Cyber security is coming to the MBA classroom. As a virtual war wages between the corporate world and cyber criminals, business schools have spotted a new market in the gap between technology and management.
Another tranche of schools have launched specialist cyber security MBA and master’s programs.
Coventry University Business School in the UK is developing a National MBA in Cyber Security to combat the growing threat to information security, and to help bridge the skills gap in cyber risk management and executive leadership.
The program will launch in January 2015. It will explore the financial, legal and reputational risks of cyber threats, and the latest methods for protecting intellectual property, commercial secrets and critical business assets.
The MBA program has been backed by Sir Kevin Tebbit, former director of GCHQ, Britain’s spy agency.
Sir Kevin said: “The protection of national and corporate interests requires leaders to have a good knowledge of managing cyber risk and how this impacts on the running of an organisation.”
He added that Coventry’s MBA is a welcome innovation to aid the “daily fight against cybercrime”.
Coventry follows early movers including the Sellinger School of Business and Keller Graduate School of Management in the US.
Coventry’s program is being designed by cyber security experts and industry advisors, as well as faculty from the university’s business and computing departments. Its specializations will include data analytics and kinetic penetration testing.
The program, which will cost £10,500, will take 18 months to two years to complete. There is a flexible option to spread content over a longer period, up to six years.
Mike Loginov, chief cyber strategist at Hewlett Packard Enterprise Security, said MBA programs in cyber security are needed to bridge the gap between technologists and executive boards.
“Managing cyber risk is fast becoming an essential leadership skill and this innovation by Coventry University is both timely and necessary to combat the growing online threat from cyber criminals and large scale industrial espionage,” he added.
The growing interest in data and cyber security has gained a new focus because of recent high-profile attacks.
Large companies have been targeted. These include media group Sony, US retailers Target and Home Depot, and banks including JPMorgan.
Cybercrime is up 14% on last year overall, according to a report from Cisco, the networking equipment company.
The UK government estimates that cybercrime costs the economy £27 billion a year.
Dr Donald Finlay from Coventry University’s faculty of business said that the business school’s aim was to enhance understanding of what has become a crucial aspect of modern business management.
“With increased numbers of home working professionals, the development of more sophisticated personal devices and the emergence of complex data legal issues, concerns over cyber security are increasing,” he added.
Other business schools have launched similar programs. The Fox School of Business in the US runs an MS in Information Technology Auditing and Cyber Security. The program is designed to prepare graduates for roles in IT risk, assurance and cyber security at accounting firms and consultancies.
The George Washington University School of Business runs a specialized World Executive MBA with a cybersecurity specialization. Candidates can get the chance to work on cybersecurity projects with organizations such as NATO in Brussels or the European Cybercrime Centre at the Hague.
Elsewhere in the US, Georgia Tech has a certificate program in cybersecurity, and George Mason University offers an MS in Management of Secure Information Systems.
Carnegie Mellon runs one of the US’ largest cybersecurity research and education centres.
It recently won an award sponsored by the National Security Agency and the Department of Homeland Security for its cyber defence education.
Dena Haritos Tsamitis, director, said that the school’s programs help to prepare the next generation of “cyber defenders”.
But many businesses lack the management commitment to ensure that information is secure, according to Richard Skipsey, a product manager at business services group SGS UK.
A recent SGS survey found that 78% of large organisations were attacked by an unauthorised outsider within the past year.
“Effective information security must be championed, funded and managed at board level,” said Richard. “It needs to be implemented as part of an overall business strategy, not in isolation.”