Cyber Security BSc (UCAS H651)

Studying cyber security (bsc) will equip you to be part of the worldwide team securing the human experience in cyber space. Our bsc cyber security course is fully certified by the national cyber security centre (ncsc). 

Find out more about our Cyber Security degree at Warwick

• Cyber space comprises all the interactions with all the networks of digital devices, used to store, modify and communicate information, across all time. It is global in reach and vast in scale, extending far beyond the Internet.
• Cyber security seeks to enable the good and prevent the bad in cyber space. For you to contribute to this task, you will learn a broad range of theory and practice. Most things will be viewed from two perspectives: what should happen, and what does happen. Many cyber security challenges lurk in this gap between concept and reality.

You will learn:

• How to construct robust software
• How to store data over time and communicate it over distance
• How computer systems are organised
• The capabilities of cryptographic techniques
• The processes and procedures that provide assurance that things are as they should be
• The mindset, tools, and techniques to discover the shortcomings of cyber systems, duly constrained by ethics and the law

This course has a strong technical focus so that you understand precisely how the digital parts of cyber systems function. However, the role played by people, processes and the physical environment in achieving cyber security is also a critical part of your study. Taken together, you will learn how to harden the security posture of an organisation's cyber systems. You will learn how to think and act coherently in cyber space.

Cyber security professionals are in high demand by businesses worldwide, meaning you will have access to a wealth of potential career routes in a highly mobile profession when you graduate.

Our BSc Cyber Security is fully certified by the National Cyber Security Centre (NCSC) at GCHQ.

What is the difference between computer science and cyber security?

• Computer science is a broad field that covers the fundamentals of computer systems, including algorithms, data structures, software development, and more. It’s about understanding how computers work and how to create software applications that solve problems. On the other hand, cyber security is a specialised field that focuses on protecting systems, networks, and data from digital attacks. You’ll dive into understanding potential threats, implementing security measures, and constantly updating defences in response to new risks.

Study abroad

• It is unlikely we will be able to support student mobility through study abroad programmes. The very specific curriculum of BSc Cyber Security means that an intercalated year abroad at one of our partner universities is unlikely to fit alongside the remainder of the curriculum.

Core modules

• Year one lays the foundations for you to develop a deeper understanding of cyber space. You will be studying topics such as software development, computer architecture, networks, operating systems and the fundamentals of cyber security. Mathematical formalisms of discrete structure will be introduced to support a range of other topics.
• Year two deepens and broadens your experience by exploring software engineering, programming languages, human computer interaction, secure systems, managing and securing information, all from a cyber security perspective.
• The third year incorporates advanced topics in cyber security, incident management, digital forensics, low-level techniques (to better understand how potentially obfuscated code executes), and the science associated with dealing with bulk data. You will also complete an individual project, where you will apply your skills and knowledge to an area of your choice under the supervision of our academics.

Year One
Programming for Cyber Security

• Fluency in the process of software development is a prerequisite to the study of much of the remainder of this programme. This module brings together the fundamental concepts and skills related to the software development process. It will provide you with a foundation for other software-oriented aspects of the programme, such as: programming languages for cyber security, data science for algorithms and complexity in the cyber context, and the cyber context of software engineering.

Computer Architecture and Operating Systems

• This module aims to equip you with a comprehensive understanding of modern computer architectures and system software concepts. It starts by providing essential principles and concepts of computer systems to develop a deeper understanding of the hardware environment upon which all computing is based, and the interface it provides to higher software layers. You will learn about computer systems’ functional components, their characteristics, performance, and interactions, and the challenge of harnessing parallelism to sustain performance improvements now and in the future. This module then outlines the principles of how an operating system is constructed, how it works, and its critical role in cyber security by providing a solid understanding of how a modern operating system satisfies its requirements in the cyber context.

Discrete Mathematics

• Discrete mathematics forms the mathematical foundation of computer science and cyber security. It forms the basis of how computers work, allows us to prove system correctness and security, and underlies modern cryptography. On this module, you will be introduced to the discrete structures used by computers, as well as how to use them to solve problems in cyber security.

Algorithms and Data Structures

• Algorithms are the fundamental building blocks of computer science – but how can we prove that an algorithm does what we want it to? How can we improve the efficiency of existing algorithms? This module will provide you with a comprehensive understanding of the fundamental principles and techniques in algorithm design and optimisation. You will explore a wide range of topics, including sorting, searching and pathfinding algorithms, while evaluating their correctness and efficiency.

Computer Networks

• Currently, networks, whether wired or wireless, are an integral component of the present and future computing landscape. Computer networks form the foundation of modern information technology systems, enabling the seamless communication and transfer of data between devices and systems. This module aims to equip you with the essential knowledge and skills required to understand and work with computer networks effectively by providing a solid grounding of core networks and communication concepts.

Cyber Security Fundamentals

• This module will equip you to better understand the stages and concepts of a cyberattack. You will develop a practical understanding, as well as applying the common tools, techniques, and procedures utilised by adversaries and attackers during each phase of a cyberattack in a manner that is both legal and ethical.

Security Testing I

• This module aims to equip you with the knowledge and practical experience of performing security testing and producing professional penetration testing reports for client organisations. You will learn the importance of acting professionally, in an ethical manner, and will be made aware of ‘responsible reporting’ programmes. This module is partly taught by professional practitioners involved with professional penetration testing on a daily basis and also equipped with years of university academic experience.

Digital Forensics Fundamentals

This module exposes you to the entire investigative lifecycle of a case, from a criminal and corporate perspective. You will develop:

• A critical understanding of the process of digital investigation
• An applied understanding of how to perform a digital investigation
• The ability to apply appropriate tools to investigate a cutting edge digital investigation scenario

Year Two
Secure Software Development

• This module aims to equip you with the knowledge and practical experience of secure software design and development principles. You will look at software engineering in the context of cyber security, applying frameworks such as the Trustworthy Software Framework and the Secure Software Development Life Cycle when developing software systems.

Behavioural Cyber Security

• This module places the person at the centre of the cyber domain by addressing issues of usability and human factors. As such, the focus is on trade-offs between usability and security on the one hand, and human psychology and human error on the other hand. Human vulnerabilities will be addressed in detail to build greater cyber resilience, and narrative around security awareness/training programmes and security culture will be also introduced for understanding broader, non-technical influences on security through minimising human related risks.

Cryptosystems

• On this module you will develop your ability to design robust security architectures tailored to specific scenarios. Moreover, you will acquire practical expertise in configuring systems using cryptographic techniques to achieve the desired security objectives. By actively participating in this module, you will enhance your overall understanding of trust and security, equipping you with the necessary tools to thrive in the dynamic landscape of cyber security.

Secure Networks

• This module covers basic concepts of cyber security, such as confidentiality, integrity, availability, authentication, and authorization. These concepts will be explored within the context of several generic asset configurations, enabling you to understand the potential threats that may arise and various security measures that will be used to defend against these threats.

Databases and Information Management

• On this module, you will be introduced to the essential concepts of databases, data modelling, and optimisation. This knowledge will empower you to craft efficient databases for superior information management. From understanding Database Management Systems (DBMS) and data modelling to mastering Structured Query Language (SQL) and optimizing queries, you will gain indispensable skills for designing and maintaining robust databases.

Information Security and Risk Management

• This module aims to provide you with the skills that will allow you to have the confidence to recognise and assess information security risks and identify appropriate ways to manage information security within an organisational context. It is about designing and evaluating the solutions that have the strategy, policy, processes, behaviours, and technology, in place and coherently supporting each other.
• Read more about the Information Risk and Security Management moduleLink opens in a new window, including the methods of teaching and assessment (content applies to 2024/25 year of study).

Security Testing II

• This module covers the latest techniques of ethical hacking and provides practical experience in selecting and applying suitable tools and techniques. It is also designed to ensure that you are able to define the scope of testing under certain requirements and develop a relevant project plan, and carry out a security assessment by applying appropriate testing methodologies and tools.

Research and Professional Skills

• This module is designed to equip you with the knowledge and tools to research cross-cutting issues in cyber security contexts. You will learn about a range of data collection methods and analytical options relevant to this, and develop relevant skills in data collection and analysis. You will also be introduced to ethical issues in cyber security research, as well as provided with guidance on how to design, plan and manage your dissertation effectively. Lastly, the module will involve careers-oriented tasks, giving you the opportunity to consider your professional skills and career aspirations.

Year Three
Malware Analysis and Exploit Development

• This module aims to explore the essential low-level techniques and analysis concepts relevant to identifying malicious code and exploiting vulnerabilities that reside in the binaries.

AI and Cyber Security

• AI-based solutions are having a significant impact in a number of areas, including cyber security. This module aims to develop your knowledge of the development and application of the most common machine learning models, and in particular a critical understanding of the applicability of each machine learning algorithms in the solution of a particular problem (class of problems). It will cover the best practice and main steps of developing AI-based solutions, including data collection/engineering and pre-processing, model design, training and evaluation, and deployment.

Cyber Security Operations

• This module seeks to introduce you to the state-of-the-art in effective and proactive cyberattack deterrents, including tools and techniques that can have long-term benefits in organisational policies while maintaining the resilience of our agile and delicate cyber infrastructures.

Cyber Security and Incident Response

• This module comprises two related but distinct themes: cyber incident response and digital forensics. The focus of the module is on investigations that respond to incidents in corporate environments, while it sets the scene on examining potential evidence based on the principles that have been established by the digital forensics community. It aims to provide you with the required skills that will allow you to prepare and manage a cyber security incident and allow you to apply digital forensics principles for the investigation of a cyber security incident.

Cyber Security Project

• With support from a supervisor, you will undertake the full life cycle of a research or development project in the cyber security domain.

Optional modules

• In the final year, you will select two modules from the following list of optional modules:

Advanced Forensics and Investigations

• This module advances on previously gained skills in digital forensics and explores different themes. One part of the module places a strong emphasis on engagement with applied research advances on contemporary topics in the field and current professional practises. The other part of the module strongly focuses on the technical analysis and techniques involved when investigating different devices and technologies.

Privacy and Online Rights

• Privacy is recognised as a fundamental human right, however, it can be easily exploited in the digital domain due to the large scale of use and spread of advanced digital technologies for data mining and surveillance. This module aims to provide you with a critical awareness of privacy issues in cyber security and allow you to apply advanced technical concepts and practices for managing privacy in organisations using a psychological and usability perspectives.

Cloud and Virtualisation Security

• This module considers the cyber security consequences of virtualised systems and the opportunities that they offer. Focusing on software containerisation systems such as Docker, and comparing their properties with other virtualisation tools and techniques, the module looks at the trust relationships and the available security controls between the underlying operating system, the container, or other virtualised environment, and the software executing within the container.

Cyber-Physical Systems

• Much attention relating to communication in the cyber domain is focused around the Internet. A range of other communication protocols and technologies are widely deployed in industrial control, vehicle and other systems. Understanding the significant characteristics of the physical manifestations of digital information, understanding the interconnectedness of the cyber domain with the physical domain via sensors and actuators, and understanding non-Internet technologies and protocols reduces the risk of inadvertently leaving a cyber system in a vulnerable position. The overall aim of this module is to enable you to have a meaningful conversation with practising engineers concerning the security of cyber-physical systems.

Assessment

• Your performance will be assessed predominantly by coursework with a small number of written examinations. The coursework may be individual or group work, involving aspects of cyber system development, cyber system analysis, cyber research, and presentation of findings. The second and final year place particular emphasis on coursework, designed to provide practical skills and knowledge that can be directly applied in a professional setting.
• For the Individual Project in the final year, you will use a range of methods, tools, and techniques to address your chosen research question. This project will help you to develop a range of transferable skills, including critical thinking, problem solving, and communication. These are skills you will carry into a successful career beyond Warwick.

Teaching

• The course is delivered by subject leaders from the WMG Cyber Security Centre. Teaching and learning is delivered via a combination of lectures, seminars, and high-intensity workshops with structured independent consolidation activities in between.
• Teaching sessions will comprise a mix of conventional lectures, practical laboratory sessions and tutorial sessions. The proportions and emphasis will vary from module to module.

Solving practical problems

• The consolidation activities will typically involve the application of material covered in the workshop to a practical problem. Some of this consolidation activity will be individual, some will be working in teams. Some development projects will span several workshops and run for several weeks.
• Much of the practical activity will take place in our dedicated Cyber Security laboratories within the WMG Cyber Security Centre. Your studies will culminate in your final year individual cyber project.

Your career

• Cyber security professionals are in high demand by businesses worldwide, meaning you’ll have access to a wealth of potential career routes in a highly mobile profession when you graduate.
• Career paths could include technical, managerial, and strategic paths in public, private, or charity sectors; enabling social services, commerce, healthcare, transportation, environmental protection and more generally, a secure digital society.

Early career roles could include:

• Network Security Administrator
• Forensic Analyst
• Threat Analyst
• Penetration Tester
• Secure Software Developer
• Junior Consultant
• Audit Compliance
• Technical Consultant

Later career roles could include:

• Security Architect
• Security Assessor
• Security Analyst
• Incident Response Coordinator
• Cyber Security Consultant
• Chief Information Security Officer

Helping you find the right career

• Our department has a dedicated professionally qualified Senior Careers Consultant to support you. They offer impartial advice and guidance, together with workshops and events throughout the year. 

Previous examples of workshops and events include:

• Career planning for WMG students
• Options in Engineering
• Warwick careers fairs throughout the year
• Effective Applications for WMG students
• Researching Employers for WMG students