Computing & Technology

Cybersecurity

Protect digital systems and data from cyber threats—combining computer science, cryptography, and risk management to defend networks, applications, and critical infrastructure.

Overview

Cybersecurity is the practice of protecting computer systems, networks, and data from digital attacks, unauthorised access, and damage. As organisations across every sector become more dependent on digital infrastructure, the demand for cybersecurity professionals has grown dramatically—far outpacing supply.

The curriculum covers network security, cryptography, ethical hacking and penetration testing, digital forensics, malware analysis, security architecture, risk management, and incident response. Students learn to think like both defenders and attackers—understanding how systems can be compromised in order to build better protections. Hands-on labs, capture-the-flag competitions, and industry certifications are integral to the programme. Many programmes also cover the legal and policy dimensions of cybersecurity, including data protection regulations and cyber law.

They work as security analysts, penetration testers, security architects, incident responders, and chief information security officers (CISOs). The field offers strong starting salaries, rapid career progression, and the knowledge that your work directly protects critical systems and personal data.

For students passionate about protecting digital systems and infrastructure, several universities stand at the forefront of cybersecurity education and research. Carnegie Mellon's CyLab is one of the largest university-based cybersecurity research centres in the world, with over 100 faculty across disciplines—students benefit from hands-on experience in areas like network security, privacy engineering, and critical infrastructure protection. Georgia Tech's College of Computing offers a dedicated cybersecurity track within its Information Security Centre (GTISC), combining technical depth with policy research and one of the most respected capture-the-flag competition teams globally. ETH Zurich's System Security Group conducts cutting-edge research in software security, trusted computing, and network defence, and its programme reflects the Swiss tradition of precision and rigour. The University of Oxford's Cyber Security Centre bridges computer science and social science, recognising that security is as much about human behaviour as it is about code—a perspective that produces well-rounded security professionals. Purdue University's Centre for Education and Research in Information Assurance and Security (CERIAS) is one of the oldest multidisciplinary cybersecurity centres in the US, offering students exposure to forensics, secure systems, and cryptography. Some of these universities offer standalone cybersecurity degrees, while others embed security as a specialisation within computer science—both paths lead to strong career outcomes.

Career Outcomes & Salary

What jobs can I get and how much will I earn?

Entry Level0–2 years

$65,000–$105,000 (US) / £30,000–£48,000 (UK) / A$60,000–$90,000 (AU)

Security AnalystSOC AnalystJunior Penetration TesterCybersecurity ConsultantIncident Response Analyst
Top employers
CrowdStrikePalo Alto NetworksMandiant (Google)Deloitte CyberMicrosoftIBM Securitygovernment agencies (NSA, GCHQ, ASD)Big Four accounting firms
Mid Career3–8 years

$110,000–$200,000 (US) / £60,000–£110,000 (UK) / A$100,000–$170,000 (AU)

Senior Security EngineerPenetration Test LeadSecurity ArchitectThreat Intelligence ManagerCloud Security Engineer
Senior10+ years

$180,000–$400,000+ (US, CISO roles at large companies can exceed $500,000)

Chief Information Security Officer (CISO)VP of SecurityDirector of Threat IntelligenceSecurity PrincipalFounder—Security Startup
Industries
TechnologyFinancial ServicesGovernment & DefenseHealthcareCritical InfrastructureConsultingTelecommunicationsEnergy & Utilities
Demand Outlook

Exceptionally strong—the global cybersecurity workforce gap of 4 million positions means virtually guaranteed employability. The US Bureau of Labor Statistics projects 32% growth for information security analysts through 2032, making it one of the fastest-growing occupations.

What You'll Learn

Core topics and skills covered in this degree

Network Security & Defence
Cryptography & Encryption
Ethical Hacking & Penetration Testing
Digital Forensics & Investigation
Security Architecture & Design
Risk Management & Compliance
Malware Analysis & Reverse Engineering
Incident Response & Recovery

Is This Right For Me?

Honest self-assessment to help you decide

WorkloadHeavy—expect 15–25 hours per week outside lectures on labs, CTF practice, programming assignments, and security analysis projects. Labs are particularly time-intensive, often requiring hands-on work with virtual machines and security tools.
Math LevelModerate—cryptography requires number theory and algebra, and security analytics involves statistics. Less mathematical than AI or pure CS theory, but more than many students expect.
CreativityBoth—security frameworks and compliance are highly structured, but offensive security and incident response require creative thinking to anticipate novel attack vectors and devise unconventional defenses.
TeamworkMix—many labs and CTF challenges are individual, but incident response exercises and security assessments are team-based. Industry security teams operate collaboratively, so teamwork is increasingly emphasized.

You'll thrive if...

  • You’re naturally curious about how systems break—you’ve always wanted to know what happens when you push technology beyond its intended boundaries
  • You enjoy puzzle-solving and detective work—tracing attack paths and finding vulnerabilities feels like solving a mystery
  • You have strong ethical convictions—cybersecurity requires integrity because you’ll have access to sensitive systems and data
  • You thrive under pressure—incident response requires clear thinking when systems are compromised and time is critical
  • You like staying current—the threat landscape changes weekly, and you find it exciting rather than exhausting

Might not be for you if...

  • You prefer creating new things over analyzing and defending existing systems—security work is largely reactive and defensive
  • The idea of adversarial thinking makes you uncomfortable—you need to think like an attacker to defend effectively
  • You want predictable work hours—security incidents don’t wait for business hours, and on-call rotations are common
  • Heavy systems administration and networking detail bores you—understanding infrastructure deeply is fundamental
  • You’re uncomfortable with the reality that perfect security is impossible—the job is about managing risk, not eliminating it
WorkloadHeavy—expect 15–25 hours per week outside lectures on labs, CTF practice, programming assignments, and security analysis projects. Labs are particularly time-intensive, often requiring hands-on work with virtual machines and security tools.
Math IntensityModerate—cryptography requires number theory and algebra, and security analytics involves statistics. Less mathematical than AI or pure CS theory, but more than many students expect.
Creativity vs StructureBoth—security frameworks and compliance are highly structured, but offensive security and incident response require creative thinking to anticipate novel attack vectors and devise unconventional defenses.
Group vs SoloMix—many labs and CTF challenges are individual, but incident response exercises and security assessments are team-based. Industry security teams operate collaboratively, so teamwork is increasingly emphasized.

A Day in the Life

What a typical week actually looks like

A typical week in Year 2 of a cybersecurity programme is intense and hands-on. Monday begins with a network security lecture covering firewall architectures, intrusion detection systems, and how attackers exploit misconfigured network services. After lunch, you’re in a lab running Wireshark to analyze packet captures from a simulated network breach—your job is to trace the attacker’s lateral movement across subnets and identify exactly which credentials were compromised. It’s detective work in digital form, and the satisfaction of piecing together the attack timeline is real.

Tuesday has a cryptography lecture—you’re studying RSA and elliptic curve cryptography, working through the number theory that makes public-key encryption possible. The math is challenging but deeply connected to how the secure web actually works. Wednesday afternoon is your offensive security lab: your team is conducting a sanctioned penetration test on a deliberately vulnerable web application. You find an SQL injection vulnerability, escalate to a reverse shell, and document everything in a professional-format report. The ethical dimensions of this work are discussed seriously—your professor emphasizes that the same skills that protect systems can be misused, and responsible disclosure is a core professional value.

Thursday brings an operating systems security lecture covering access control models, privilege escalation, and how malware persistence mechanisms work on Windows and Linux. In the afternoon, your incident response course simulates a ransomware attack on a fictional company—you have four hours to contain the breach, preserve forensic evidence, and write an executive summary for the “board of directors.” Friday is lighter but still engaging: a guest lecture from a security operations center (SOC) analyst at a major financial institution, followed by time to work on your semester-long security assessment project. Weekends alternate between preparing for next week’s labs and participating in weekend CTF competitions with your university’s team.

