Bocconi University and Politecnico di Milano have assembled a dynamic and multi-disciplinary community of researchers, experts and professors who study, analyze and apply strategies, governance and assessment tools of cyber risk. The challenging study program they have devised addresses the key cyber-related matters faced by all types of organizations, every day.
The Master of Science in Cyber Risk Strategy and Governance gives students the tools required to understand, assess and govern the opportunities and threats of the existing and emerging technologies used in our society. As innovative technologies are adopted, new issues arise, so students learn to look ahead, evaluate and communicate threats before they unfold.
These prospective professionals will thus be in a position to make a major contribution to intercepting cyber risks and preventing negative impact on the performance of organizations, both private and public.
The program is highly interdisciplinary, by necessity, considering that computer technology increasingly affects almost every facet of modern life. It combines technical elements of computer science and analytical methods with a range of topics in the social sciences: management, economics, finance law, social engineering, ethics, and behavioral skills.
Applicants should ideally have multidisciplinary backgrounds. Whether their undergraduate degree is in computer science, engineering, management or economics, it is useful to have studied a broad range of subjects and, of course, to have an interest in the prevention of and response to cyber risks.
In particular, the program aims at:
- providing solid preparation in the areas of the cyber risk assessment to identify potential vulnerability challenges that might affect the functioning and performance of any organization
- offering multi-faceted preparation with specialized skills to tackle cyber risks from multiple and unusual perspectives
- developing a profile blending in-depth knowledge of technical cyber issues with competencies in the social sciences that enable relations with all levels of any organization, in order to influence strategic decisions and implementation of actions to mitigate cyber risks.
This MSc program is built to prepare students to enter the job market in firms, financial institutions, other institutions in public/private sectors as well as consulting companies, with two main profiles: asCyber Risk Managers graduates will support tasks related to cyber risk management at an organizational level in order to govern the enterprise risk by designing and implementing ad hoc strategies.
As Data Protection and Security Managersgraduates will support tasks related to data protection, privacy management and compliance in order to govern risks on data. This job profile is explicitly required by data protection regulations in Europe as well as around the world.
Applicants to MSc in Cyber Risk Strategy and Governance are required to complete a specific application.
FirstSemester– at Politecnico di Milano
Prep courses in Computer Science, Management and Economics, Statistics
Seminar: Introduction to cyber risk (@Bocconi)
4 compulsory courses (@Polimi)
- Software methodologies and architectures for security – module 1 (Enterprise ICT architecture) and module 2 (Software engineering methodologies for security)
- Cybersecurity technologies, procedures and policies
- Artificial intelligence for security
- Technology governance
The aim of this semester is to strengthen competencies in the fields of computer science to set the base for a solid professional development in cyber risks
Second Semester – at Bocconi
Seminar: Social engineering (@Polimi)
4 compulsory courses (@Bocconi)
- Strategy and governance for cyber risk
- Cyber risk and data protection law
- Methods and data analytics for risk assessment
- Institutional scenarios of cyber risk
The scope of this semester is to enhance the tool kit needed to frame cyber security issues, set the appropriate strategies and govern their complexity in organizational environments.
- Ethical aspects of security and privacy (@ PoliMI)
- Soft skills (@Bocconi)
4 electives to be chosen among a selected group of courses held by both Bocconi (in 1st semester) and Politecnico (in 2nd semester) in the following topics:
- Data protection
- Business and cyber intelligence
- Blockchain and crypto assets
- Machine learning in cyber risks
- Computer forensics
- Fintech models
This MSc program is built to prepare students to enter the job market in firms, financial institutions, other institutions in public/private sectors as well as consulting companies, with two main profiles:
Cyber risk manager
As Cyber Risk Managers graduates will support tasks related to cyber risk management at organizational level in order to govern the enterprise risk by designing and implementing ad hoc strategies.
In particular, they will be prepared to:
- Identify cyber risks in complex organizations
- Provide advisory services to increase awareness within organizations to both IT and non IT professionals
- Support the design and maintenance of the organization’s processes and information systems
- Contribute to setting the cyber policies of an organization to reduce the risk of vulnerability
- Perform forensic analysis of information systems and data to identify cyber crimes or frauds and their origin
- Lead data incident responses and data breach notification procedures at enterprise level.
Data protection and security manager
Data protection and security managers graduates will support tasks related to data protection, privacy management and compliance in order to govern risks on data. They deal with any data protection matters, issues and incidents and play a key role in fostering a data protection culture within the organization, designing and implementing essential elements of data protection regulations. This job profile is explicitly required by data protection regulations in Europe as well as around the world.
In particular, graduates will:
- Design, advice, manage and maintain procedures’ compliance with data protection laws and policies
- Conduct data protection and security assessments and develop and execute relevant project plans
- Manage an awareness-raising program to promote a data privacy and security culture
- Lead data incident responses and data breach notification procedures relative to data and privacy issues
- Be the contact point for and cooperate with the relevant Data Protection Authorities when subjects exercise their individual data rights as well as supervise and advise on the response to such requests.
Program taught in: