This website uses cookies. About Cookies OK

Cyber Risk for Business (MSc)


Programme Description

The MSc in Cyber Risk for Business provides students with the skills they need to become IS security analysts, IS risk auditors and to understand IS and data governance and project management.

The MSc in Cyber Risk for Business (MSc CRB) provides students with a portfolio of business and project management skills, as well as enhancing knowledge of IS concepts and core technical skills. At the core of this programme is a selection of topics covering cloud technologies, IT performance management, data management as well as IT project management. Additionally, students specialize in the topic of Information Systems (IS) Cyber Risk. This allows students to fulfil the industry need for professionals who can establish and manage robust systems that are secure against data loss and data breach. A research project will allow students to explore and develop an IS solution to a specific business problem in the domain of information security and risk management.

The MSc (CRB) is designed to provide students with the skillset to be successful in roles such as Data Protection Officer, IT Risk Analyst, Security Analyst and Threat Intelligence Analyst.

Students take a total of 90 credits. Part I consists of 70 credits and Part II consists of 20 credits. 


  • BU6005 Applied Research Methods
  • BU6510 Professional Development and Research Communication 
  • IS6017 Enterprise Business Processes and Applications 
  • IS6025 Design Thinking for Business Analysis
  • IS6027 Information Systems Project Planning 
  • IS6028 Information Systems Project Tracking and Oversight 
  • IS6050 Business Data Strategy and Management 
  • IS6060 Cloud Technologies 
  • IS6061 Programming for Data and Business Analytics 
  • IS6062 Security Architectures 
  • IS6063 Information Systems Risk Control Auditing 
  • IS6065 Information Systems Governance
  • IS6066 Breach Management and Recovery 
  • IS6067 Ethical Hacking and Threat Response 


  • IS6620 Applied Research in Cyber Risk 

Why Choose This Course

This course is strongly associated with the Information Systems industry, and with organisations where Information Systems play a critical part. Active input on course content and specialisms is continuously incorporated from both local and multinational industry leaders. The Cyber Risk for Business study path is aligned in part with the ISACA curriculum for Information Systems and Data Governance and Audit.


Skills and Careers Information

What can I do after I graduate with an MSc Cyber Risk for Business?

MSc Cyber Risk for Business graduates can look forward to positions in multiple industry sectors, as risk analysts, threat intelligence analysts, risk auditors, data privacy officers, business analysts and project managers. Graduates will also find positions in business analysis and general management open to them in the IT sector.

Occupations associated with this MSc Cyber Risk for Business

The Information Technology, Pharmaceutical, Financial Services, Manufacturing and Public Services sectors all require graduates from this programme. Typical roles include Project Manager, Business Analyst, Risk Analyst, Data Analyst, Threat Analyst, Data Protection Officer, Operations Research and IT Manager.

What are our graduates doing?

At least one graduate has gone on to work in the IT security sector. Another has secured a position as an account manager in a US-based firm.

Back to top

Practicalities & Assessment

16 lecture hours per week, with 2 hours of lab work per week. Between 3 and 5 field trips will be organised throughout the year. Group project work continues to early July, concluding formal course content. However, students may be required to complete an individual essay in their own time up late July/early August.


Full module information is detailed in the section below.


A hybrid approach to assessment is used in this programme. Assessments methods include formal written exams, essays, group and individual project work and some lab practicals. Some modules are 100% continuous assessment and most modules have a minimum of 40% continuous assessment. During the programme, students will work individually and in groups. Some of the learning and assessment is structured around industry standard blue team / red team defence and attack techniques. A strong emphasis is placed on oral presentation of work.

Back to top


Part I

  • Enterprise Business Processes and Applications 1

    Part I

    Enterprise Business Processes and Applications 1 (IS6017)

    To provide students with an overview of key issues organisations have to address when implementing new business processes and enterprise applications.

    More Information
  • Design Thinking for Business Analysis

    Part I

    Design Thinking for Business Analysis (IS6025)

    The module provides an advanced treatment of business analysis and systems design using service design and design thinking concepts and tools.

    More Information
  • Information Systems Project Planning

    Part I

    Information Systems Project Planning (IS6027)

    The objective of the module is to teach students the skills necessary to plan information systems development (ISD) projects. Students will be familiarised with the area of ISD project planning from both a theoretical and practical viewpoint. The fundamen

    More Information
  • Information Systems Project Tracking and Oversight

    Part I

    Information Systems Project Tracking and Oversight (IS6028)

    The objective of the module is to teach students the skills necessary to track and oversee information systems development (ISD) projects. Students will be familiarised with the area of ISD project tracking and oversight from both a theoretical and practi

    More Information
  • Business Data Strategy

    Part I

    Business Data Strategy (IS6050)

    The objective of this module is to enable students to critically evaluate and establish a business data strategy that will facilitate the full exploitation of organisation data

    More Information
  • Cloud Technologies

    Part I

    Cloud Technologies (IS6060)

    Students will identify, assess and apply Cloud technologies, and in so doing, assimilate the needed concepts and skills involved in evaluating deployment of Cloud technologies securely in an organisational context.

    More Information
  • Secure Data Acquisition and Management

    Part I

    Secure Data Acquisition and Management (IS6061)

    Students will assimilate, compare and evaluate processes, techniques, prerequisites and standards for the secure acquisition and management of data in organisations.

