Cybersecurity BS

Program Purpose


Within the context of the aims of a BYU education our mission is to educate professional leaders with an in-depth understanding of all aspects of computer systems and their relationship to the world. These leaders will combine their technical understanding with their broad-based general education to visualize systems, communicate effectively, think analytically and implement solutions.

As reflected in this mission statement, the program is strongly technological but intended to be part of a broader, liberal education context. Thus phrases such as "leaders", "relationship to the world" and "broad-based general education" are specifically intended to evoke the larger context of BYU's aims. Furthermore, as explicitly stated, this mission statement rests on the foundation of the "Aims of a BYU Education."

Cybersecurity Program Educational Objectives:

1.     Practice as a competent professional in Cybersecurity or enrolled in an appropriate graduate program

2.     Demonstrate leadership by positive influence on others towards shared goals

3.     Collaborate and communicate effectively in diverse team environments

4.     Show sensitivity for global, societal, organizational issues, compliant with the moral standards of the Gospel of Jesus Christ in the application of technology.

Curricular Structure

The Cybersecurity undergraduate program consists of a strong introduction to computer technology and programming with more advanced work in networking, operating systems, human computer interaction, databases, security and information assurance. It is closely aligned with our IT major, which has had cybersecurity woven into its required courses since its inception. The first two years are designed to be compatible with other technical computing majors on campus.

The Cybersecurity degree requires similar science and math courses as Computer Engineering (CpE) and Computer Science (CS) and, to a lesser extent, Information Systems in the Business School (ISys). Students should be able to transfer easily between Cybersecurity, CpE, CS and IT within the first two years of their studies as they refine their interests and understanding of the technical computer field. Cybersecurity rests on a foundation of Math and Science and thus includes classic courses in hardware architecture and computing (IT 124, IT 252, CS142, CS 235, CS 236), Math (Math 112, Stats 201) and science (Physics 121) etc. In line with Schools of Technology nationwide, there is a strong emphasis on experiential learning and integration of technology within the curriculum. This is reflected in the emphasis on lab-work and projects in major courses. All technical courses in the major include substantial lab and project requirements and the capstone experience for undergraduate students is a two-semester project class where the students work in assigned teams to propose, design, build, manage, complete and report on a significant project in the Cybersecurity field. Additionally, 200 hours of work in the area of Cybersecurity are required prior to graduation.

The graduate program consists of a thesis-based MS degree. Currently graduate enrollment is very strong and students complete a variety of projects/theses in Cybersecurity-related research and application.

Cybersecurity is a relatively new discipline nationwide and BYU faculty are actively involved in national committees and professional societies to create and comply with model curricula and accreditation requirements for IT and Cybersecurity programs. BYU's Cybersecurity program is also considered an NSA/DHS Center of Academic Excellence in Cyber Defense based on a rigorous review of course materials and learning outcomes.

Catalog Information

Major Academic Plan

Learning Outcomes


Problem Analysis and Solutions

Analyze a complex computing problem and apply principles of computing and other relevant disciplines to identify solutions.

Courses that Contribute: IT 350
Linked to BYU Aims: None
Design, Implement, & Evaluate Computing Solutions

Design, implement, and evaluate a computing-based solution to meet a given set of computing requirements in the context of the program's discipline.

Courses that Contribute: IT 344
Linked to BYU Aims: None
Communicate Effectively

Communicate effectively in a variety of professional contexts.

Courses that Contribute: None
Linked to BYU Aims: Communicate effectively
Legal & Ethical Judgment

Recognize professional responsibilities and make informed judgements in computing practice based on legal and ethical principles.

Courses that Contribute: IT 366
Linked to BYU Aims: Character
Teamwork and Management

Function effectively as a member or leader of a team engaged in activities appropriate to the program's discipline.

Courses that Contribute: None
Linked to BYU Aims: None
Security Principles and Practices

An ability to apply security principles and practices to the environment, hardware, software, and human aspects of a system.

Courses that Contribute: IT 366 IT 566 IT 567
Linked to BYU Aims: None
Security Operations

An ability to analyze and evaluate systems with respect to maintaining operations in the presence of risks and threats.

Courses that Contribute: IT 366 IT 566 IT 567
Linked to BYU Aims: None

Evidence of Learning


At the course level, assessments include quizzes, exams, homework assignments, labs, papers and so on. Many projects require students to report orally and in formal technical reports. Students are also required to complete term papers and report on key developments within their discipline. The final capstone project includes significant reporting requirements in the form of public oral presentations, posters, videos, extensive formal technical reports and several presentations to external reviewers (Industrial Advisory Board members). External stakeholders help achieve a balanced evaluation of the program. Semi-annual meetings with the Industrial Advisory Board (IAB) and annual surveys of alumni provide data for both evaluating student competence and also evaluating the mission and goals of the program. Exit interviews with graduating students are conducted to identify areas of strength and improvement.

An extensive evaluation has been done relating program outcomes to:

  1. Individual course outcomes
  2. The Cybersecurity Curricular Guidelines published by ACM, IEEE, AIS SIGSEC, and IFIP.
  3. The NSA/DHS Center of Academic Excellence in Cyber Defense requirements.
  4. ABET Computing Commission accreditation Requirements.

All faculty members participated in this analysis and in the discussions of measuring achievement of these outcomes. The course outcomes are evaluated both directly and indirectly as discussed below.

Direct Measures

Each course in the major has defined learning outcomes. These are displayed in the BYU course catalogue. These outcomes are used by faculty in teaching. They are also reviewed and changed as needed, after discussion in faculty meetings.

Achievement of these specific course outcomes is evaluated by faculty teaching the courses with assignments and evaluations directed towards the objectives.

Indirect Measures

Graduating students each have a face-to-face interview with the program chair as well as completing questionnaires. The questions to both of these groups specifically address the program objectives. Each core class is surveyed each semester relative to completion of course outcomes. Selected groups of alumni are surveyed regularly (annually). 

Learning and Teaching Assessment and Improvement


On the program level, all courses are evaluated by students through a formal, anonymous student response system each semester (administered by BYU). Results are provided to individual instructors and to administrative supervisors. Exit interviews are conducted with every graduating student, results are anonymized and summarized and then provided to all faculty. These results are discussed in faculty meetings. An Industrial Advisory Board meets twice yearly, reviews the program content, meets individually with students and provides feedback to the program. These meetings are recorded and summaries are provided to faculty and discussed in faculty meetings. Peer evaluations of instructors are also conducted before advancement and promotion.

Analysis, Evaluation, and Improvement Process

The entire program is reviewed and modified at least annually. Regular (weekly) faculty meetings are held, and recorded, to deal with on-going program changes.

The program is closely aligned with the IT program, which was one of the first IT programs accredited by ABET in 2005/2006 and before that the EET program that was accredited in the 1970s. The Cybersecurity emphasis in the IT major was approved as an NSA/DHS Cybersecurity Academic Center of Excellence in Cyber Defense in 2012 and renewed again in 2018.