High School Preparation

What to study and do before university

Recommended
HL Mathematics: Analysis and ApproachesHL Computer ScienceHL Physics
Helpful
HL EconomicsSL Information Technology in a Global Society (ITGS)

Skills to Develop

  • Set up a home lab with virtual machines—install VirtualBox or VMware and practice running Linux alongside Windows to understand operating systems deeply
  • Learn networking fundamentals—understand TCP/IP, DNS, HTTP, firewalls, and how data moves across the internet (Professor Messer’s free CompTIA Network+ videos are excellent)
  • Try beginner CTF (Capture The Flag) challenges on platforms like PicoCTF, OverTheWire, or TryHackMe to develop hands-on security thinking
  • Learn Python scripting and basic command-line operations in Linux—most security tools and workflows run on the command line

Extracurriculars

  • Participate in CTF competitions—CyberPatriot, PicoCTF, and National Cyber League are designed for students
  • Earn a beginner certification like CompTIA Security+ or Cisco’s Introduction to Cybersecurity—these demonstrate commitment and foundational knowledge
  • Set up a home network lab and document your experiments—configuring firewalls, testing vulnerabilities on your own systems
  • Join online cybersecurity communities (r/netsec, Hack The Box) and practice responsibly
  • Follow cybersecurity news through sources like Krebs on Security, Dark Reading, or The Record—understanding the threat landscape shows genuine interest

How This Compares to Similar Majors

Side-by-side with related fields

Getting In — Admissions Guide

How competitive is this major and how to stand out

Competitiveness: Moderate

Cybersecurity-specific undergraduate programmes are growing rapidly and are moderately competitive. Strong programmes at Purdue, Georgia Tech, and University of Maryland typically require solid mathematics and science results. In the UK, programmes at Royal Holloway and University of Bristol expect AAB–A*AA at A-Level including Mathematics. The field is newer than CS, so dedicated programmes are still expanding capacity.

What Strengthens Your Application

  1. 1Strong mathematics and computer science results demonstrating logical reasoning
  2. 2Hands-on experience—CTF competition participation, home lab experiments, or security-related certifications
  3. 3Programming experience in Python, C, or bash scripting
  4. 4Demonstrated interest in cybersecurity through blogs, write-ups of CTF challenges, or community participation
  5. 5Understanding of networking basics—applicants who can discuss TCP/IP and how the internet works stand out

Common Mistakes to Avoid

  • Romanticizing hacking without demonstrating ethical awareness and responsible disclosure principles
  • Underestimating the mathematics involved—cryptography requires number theory, and security analysis requires statistical thinking
  • Focusing only on offensive security (hacking) without showing interest in defense, governance, or forensics

Interview & Admission Tests

Some programmes ask about your understanding of current security threats or ethical scenarios. Be prepared to discuss a recent security incident and what lessons it teaches.

Related Majors

Interested in studying this in Singapore?

View Singapore university programmes →

Frequently Asked Questions

What do you study in Cybersecurity?

Cybersecurity is the practice of protecting computer systems, networks, and data from digital attacks, unauthorised access, and damage. As organisations across every sector become more dependent on digital infrastructure, the demand for cybersecurity professionals has grown dramatically—far outpacing supply.

What can you do after a Cybersecurity degree?

Typical entry-level roles: Security Analyst, SOC Analyst, Junior Penetration Tester, Cybersecurity Consultant, Incident Response Analyst (starting salary $65,000–$105,000 (US) / £30,000–£48,000 (UK) / A$60,000–$90,000 (AU)). Key industries: Technology, Financial Services, Government & Defense, Healthcare, Critical Infrastructure. Exceptionally strong—the global cybersecurity workforce gap of 4 million positions means virtually guaranteed employability. The US Bureau of Labor Statistics p…

Which high-school courses prepare you for Cybersecurity?

Recommended IB courses: HL Mathematics: Analysis and Approaches, HL Computer Science, HL Physics; Recommended AP courses: AP Computer Science A, AP Calculus AB or BC, AP Physics C: Mechanics; Recommended A-Levels: Mathematics, Computer Science, Further Mathematics or Physics.

Want to prepare for Cybersecurity?

Our education consultants can help you explore your interests, pick the right subjects, and build a strong application.