    More Information
  • Security Architectures

    Part I

    Security Architectures (IS6062)

    Students will analyse and evaluate the core concepts of Information Systems security and the technologies, structures, processes and architectures required to secure Information Systems in an organisational context.

    More Information
  • Information Systems Risk Control Auditing Foundations

    Part I

    Information Systems Risk Control Auditing Foundations (IS6063)

    Students will develop the skills and knowledge necessary to determine and assess audit services, in accordance with Information Systems audit standards, to assist organisations with protecting and controlling information systems.

    More Information
  • Information Systems Governance

    Part I

    Information Systems Governance (IS6065)

    Students will formulate and assess assurance processes for ensuring that an organisation has the structure, policies, accountability mechanisms and monitoring practices in place to achieve the requirements of corporate governance of Information Systems an

    More Information
  • Breach Management and Recovery

    Part I

    Breach Management and Recovery (IS6066)

    More Information
  • Ethical Hacking and Threat Analysis

    Part I

    Ethical Hacking and Threat Analysis (IS6067)

    To enable students to detect and evaluate security threats to information systems and to use ethical hacking techniques to identify weakness in and improve the security of such syste

    More Information

Part II

  • Applied Research in Cyber Risk

    Part II

    Applied Research in Cyber Risk (IS6621)

    To give the students the opportunity to apply research, communication, presentation and team participation skills while undertaking a substantial group-based project centred on Cyber Risk, in an academic or commercial environment.

    More Information

For full programme requirements, please refer to the University College Cork Academic Calendar here

Back to top

Entry Requirements

Candidates to have a Second Class Honours Grade II in a primary honours degree (NFQ, Level 8) or equivalent, with appropriate information systems or computing technology skills content. You may also be admitted to the course on the basis of extensive practical or professional experience, as deemed appropriate by the Professor of Business Information Systems and Cork University Business School under Recognition of Prior Learning (RPL). Typical students are from technical disciplines such as Management Information Systems (MIS) or Business Information Systems (BIS), engineering, computer science and mathematics. It is also suitable for business and humanities graduates who have studied Computer Science and Business Information Systems (BIS) subjects and who have some object-oriented programming knowledge.


View the grades comparison table

Non-EU Candidates

Non-EU candidates are expected to have educational qualifications of a standard equivalent to Irish university primary degree level. In addition, where such candidates are non-native speakers of the English language they must satisfy the university of their competency in the English language. To verify if you meet the minimum academic requirements for this programme please visit our qualification comparison pages.

For more detailed entry requirement information please refer to the International website .

Back to top

Application Process

1. Choose Course

Firstly choose your course. Applicants can apply for up to three courses under one application. Details of taught courses are available on our online prospectus.

2. Apply Online

Once you have chosen your course you can apply online at the online application portal. Applicants will need to apply before the course closing date. There is a €50 application fee for all courses apart from the Education - Professional Master of Education - (Secondary School/Post-Primary Teacher Training) which has a €100 application fee.

3. Gather Supporting Documents

Scanned copies of the following documents will need to be uploaded to the online application portal in support of your application. Applicants may need to produce the original documents if you are accepted onto a course and register at UCC.

  • Original qualification documents listed on your application including transcripts of results from institutions other than UCC
  • Any supplementary items requested for your course.

Please log into the online application portal for more details.

4. Application processing timeline

Our online application portal opens for applications for most courses in early November of each year. Check specific course details. 

5. Rounds

For courses that are in the rounds system (Irish and EU applicants), please check the rounds closing dates here.

Questions on how to apply?

Please use our web enquiry form to contact us.

Additional Requirements (All Applicants)

Please note you will be required to provide additional information as part of the online application process for this programme. This will include the following questions:

  • You may enter the details of professional or voluntary positions held. We strongly encourage you to complete this section with all relevant work experiences that will support your application.

  • What is your occupation/speciality?

The closing date for non-EU applications is 30 June

Non-EU Applications

For full details of the non-EU application procedure please visit our how to apply pages for international students. In UCC, we use the term programme and course interchangeably to describe what a person has registered to study in UCC and its constituent colleges, schools, and departments.

Not all courses are open to international/non-EU applicants, please check the fact file above.

For more information please contact the International Office.

Apply Now

Back to top

Testimonial - Subham Chowdhury

My decision to become a mature student in UCC was due to my regret of not studying at third level. The one year MSc in Cyber Risk for Business truly lived up to my expectations. Considering the program was brand new, I had a few apprehensions in the beginning. However, it has a very good blend of the current cybersecurity principles and its application in business and real world scenarios. I was more than satisfied with the way the program was tailored to the current needs and gaps in industry, and it provided a truly immersive experience as a whole.

As an international student, there was full support from the lecturers, who always encouraged us to deliver our best. The class size was relatively small, and the lecture materials and the assignments were aligned to high quality learning and development. The most important aspect was the regular visits by professionals from major companies like IBM and PWC, with whom we got to interact first-hand.

We also received specialised training in career and personal development. This program supported of development of employability traits, and helped us pitch ourselves as highly desirable, qualified, and competitive for jobs in the Cybersecurity realm.

Having completed my masters and secured a job offer in a leadership position, I can truly say the skills and experiences provided by the program have allowed me to develop into a confident professional. I believe the achievement is a result of the support and encouragement of the academic staff and their passion for teaching. I definitely recommend this exciting program and I feel it has a very high potential to produce qualified professionals for one of the most lucrative and in-demand professions.

-Subham Chowdhury (Class of 2020)