Cybersecurity Education Program

CYBS 503-01 Cybersecurity Policy

A cybersecurity policy course that uses laws and standards
to guide organizational policy development to secure
information technology resources, without needlessly
limiting technical responses, and analyzes both the
outcomes of and processes for establishing those laws and
standards.

Instructor: Dr. Thomas Harper 

CYBS 504 Psychology of Cybersecurity

A psychology of cybersecurity course that addresses
psychology issues from how humans respond to
instructions and policies and to how differently hackers and
defenders think. 

Instructors: Dr. Lorie Liebrock is the Director of the New Mexico Cybersecurity Center of Excellence (NMCCoE) and a Professor of Computer Science and Engineering. Dr. Mark Samuels is a Professor of Psychology.

CYBS 509 Cybersecurity Risk Analysis and Management

This course covers cybersecurity risk analysis and management for information systems. Topics include: threat modeling and analysis; quantitative and qualitative risk assessment; vulnerabilities, threats, witted adversaries, exploits, and mitigations; asset and inventory management; impact analysis, business continuity planning, and disaster recovery planning. 

Emphasis is placed in risk management analysis and its implications on IT infrastructures and compliance. Students will demonstrate effective application of the three pillars of confidentiality, integrity, and availability using threat modeling, risk assessment and mitigation as a basis for cybersecurity risk management planning in various simulated or real environments.

Instructor: Dr. Erick Aguilar has Doctorate, Masters, and Bachelors degrees in Business Administration, Management and Organizational Leadership, Computer Information Systems, Cybersecurity, and History.

Note: this course is taught via cross enrollment at New Mexico Highlands University. To enroll contact the NMCCoE for the cross enrollment form. 

CYBS 515 Reverse Engineering Malware 

Introduction to software reverse engineering of malicious
software. Quick triage, static and dynamic analysis, string
analysis, and deobfuscation analysis techniques. Intel x86
assembly, covering both 32 and 64-bit, Windows and
Linux OS internals, will be discussed. Safe detonation
using Cuckoo Sandbox, automated unpacking techniques.
Detailed analysis and investigation of nation-state
malware. Ghidra, FLARE VM, and other tools will be
discussed.  

Instructor: Dr. Danny Quist

CYBS 554 Computer Network Security

This course will explore each layer of the internet
protocol stack, focusing on security deficiencies, and
remedies to those security deficiencies, and will involve
extensive lab exercises using the DeterLab shared testbed
(accessed via the Internet to enable distance education
participants). It will study computer network security
architecture and security mechanisms to protect against
sophisticated adversarial attacks. This course reviews
cryptographic primitives that underlie most network
security mechanisms, then applies this understanding to
network services proving authentication for data and
transaction integrity and availability, and encryption for
confidentiality. It also covers the integration of security
services into network applications and utilities including
secure mail, secure web services, secure wireless, and
investigates system security issues such as for firewalls
and intrusion detections systems. 

Instructor: Dr. Jizhou Tong

CYBS 557 Hardware-Based Network Security 

This course will cover networking protocols,
cryptography, and network security from the hardware
implementation perspective. Topics include security of
ND, NAT, IPSEC and other specialized IPv6 protocols in
support of IoT functionality. The focus will be on
implementation of security policy enforcement
mechanisms in IPv6 network protocols in a Field
Programmable Gate Array (FPGA) platform to protect an
IoT application against sophisticated adversaries. Lab
exercises using a FPGA platform will enable
investigation of hardware-based security technologies
such as the use of Physically Unclonable Functions that
are not otherwise accessible from software.

Instructor: Lyndon Pierson,  a Hardware/Software Security Design Engineer and Sandia National Laboratories Senior Scientist Emeritus, has over 35 years' experience in research and development of improvements to high speed secure communications, network security, and information assurance.   Recently, as a Fellow of the University of Southern California Information Assurance Program, and as a lecturer at USC, he co-developed and taught major portions of a nine-course Masters of Cyber Security Engineering degree curriculum.  Lyndon’s current interests include researching the basic science, first principle elements that should underlie our future cyber security designs, and applying and teaching these elements for the design of more secure systems.

CYBS 564 Secure Systems Administration

This course is primarily a Laboratory based course. The
intention of the course is to give the students an
experience of administering an IT system for a
hypothetical business with the IT system experiencing
increasingly aggressively sophisticated cyber-attacks.
They are expected to build a
business plan for the hypothetical business, a policybased IT protection plan that they then implement on the
host machines and networks in the laboratory.
Simultaneously the adversary builds an exploitation plan
that attempts to defeat the business's IT protection
implementation and is able to achieve his/her exploitation
objectives. The adversary has access to any/all exploit
technology available, but there is a moderating factor of
cost associated with the
exploitation technology. The defenders have access to
protection technology, but again there is a mitigating cost
factor associated with the protection technology. The
objective of the class is to experience and learn the
capabilities an effectiveness of both defensive and
exploitative technology with an appreciation of the need
for policy and planning that directs, supports, and
constrains the actions of both sets of actors. This course
is not offered via Distance Education

Instructors: A. Spencer Wilcox is the Chief Security Officer and Executive Director of Technology for PNM Resources - a mid-sized invstor owned energy holding company. 

Dr. Blaine Burnham worked more than a decade with the National Security Agency (NSA), serving as division chief of the Infosec Research Council. While at NSA Dr. Burnham established, promoted and sustained the Information Security Research Council for the Department of Defense as well as the intelligence community as a whole. He also achieved an operational prototype of a trusted client/server operation system; created and developed the Product Security Profile (PSP); and directed the Infosec Criteria and Guidelines organization that published half of the guideline documents, the Rainbow Series, and crafted the Federal Criteria.  Dr. Burnham also did stints on the technical staffs of the Los Alamos National Laboratory and Sandia National Laboratory developing tools and techniques for achieving higher levels of information security. Immediately prior to joining University of Nebraska Omaha's faculty he was director of the Georgia Tech Information Security Center. After spending time with University of Southern California, Dr. Burnham joined the team at NMT to strengthen our cybersecurity offerings. Dr. Burnham earned his Ph.D. in Mathematics from Arizona State University.

CYBS 502-01 Cybersecurity Ethics and Law

A cybersecurity ethics and law course in which students learn standards of professional, ethical behavior in cybersecurity fields by examining case studies, ethical questions, and legal debates from the history of computing and cybersecurity.

Instructor: Nicholas M. Kelly is an Assistant Professor in the Department of Communication, Liberal Arts, and Social Sciences. He studies the intersections of media, technology, and culture. His current research focuses on depictions of computer hackers in popular culture and the influence of science fiction on the history of computing technologies. He is also a founder of and software developer for the Program Era Project, a Digital Humanities initiative working to build an online database of information on creative writing programs, their affiliated authors, and text-mined features of those authors’ works. Dr. Kelly earned his PhD at University of Iowa.

Instructors: Christopher J. ChoGlueck is an Assistant Professor of Ethics at New Mexico Tech. He teaches practical philosophy courses, including Ethics of Computing and Information Technologies (CSE/IT/PHIL 382). He specializes in philosophy of science, biomedical ethics, and feminism. His research and teaching lie at the intersection of science and values, particularly the philosophical issues raised by pharmaceutical drugs. His main line of research explores how values and gender norms shape drug regulation at the US Food and Drug Administration (FDA), involving reproductive health and the labeling of drugs, as well as the consequences for women's health and reproductive justice. He also studies how values influence biomedical research on male birth control. Dr. ChoGlueck earned his PhD at Indiana University.

CYBS 505-01 Data Science for Cyber

Data assembly, exploration, analysis, visualization, and inference. Python libraries such as NumPy, Pandas, and scikit-learn. Students are expected to explore problems related to cybersecurity threats, risks, and incidents that are important for businesses to become safer and less vulnerable to cyberattacks. Students must communicate and present their findings and results. Every student must complete at least one hands-on project. Prior knowledge of probability and statistics at the undergraduate level is assumed. Assumes experience with programming; experience with Python is recommended.

Instructor: Dr. Subhasish Mazumdar is an Associate Professor of Computer Science and Engineering. His research focus is on mobile data managment, document databases, integrating heterogeneous data souces, and information and knowledge systems. Dr. Mazumdar received his doctorate at the University of Massachusetts at Amherst.

CYBS 514-01 Computer Security and Incident Response 

This course covers what computer security incidents are and how to respond to an incident. Computer security incident case studies serve as the backbone of the course allowing students to analyze these case studies and determine how they were handled through process and technical analysis. Topics covered are data sources for incident detection and response, incident data analysis and incident remediation. Analysis areas covered are network event analysis, malware analysis and computer forensics for computer security incidents.  

Instructor: Kelcey Tietjen is a Cyber Security Research and Development Manager.  He is a veteran information security professional with in-depth experience in incident response and digital forensics. He has worked for several Fortune 500 companies consulting on incident response, eDiscovery, application assessments, threat identification and digital forensics capability augmentation. He has lead several computer incident response teams for the US Department of Energy and National Labs. He has led information security operations and engineering for a large global enterprise, which involved building a security operations center, selecting and implementing incident response tools, configuring central log management, enterprise full packet capture and hiring and managing a global CIRT from the ground up. He has a passion for incident response and implementing security in a means to maintain business operations while providing increased visibility and risk mitigation.

CYBS 541-01 Advanced Cryptography

This course provides an overview of modern
cryptographic theory and techniques, mainly focusing on their application into real systems. Topics include number theory, probability and information theory, computation complexity, symmetric and asymmetric cryptosystems, one-way functions, block and stream ciphers, Kerberos authentication systems, public key infrastructure (PKI), secure socket layer/transport layer security (SSL/TLS), and cryptographic protocols/applications in many real systems.

Instructor: Dongwan Shin is a Professor of Computer Science and Engineering. His research areas include computer security and privacy, softwarte engineering, cybersecurity, system security, usable security, and software engineering/security. Dr. Shin earned his PhD from University of North Carolina at Charolette.

CYBS 561-01 Foundations of Cybersecurity

This course will explore the ideas, literature, and worked examples that established the foundations of information security. The course introduces the concept of the Information Domain as the fundamental primitive that is the axis for introducing the policy requirements of Confidentially, Integrity and Availability that motivate the need for Information Security. The concept of the 225 reference monitor is the organizing principle for the course. The examination of foundational literature starts with appears and ideas that first appeared in the mid 1960’s and spans the time of tremendous creativity up through the following four decades. 

Instructor: Dr. Blaine Burnham worked more than a decade with the National Security Agency (NSA), serving as division chief of the Infosec Research Council. While at NSA Dr.
Burnham established, promoted and sustained the Information Security Research Council for the Department of Defense as well as the intelligence community as a whole. He also achieved an operational prototype of a trusted client/server operation system; created and developed the Product Security Profile (PSP); and directed the Infosec Criteria and Guidelines organization that published half of the guideline documents, the Rainbow Series, and crafted the Federal Criteria.  Dr. Burnham also did stints on the technical staffs of the Los Alamos National Laboratory and Sandia National Laboratory developing tools and techniques for achieving higher levels of information security. Immediately prior to joining University of Nebraska Omaha's faculty he was director of the Georgia Tech Information Security Center. After spending time with University of Southern California, Dr. Burnham joined the team at NMT to strengthen our cybersecurity offerings. Dr. Burnham earned his Ph.D. in Mathematics from Arizona State University.

CYBS 589-01 Formal Security Policy Models And Formal Security Methods

Security policy is the definition of what it means to be secure for a system, organization or other entity. Some useful security policies are expressed quite imprecisely and still have value to cybersecurity operations. However, if you express your policy very precisely in terms of information subjects and objects, then you can “prove” some theorems about a system that implements this policy, especially about desired “confidentiality” or "integrity" of data objects, and even some aspects of "availability".  If you construct your security design so as to avoid "undecidability" and "unmanageable complexity", one can use Formal Methods to validate both the design and its implementation.  Formal Methods are a particular kind of mathematically rigorous techniques for the specification, development and verification of software and hardware systems. How do you go from a "Policy" to a "Formal Security Policy Model" using first order logic to develop a "Formal Top Level Specification", then apply "Formal Methods" to prove that a design enforces the desired policy?  Furthermore, how does one validate that an implementation of this design results in the correct functionality (and no other extraneous/malicious functionality)?  This course will explore the history of the application of "Formal Methods" to Cyber Security, examine the "state of the art" in these matters, and as time permits, delve into actual application of these techniques using simplified examples both in class group assignments  and in individual semester projects.  (This course is focused on formal access control policy rather than the more general laws and standards that should guide organizational cybersecurity policy development. While a basic foundation in Information Assurance will be helpful, the more general CYBS 503 “Cybersecurity Policy” is not a prerequisite.)

Instructor:  Lyndon Pierson,  a Hardware/Software Security Design Engineer and Sandia National Laboratories Senior Scientist Emeritus, has over 35 years' experience in research and development of improvements to high speed secure communications, network security, and information assurance.   Recently, as a Fellow of the University of Southern California Information Assurance Program, and as a lecturer at USC, he co-developed and taught major portions of a nine-course Masters of Cyber Security Engineering degree curriculum.  Lyndon’s current interests include researching the basic science, first principle elements that should underlie our future cyber security designs, and applying and teaching these elements for the design of more secure systems.

1.  Graduate Certificate in Cybersecurity. (catalog p. 267)

2.  Ph.D. in Electrical Engineering with Dissertation in Cyber Electronic Systems. (catalog p. 282)

3. Master of Science, Professional Master, and Doctoral degree in Transdisciplinary Cybersecurity (catalog, p. 245)

Addressing many of the greatest challenges to society requires understanding and integration of the methods, theories, techniques, and perspectives of multiple disciplines to develop new approaches to solve complex, real-world challenges. The mission of the Transdisciplinary Cybersecurity graduate programs is to prepare students with a broad understanding of cybersecurity from the foundational documents that have guided the development of the discipline to the ethical, legal, and psychological challenges that cybersecurity professionals face. Students further engage in hands-on cybersecurity risk analysis, data analysis, and policy development. In addition, technical electives provide technical expertise that students will need to solve real-world challenges in cybersecurity. Technical electives and research spans the breath of cybersecurity including access control, cryptography, electronic warfare, forensics, hardware security, network security, reverse engineering, and secure systems engineering.

These programs are designed to:

1. engage students with diverse backgrounds in cutting edge cybersecurity research and prepare them for high demand, high pay cybersecurity careers; and
2. enhance cybersecurity innovation leading to improvement in the cybersecurity stance of the state of New Mexico, the nation, and the world.

If you want to apply to one of the Transdisciplinary Cybersecurity or Cybersecurity Certificate programs in GradCAS.

If you want to take a few courses before submitting an application for regular admission (e.g., before submitting transcripts and letters of recommendation), you can request special graduate admission with this form. 

The schedule is in banweb under Cybersecurity. with the exception of CYBS 509, which is offered via cross enrollment each spring. 

If you have questions, please call us.

1.  Master of Science in Information Systems and Assurance

2.  Masters Degree in Global and National Security

1.  Proposed Computer Science and Engineering BS in Information Systems and Security.

2.  Proposed Computer Science and Engineering Minor in Cybersecurity.

3.  Proposed Master of Science in Transdisciplinary Cybersecurity

4.  Proposed PhD in Transdisciplinary Cybersecurity

Cybersecurity - Certificate of Completion

Cybersecurity - Associate of Applied Science 

Cybersecurity - Certificate of Completion

Associate of Applied Science in Information Systems Cybersecurity Certificate in Computer & Network Security