Skip to main navigationSkip to main content
The University of Southampton
Southampton Business SchoolPostgraduate study

MSc Cyber Security Risk Management - Not recruiting for 2019 and 2020

The only UK masters degree in the field of cyber risk to combine aspects of business and information technology, MSc Cyber Security Risk Management will equip you with a blend of skills that are in demand in the sector.

Introducing your degree

Unlike other UK cyber security masters degrees, which have a computer science focus, this unique programme combines modules from a range of disciplines. It is therefore ideally placed to meet the demand for professionals with the necessary management skills, as well as the technical knowledge, to effectively manage cyber security risks. You’ll be taught by experts in risk management, cyber security and computer science.

In addition, you’ll benefit from the co-location of several specialist research centres at Southampton. These include the University’s Academic Centre of Excellence for Cyber Security Research, which was set up to advance the UK government’s cyber security agenda, and the highly regarded Centre for Risk Research. You’ll graduate with an accredited degree, enabling you to apply for credits towards professional risk or insurance qualifications.

Cyber security is a global concern for companies and governments, but there is a recognised shortage of cyber security practitioners with the breadth of skills required to understand and manage the risk of cyber attacks. MSc Cyber Security Risk Management, the only UK cyber security programme to be offered within a business school rather than a computer science department, is designed to fill this gap. 

Rather than focusing purely on the technical aspects of cyber security, MSc Cyber Security Risk Management offers a unique combination of modules encompassing business risk management, computer science and cyber security. You’ll gain a grounding in the essential technical aspects of the subject, but you’ll also develop the managerial and analytical skills needed to identify risks, communicate them within an organisation and put effective cyber risk management approaches into practice.

Southampton’s expertise in cyber risk research has been recognised with the award of an Academic Centre of Excellence for Cyber Security Research, funded by GCHQ and the Economic and Social Research Council as part of the UK government’s national cyber security strategy. Our academics are active partners in the Centre’s work and bring their research insights to the course. You’ll also benefit from expertise within the Business School’s Centre for Risk Research, the only specialist centre of its type in a Russell Group university. 

We welcome applicants from a range of academic backgrounds. Many of our students bring some professional experience to their studies, while some join us straight from their undergraduate studies.

View the programme specification document


Chartered Insurance Institute (CII)

The Association to Advance Collegiate Schools of Business

Programme Structure

This is a full-time, one-year course. For the first nine months you’ll study compulsory and optional modules, drawn from the Business School, Social Sciences and Electronics and Computer Science. You’ll spend the final three months of the course on your dissertation. 

In the first semester, you’ll cover the principles of risk management, explore corporate risk and security management, and gain a foundation in real-world cyber risk issues. In the second semester you’ll explore cyber crime in more depth, looking at topics such as hacking, ‘dark markets’ and policing the Web. You’ll also gain a greater understanding of the behavioural aspects of risk taking and decision making, and study research methods in preparation for your dissertation.

In both semesters you’ll have the opportunity to select from a range of optional modules, so you can focus on your strengths and interests. The options include:

  • computer science modules on topics such as secure systems and the implementation of cyber security practices
  • statistical and quantitative modules, such as Multivariate Statistics for Data Mining
  • modules that offer a more in-depth insight into business and management topics, such as project risk management, business ethics and insurance

You can tailor the course further by choosing a dissertation topic in an area that will further your interests and career aspirations. Because of our close links with the Academic Centre for Excellence in Cyber Security Research, it may be possible to contribute to a real-world GCHQ cyber security project through your dissertation.

Expert teaching

Our academics are active researchers, many of whom are working on current cyber security and risk issues with industry and government partners, such as EY and GCHQ. They incorporate the latest thinking into their teaching and use real examples to illustrate theories and concepts.

  • Programme leader Dr Tiejun Ma, who designed the programme, works closely with colleagues in Electronics and Computer Science on a range of projects including research into aspects of cyber resilience and cyber risk analysis.
  • Professor Johnnie Johnson, a world-renowned expert in the field of decision making in uncertain environments, teaches the popular Risk Taking and Decision Making module.
  • The optional Project Risk Management module is taught by Professor Chris Chapman. He is a highly influential researcher in the field of risk, and co-author of the leading text How to Manage Project Opportunity and Risk.

As well as benefiting from the expertise of our academics, on some modules you’ll be taught by external risk practitioners, including an experienced risk management consultant and the chief risk officer of a major insurance firm.

Industry links 

Our industry connections help to ensure you are up to date with the latest sector issues. We attract guest speakers from global companies such as J.P. Morgan, Zurich Insurance and Goldman Sachs, as well as from the main risk and insurance professional bodies. In addition, through the IBM Academic Initiative, we regularly host guest lectures by IBM senior managers and facilitate IBM graduate opportunities for our students.

Our academics are actively involved in the work of the internationally renowned Centre for Risk Research, which has a wide range of collaborations with partners in the finance industry. It has been awarded a number of major funding grants to explore risk taking and decision making in fast-changing financial markets, such as a project with London Capital Group Holdings plc on real-time modelling of financial decisions. Collaborations like this one can provide excellent opportunities for postgraduate projects.

Key Facts

The only UK cyber security masters degree with a multidisciplinary approach rather than a purely technical focus.

Gain a foundation in technical skills and develop your management capabilities through a unique combination of business, computer science and criminology modules.

Taught by leading academics in risk management and cyber security, and informed by the activities of Southampton’s prestigious Academic Centre for Excellence in Cyber Security.

Additional learning opportunities include industry seminars and the possibility of participation in real-world research projects, internships or placements.

Accredited by the Institute of Risk Management and the Chartered Insurance Institute, enabling you to apply for credits towards professional qualifications. 

Graduates have gone on to work for PwC, Accenture, Marsh and Goldman Sachs.

Programme Leader

Typical entry requirements

Bachelors degree

2:1 classification UK bachelors degree or equivalent

Find out about equivalent entry requirements and qualifications for your country.

Acceptable subjects: A wide range of subjects accepted in Business, Economics, Science, Engineering, IT, Management and Marketing, Communication, Education, Political Science, and Sociology

Required module areas: No specific entry requirement


Excluded subjects: English translation, Art/Performing Art, Vocational Studies

Work experience in a related field can compensate for degree subject/grades.

Selection process

The University’s Admissions Policy, available at, applies equally to all programmes of study. These are the typical entry criteria to be used for selecting candidates for admission. The University’s approved equivalencies for the requirements listed will also be acceptable. The entry criteria for our programmes are reviewed annually by the Faculty. Those stated were correct as of July 2015. Applicants should refer to their specific offer conditions on their offer letter.

International applicants

If English is not your first language, you will need to demonstrate that you have reached a satisfactory standard in an approved English language test.

The following scores are accepted for direct entry:

  • IELTS 6.5 overall with 6.5 in reading and writing, 6.0 in listening and speaking

All tests must be no more than two years old at the time of enrolment.

For more information visit a list of equivalent English language tests that are also accepted.

If you do not quite meet our English language requirements for direct entry, you may be eligible to apply for one of our pre-sessional English language courses. Please visit the Centre for Language Studies website for further information.

Visit our International Office website or the NARIC website for further information on qualifications.

Recognition of prior learning (RPL)

If you have professional experience, or credit through prior learning at another institution, you may be eligible to use this experience against some of the programme requirements for period of study. You will need to present evidence that you have met the learning outcomes of the programme. Read the University’s Recognition of Prior Learning Policy.

This page contains specific entry requirements for this course. Find out about equivalent entry requirements and qualifications for your country.

Typical course content

Students must choose ONE Option module totalling 15 CATS/7.5 ECTS in Semester 1.

Year 1

Semester One
Credits are based on the Credit Accumulation and Transfer Scheme (CATS).

COMP6224 Foundations of Cyber Security (ECS)

Credits are based on the Credit Accumulation and Transfer Scheme (CATS).
Credits are based on the Credit Accumulation and Transfer Scheme (CATS).
Credits are based on the Credit Accumulation and Transfer Scheme (CATS).
Credits are based on the Credit Accumulation and Transfer Scheme (CATS).
Credits are based on the Credit Accumulation and Transfer Scheme (CATS).
Credits are based on the Credit Accumulation and Transfer Scheme (CATS).
Credits are based on the Credit Accumulation and Transfer Scheme (CATS).
Credits are based on the Credit Accumulation and Transfer Scheme (CATS).
Semester Two
Credits are based on the Credit Accumulation and Transfer Scheme (CATS).
Credits are based on the Credit Accumulation and Transfer Scheme (CATS).

CRIM6008 Cyber Crime, Insecurity and the Dark Web

Core [?]
A core module is a module which must be taken and passed.
Credits are based on the Credit Accumulation and Transfer Scheme (CATS).

COMP3217 Secure Systems (ECS)

Credits are based on the Credit Accumulation and Transfer Scheme (CATS).
Credits are based on the Credit Accumulation and Transfer Scheme (CATS).
Credits are based on the Credit Accumulation and Transfer Scheme (CATS).

Please note: This specification provides a concise summary of the main features of the programme and the learning outcomes that a typical student might reasonably be expected to achieve and demonstrate if s/he takes full advantage of the learning opportunities that are provided. More detailed information can be found in the programme handbook (or other appropriate guide or website).

Tuition fees

List of tuition fees for this course and it's variations
Course TitleAwardYear of entryMode of studyUK/EUInternational
Cyber-Security Risk ManagementMSc 2020Full-time£11,950£20,728
View the full list of course fees


Scholarships, bursaries, sponsorships or grants may be available to support you through your course. Funding opportunities available to you are linked to your subject area and/or your country of origin. These can be from the University of Southampton or other sources.

Explore funding opportunities

Costs associated with this course

Students are responsible for meeting the cost of essential textbooks, and of producing such essays, assignments, laboratory reports and dissertations as are required to fulfil the academic requirements for each programme of study.

There will also be further costs for the following, not purchasable from the University:

StationeryYou will be expected to provide your own day-to-day stationery items (eg pens, pencils, notebooks, etc). Any specialist stationery items will be specified under the Additional Costs tab of the relevant module profile.
BooksWhere a module specifies core texts these should generally be available on the reserve list in the library. However, due to demand, students may prefer to buy their own copies. These can be purchased from any source. Some modules suggest reading texts as optional background reading. The library may hold copies of such texts, or alternatively you may wish to purchase your own copies. Although not essential reading, you may benefit from the additional reading materials for the module.
Printing and copyingIn most cases, written coursework such as essays, projects and dissertations are submitted online and by hard copy. The costs of printing a hard copy for submission of such coursework will be the responsibility of the student. The cost of photocopying will also be the responsibility of the student. For more information about University printing costs, visit
TravelSome modules may include optional visits. You will normally be expected to cover the cost of travel and admission, unless otherwise specified in the module profile.
OtherCandidates may use calculators in the examination room only as specified by the University and as permitted by the rubric of individual examination papers. The University approved models are Casio FX-570 and Casio FX-85GT Plus. These may be purchased from any source and no longer need to carry the University logo.

In some cases you'll be able to choose modules (which may have different costs associated with that module) which will change the overall cost of a programme to you. Please also ensure you read the section on additional costs in the University’s Fees, