protect company and organization assets.

Penetration Tester

There were 500 listings returned for penetration testers and were located mostly around Washington DC, New York, and Arlington, Virginia. The Penetration Tester plays a pivotal role in designing safe cyber assaults to detect weaknesses in security systems and address them accordingly.

Network Security

Network security jobs can be listed under a variety names like general Cyber Security Engineer, Network Administrator, or IT Security Specialist. There are currently close to 73,000 jobs listed for Network Security mostly in Washington DC, New York, and Seattle. Network Security jobs can vary in terms of responsibilities, but they generally help set up company networks and help maintain their security as well.


A cyber security architect does many of the same things we’ve previously mentioned for security engineers and network security, but with a bit more emphasis on designing security programs from the ground up or helping a company migrate to new cyber security systems. There are currently around 10,700 cyber architect related jobs listed with concentrations in New York, Washington DC, and Arlington.


Government jobs in cyber security range from working in the CIA, military, law making, and virtually any other governmental office. The good news is the government needs basically any type of cyber security professional, be it an architect or threat analyst. Obviously, the largest concentration of the 13,000 government cyber security jobs listed are in Washington DC, with Arlington and Springfield, Virginia also ranking high in the listings.

Risk Management and Compliance

Risk management and compliance roles within the cyber security sector usually take the form of consultants and risk assessors. Our search returned almost 8,000 listings concentrated in Washington DC, New York, and Arlington. A risk management or compliance member of a cyber security team uses their knowledge of cyber security to help a company assess threats and prepare accordingly.

IT Auditing

IT Auditors are a real in demand role at the moment, with over 50,000 listings returned mostly around New York, Chicago, and San Francisco. IT Auditors do a lot of similar tasks as risk management, and essentially get to investigate IT departments from the inside out in order to provide consultation and assessment on how to better structure and secure their systems.

Cyber Security Teacher

Finally, as the field of cyber security grows, there’s bound to be a demand for teaching cyber security. This could be in a super formal setting, like university classes, or maybe even a mentor like role on an already existing cyber security team. There are thousands of listings for teaching jobs at multiple capacities in and around Philadelphia, New York, and Washington DC.

Cyber Security Masters Salaries...Let’s Talk Numbers

Now that we have some of the specific roles and job titles you could occupy as a new graduate with a master’s degree in cyber security, we have to talk about one of the most important aspects of the gig: salary. We already said pursuing higher education in cyber security is an investment, so what’s the pay out?

Well, before we look at master’s degree in cyber security salaries, let’s first look at an overall cost of the programs. The exact costs of programs will have some variation depending on if you go a full-time or part-time route, as well as whether or not you’re paying in or out of state tuition. For the most part, our prices listed here are assuming full-time pursuit and in-state tuition.

With that being said, there are a range of prices. For instance, should you opt for a prestigious program out of a place like Carnegie Mellon, tuition comes in at about $46,000 a year (excluding fees and textbooks), while tuition for an online program at Champlain College comes in just below $24,000 a year. This means, depending on the program, a master’s degree in cyber security could set you back $50,000-$100,000 a year. Now, keep in mind your program will likely take at least two years to complete.

Take a deep breath, because when we examine cyber security degree salaries, the picture gets better. For starters, the demand for the field is growing, and when you combine that with the fact that the median annual salary for, say, a Cybersecurity Analyst is $88,590 the total outlook isn’t too bad. Obviously, as your experience in the field grows, or even if you graduate with your master’s and already have substantial experience in the IT field, you would expect to make upwards of $117,000 a year as a senior cyber security engineer!

So, is a master’s degree in cyber security worth it? It’s ultimately up to you to decide that. In monetary terms, it’s at least a $100,000 investment that could return over $100,000 a year as your career progresses. It will add an incredible amount of in demand skills, experience, and expertise to your repertoire, and you’ll be able to engage the information technology field in new and exciting ways. Regardless of where you now stand on your evaluation of a master’s degree in cyber security, best of luck on your journey!

Sources: Glassdoor Job Search | Find the job that fits your life. (n.d.). Retrieved March 08, 2018, from

Careers in Cybersecurity. (2017, August 04). Retrieved March 08, 2018, from

Information Security Institute. (n.d.). Retrieved March 08, 2018, from

Job Search | Indeed. (n.d.). Retrieved March 08, 2018, from

Master of Science. (2018, February 28). Retrieved March 08, 2018, from

National Centers of Academic Excellencein Cyber Defense. (n.d.). Retrieved March 08, 2018, from

Ransomware. (2018, March 05). Retrieved March 08, 2018, from

Nedda Gilbert

Ms. Gilbert is a certified social worker and 30 year educational consultant with an interest in helping college-bound and graduate school students manage the process and stress of admissions effectively. She is one of the senior founding managers of the Princeton Review Test Preparation Company, and the author of The Princeton Review Guide to the Best Business Schools and another book, Business School Essays that Made a Difference (Random House). She is a guest contributor to Forbes Magazine on college and college life. Ms. Gilbert is also certified as a collaborative family law professional in New Jersey. She received her BA from the University of Pennsylvania and MS from Columbia University.