MSc in Information Security provides the foundations for a rewarding career in the growing cyber security industry or further doctoral research. International security experts teach a balance of established theory and cutting-edge practice, equipping graduates with the broad expertise necessary to succeed as cybersecurity experts, practitioners, or researchers. The course is supported by industry experts and leading companies who engage with students through joint projects and guest lectures.
The Academic Centre of Excellence status has been awarded by GCHQ in partnership with the Research Councils’ Global Uncertainties Programme (RCUK) and the Department for Business Innovation and Skills (BIS). Other universities will also become Centres in the near future as part of an ongoing process.
Students develop an advanced knowledge of information security and an awareness of the context in which information security operates in terms of safety, environmental, social and economic aspects. They gain a wide range of intellectual, practical and transferable skills, enabling them to develop a flexible professional career in IT.
Follow the Information Security Facebook Page for updates on our activities and research.
MSc in Information Security awarded full certification by the National Cyber Security Centre (NCSC)
UCL’s Department of Computer Science’s MSc in Information Security has been successfully awarded full certification from the National Cyber Security Centre (NCSC).
Master’s degree programmes in cyber security can broaden the understanding of security concepts and technologies and provide a bridge between undergraduate education and careers in cyber security. However, with so many UK universities running Master’s degrees containing cyber security content, it can be difficult for students and employers alike to assess the quality on offer and identify the degree that best suits someone’s preferred career path.
NCSC’s aim is to identify and recognise the very best cyber security education in the UK and UCL's MSc Information Security now joins an exclusive list of degree programmes that should attract high quality students from around the world; attract employers to recruit skilled staff and develop the cyber skills of existing employees; and attract prospective students to make better informed choices when looking for a highly valued qualification.
The MSc in Information Security NCSC full certification lasts five years, and students will need to select Information Security Management as one of their optional modules to receive the NCSC certification.
MSc Information Security Programme Director Dr Emiliano de Cristofaro says:
"This is a very important step for our programme as it allows us to join a global community of leaders in information security education. We look forward to continue moving forward together with this community and train the future engineers, researchers, and practitioners who will keep our systems and infrastructures secure, building on the excellence and rigour deeply ingrained in UCL Computer Science's fabric".
Upcoming Open Days and Events
Every few months, we organise open day events with presentations and Q&As for our MSc in Information Security, both in person (at UCL) and virtual (via webinars). The events can be attended by anyone and are free of charge.
If you are interested, please send an email to email@example.com with subject "MSc ISec Open Day", and we will let you know next time we have an event.
You can read transcripts of Q&A's from our latest virtual open day here
Inside Information Security...
MSc Information Security comprises 8 taught modules and a Dissertation. Of the taught modules, 4 are core modules, with 4 option modules. Students who wish to gain GCHQ certification with their degree need to choose COMPGA14 Information Security Management as one of their optional modules.
Core Modules Term 1
COMPGA01 Computer Security I
This module provides an introduction to security concepts and techniques, covering core security principles to engineer systems providing confidentiality, integrity, and availability. Topics are approached from a security engineer perspective, but also from the perspective of someone who aims to bypass security protections.
Students will learn how to recognise security properties of systems, formulate security policies, and model the threats they may face.
COMPGA03 Introduction to Cryptography
This modules provides students with the foundations of cryptography and information security. We introduce the main security properties needed in today's systems, such as confidentiality, authentication, integrity, anonymity, non-repudiation, and do so by means of rigorous definitions and formal assumptions. The module then covers state-of-the-art technologies to meet these goals, i.e., pseudorandomness, encryption, digital signatures, message authentication codes, hash functions.
Core Modules Term 2
COMPGA02 Computer Security II
This module is the natural follow-up to Computer Security I. It provides an advanced understanding of network and computer security vulnerabilities, as well as countermeasures, in real-world systems. Following a hands-on approach, lectures are complemented with in-lab exercises, teaching students to think about security out of the box.
COMPGA11 Research in Information Security
This module aims to provide an understanding of what research in information security is about, how to identify a contribution, what the quality standards in scientific publications are, and to study selected technical sub-topics in depth. Students will be exposed to research on information security, by reading quality technical research papers in information security.
Core Modules Dissertation
Further syllabus information will be available shortly.
Optional Modules Term 1
COMPGA10 People and Security
This modules teaches students to specify usability criteria that a security mechanism has to meet to be workable for end-user groups and work contexts, as well as human-centred approaches to security. It is one of the very few courses on usable security in the world.
This module provide students with a specialist understanding of the issues and techniques in malware detection and classification as well as the human, social, economic and historical context in which it exists and is deployed.
COMPGA19 Philosophy, Politics and Economics of Security and Privacy
The course covers in depth major issues in computer, information, and general security related to the following perspectives:
- Conceptual and philosophical foundations of security policy and its implementation in systems’ contexts
- The political context within which security policies and their implementations are situated, including national and international security issues and the relationships between individuals, companies, and governments
- The design and implementation of security policy from the perspective of economics, including ideas and tools from areas such as utility theory, game theory, and portfolio theory.
COMPGZ03 Distributed Systems and Security
This modules explores, in a case-study fashion, the design and implementation of distributed systems, and computer system security. Among other things, the module provides students with expertise in handling correctness under concurrency by building a simple distributed system as part of coursework.
Optional Modules Term 2
COMPGA12 Applied Cryptography
This module provides the student with a thorough understanding of cryptographic algorithms keys and protocols, and an appropriate hardware/software environment can solve security problems (confidentiality integrity authenticity). It shows how security is achieved in real-life systems in areas of payment, telecom, buildings/transportation, government/identity etc.
COMPGA14 Information Security Management
This module provides students with an understanding of the principles of information security management that are commonly used in business. It will introduce the commonly used frameworks and methods and explore critically the suitability and appropriateness of these for addressing today's organisational security needs.
COMPGA17 Privacy Enhancing Technologies
This module provides students with expert understanding of the issues around privacy in computer systems and on-line services, as well as the best available techniques for mitigating important privacy threats through appropriate security controls. Students will learn how to securely implement these techniques, and familiarise with the process of building secure systems (design review, code review and white-box pen testing). It is one of the very few courses on privacy in the world.
This module aims to cover all major topics in cryptanalysis, studying various cryptosystems from the point of view of cryptanalysis and also from the point of view of crypto developers. By understanding the maths and security design principles in different cryptosystems, students will ways to break and fix/repair cryptographic primitives, as well as discovering key properties which are relevant to their security. They also experiment with standard crypto libraries, computer algebra software and software cryptanalysis tools.
COMPGS10 Language Based Security
This module provides students with specialist knowledge and understanding to solve software related problems associated with the security of software systems. Students discover the relationship between computer program design and security, how various security-related properties of computer programs are formulated and guaranteed, and in-depth knowledge of a variety of contexts in which understanding can be applied.
This module provides students with an understanding of the structure of cybercriminal operations, and of the threats linked to cybercrime. The lectures will cover the different types of cybercriminal operations, the techniques used by miscreants to exploit and take advantage of Internet users, the different actors that are active in the online underground economy, and the technical and legal issues faced by law enforcement to take down cybercriminal operations.
Further syllabus information can be found here.
You will need to choose 60 credits from the optional modules.
A minimum of an upper-second class UK Bachelor's degree in computer science, electrical engineering or mathematics, or an overseas qualification of an equivalent standard. Relevant work experience may also be taken into account.
English Language Requirements
If your education has not been conducted in the English language, you will be expected to demonstrate evidence of an adequate level of English proficiency.
The English language level for this programme is: Good
Further information can be found on our English language requirements page.
Country-specific information, including details of when UCL representatives are visiting your part of the world, can be obtained from the International Students website.
UK/EU fees (FT): £11,800 for 2017/18
UK/EU fees (PT): £6,010 for 2017/18
Overseas fees (FT): £25,890 for 2017/18
Overseas fees (PT): £12,950 for 2017/18
UK/EU fees (FT): £12,380 for 2018/19
UK/EU fees (PT): £6,190 for 2018/19
Overseas fees (FT): £26,670 for 2018/19
Overseas fees (PT): £13,350 for 2018/19
For a comprehensive list of the funding opportunities available at UCL, including funding relevant to your nationality, please visit the Scholarship and Funding website.
Tuition Fee Deposit
This programme requires that applicants firmly accepting their offer pay a deposit. This allows UCL to effectively plan student numbers, as students are more demonstrably committed towards commencing their studies with us.
For full details about the UCL tuition fee deposit, please see the central UCL pages.
Tuition fee deposits within the Department of Computer Science are currently listed as:
|*where part-time is an available mode of study|
ISec graduate destinations:
ISec graduate roles:
Further study destinations:
Average starting salary £31,200 (Graduate Surveys, January 2015).
To apply now click here.
Students are advised to apply as early as possible due to competition for places. Those applying for scholarship funding (particularly overseas applicants) should take note of application deadlines.
Deadline 29th June 2018.