Want to Learn More?

Learn More


A structured curriculum with a slate of courses prepares you to work in a fast-growing field. Our courses teach you how to thrive in the field of cybersecurity and data privacy. Furthermore, there are an increasing number and sophistication of cyber attacks on private and public organizations. Also, combined with a growing and complex array of data security and privacy regulations at the state, national, and international levels. This has made data security and privacy protection one of the fastest-growing career areas. This is what our curriculum is centered and focused on.


Our MLS courses are built with asynchronous and synchronous components. 

  • Asynchronous components consist of readings, pre-recorded lectures, discussion threads, quizzes, written assessments, and other activities. Asynchronous components allow you to complete these components at your convenience.
  • Synchronous components are online, live classes where you engage with faculty and students in real-time, and have the opportunity to get to know faculty and other students in the program. Each course consists of four to six live classes per term (with the possibility for a slight variance in each class). These live sessions are also recorded, allowing you to “attend” a session at a later date, at your convenience.
  • You take courses consecutively through the Fall, and Spring semesters until you complete a total of ten courses over five semesters.



The curriculum in this course is designed to introduce students in the MLS program to the United States legal system and distinctive aspects of U.S. law. Students will explore the interrelationship between state and federal law, as well as the various sources of law, including constitutions, common law, statutes, and treaties. (3 credits)


Business firms, universities, government entities, and hospitals are subjected to constant automated efforts to achieve electronic theft of records pertaining to their customers, students, and patients, with hundreds of millions of such records falling into the hands of criminal syndicates each year. This cutting edge course focuses on the civil law that imposes significant regulatory duties on these entities to protect this vital personal and financial information from unauthorized access.

When firms fail to protect this data, their customers often find their identities stolen, their bank accounts drained and liabilities created that they are charged to pay. The firms themselves (such as Target) may face huge losses and fines, and some—including law firms—have been forced to terminate operations. This course will prepare students for expansive new career opportunities available to those with expertise in data protection law, which include many in-house positions that direct corporate compliance strategies for achieving compliance with privacy and security regulation.

No technical background is required; the course will include an introduction to cybersecurity and information systems as well as exploring data privacy issues and the risk assessment methods that regulatory agencies and courts are demanding of business entities as basic due diligence. (3 credits)


This is a practical course with instructional components directed at writing, research, and advocacy skills. Students will concentrate on writing and case analysis and will be introduced to basic bibliographic materials and research techniques. Legal research and writing exercises are designed to introduce basic legal writing forms. (3 credits)


The curriculum in this course provides an in-depth examination of methods for protecting assets stored in electronic information systems, in transit over digital networks (e.g., the Internet, Ethernet), and in cyber-physical assets (such as autonomous vehicles and electric turbines). It covers a broad range of security management topics, including relative security of digital communications options (such as email, text, fax, VPN, and web portals as well as Bring Your Own Device vulnerabilities); corporate managerial reporting structures that promote or retard effective security management; contractual terms and management of third-party technical service and products suppliers, such as for cloud computing and security monitoring; procurement and endpoint security management strategies; and special security problems posed by the millions of insecure devices categorized as the “Internet of Things” (IoT).

Latter weeks examine the threat landscape and particular security regulatory requirements that have been imposed on major business sectors, including financial (banking and insurance), energy, and health care. Guest security and legal experts from each sector discuss their threat landscape, regulatory environment, and major security management, risk, and liability issues. For those considering a career in cybersecurity, cyber risk management, or privacy protection areas, the course functions as a foundational prerequisite for advanced coursework and externships in the field. (3 credits)


The curriculum in this course is designed to provide an introduction to the ways in which organizations struggle to comply with regulations and laws and manage the risks associated with a wide variety of business activities. Students will gain an understanding of the importance and role of corporate compliance programs and the fundamental components of an effective compliance plan. Students will also learn how to assess compliance programs for effectiveness from a regulatory perspective. (3 credits)


This course will focus on the laws pertaining to confidentiality and disclosure relative to patient medical documents and information. Most of the course will be based on the Health Insurance Portability and Accountability Act (HIPAA), but state laws that govern medical information privacy will also be examined as will relevant administrative regulations and processes. (3 credits)


The curriculum in this course examines the legal, policy, and operational management issues related to individual privacy and data protection. Primarily focusing on U.S. law, it includes as a contrast an in-depth exposure to the new EU General Data Protection Regulation that imposes a much more robust privacy regulatory regime. The EU’s privacy regime exerts significant influence on foreign governments and multinational business organizations. We not only examine the privacy protections provided by U.S. statutory law and regulations (less attention is accorded to constitutional and tort law), but also study the ways technology can be used to protect individual and corporate privacy.

The course will accentuate technology-related privacy concerns and risk mitigation strategies in such areas as mobile phones; behavioral advertising (including tools to prevent targeted advertising and online tracking); social networks and online services (including dating and genealogy sites); encrypted communication systems; medical “big data”; commercial drones; facial recognition and other biometrics; and geographic locational tracking. The course coverage enables students to take the exam to earn the initial certification as a Privacy Professional (CIPP/US). (3 credits)


This course is designed to discuss advanced issues in corporate compliance, including data security, work-place investigations, international compliance issues, and enforcement issues and trends. Students will gain an understanding of the complex regulatory and financial environments that impact corporate compliance programs and enterprise risk management. Students will also learn how to assess complex compliance risks and identify solutions. (3 credits)


This course considers the interaction between networked information systems and security-related law. We will examine substantive areas of the law which bear directly on information technology (particularly, e.g., criminal law, criminal procedure, national security law, and international law), as well as ways in which information technology is itself shaping and transforming the security and privacy landscape. (3 credits)


This course teaches hands-on ethical hacking skills to advanced students in the Cybersecurity and Data Privacy Program who have completed Cybersecurity I and II. The purpose of this course is to provide students with the technical security skills needed to make informed, risk-based decisions in an operational context. This hands-on, lab-based course aligns with the Certified Ethical Hacker (CEH) certification with additional labs focused on malware analysis in virtual environments. (3 credits)

Furthermore, for more information on our programs visit our Frequently Asked Questions page.

Also, to apply for the online MLS, visit our online application system.

If you have any questions during the application process, please contact an Admissions Advisor at (216) 687-2528 or