New Master’s in Cybersecurity and Public Policy

Offered by the School of Engineering and The Fletcher School, the new graduate degree program crosses the divide between technology and policy

Padlock amidst digital code. Tufts will offer a new master’s degree in cybersecurity and public policy; the new program will cross the divide between technology and policy

Tufts next fall will offer a master’s program in cybersecurity and public policy, a joint degree offered by the School of Engineering’s Department of Computer Science and the Fletcher School, and applications are being accepted now.

By creating the interdisciplinary program, Tufts will give students critical skills they need to be at the forefront of the rapidly growing cybersecurity industry, said Susan Landau, Bridge Professor of Cybersecurity Policy, who will serve as program director and chair of the governance committee.

Graduates of the program, she said, will meet the market demand for professionals who can act as translators between technicians and policymakers “to develop policy that better protects against cyberattacks—and mitigates the problems when such attacks occur, as they inevitably will,” she said.

“Our intention is to create technologists who understand the cybersecurity policy space and policy wonks who appreciate the technical issues involved in policy choices,” Landau said. “Our graduates will be able to speak with both techies and the policy folks, and the result will improve security.”

Kathleen Fisher, professor and chair of the Department of Computer Science, agreed. By bringing the expertise at the School of Engineering and The Fletcher School together, the university can “most effectively rise to meet the threat of cybersecurity. Through this partnership, Tufts can build intervention and prevention measures that contribute to a secure and resilient cyberspace.”

The interdisciplinary program responds to tremendous growth in the cybersecurity career field, according to the program proposal. The size of the cybersecurity market grew by a factor of seven between 2013 and 2017, and cybersecurity policy is a crucial component for getting security right. Opportunities are expected to continue to expand. The U.S. Bureau of Labor Statistics projects that openings for information security analysts will increase 28 percent between 2016 and 2026—four times faster than the national average growth rate of seven percent for all occupations.  

The Tufts curriculum will include policy development, analysis, and implementation, a focus that was based on interviews with industry experts such as Katherine Charlet, director of Carnegie Endowment for International Peace’s Technology and International Affairs Program.  “I can teach technical skills to a policy person, but it is much harder to teach policy, communication, and strategy skills to a technical person,” she said. “We need individuals who have technical skills, [and who also have] a strong grounding in policy and are policy-savvy, including the ability to distill technical information and conduct strategic analysis to develop clear recommendations.”

Students will be required to take a minimum of ten full courses or thirty credits, including six required core courses evenly divided between computer science and policy studies. The curriculum will span the wide domain of cybersecurity, including national security and public safety, security against a repressive regime, and cybersecurity and privacy. 

Prior to admission, students must have completed an introductory course in computer programming. Though the program is joint between Fletcher and the School of Engineering, students will apply to the proposed degree program through the School of Engineering.

Core faculty at Tufts bring considerable expertise to the program. Landau, who has testified before Congress on encryption, surveillance, and cybersecurity issues, previously was a senior staff privacy analyst at Google and distinguished engineer at Sun Microsystems. She is the author of Listening In: Cybersecurity in an Insecure Age and Surveillance or Security? The Risks Posed by New Wiretapping Technologies.

Fisher’s research focuses on advancing the theory and practice of programming languages. She was a program manager at the Defense Advanced Research Projects Agency (DARPA), where she started and managed the High-Assurance Cyber Military Systems program and the Probabilistic Programming for Advancing Machine Learning program. Previously she was a consulting faculty member in the computer science department at Stanford and a principal member of the technical staff at AT&T Labs Research. (Watch her Tufts Talk “Towards Less Hackable Cars.”)

Other core faculty include Josephine Wolff, assistant professor of cybersecurity policy at The Fletcher School and the author of You'll See This Message When It Is Too Late: The Legal and Economic Aftermath of Cybersecurity Breaches.

To find out more about the degree program and to apply, visit the Cybersecurity and Public Policy website.

Laura Ferguson can be reached at

Back to Top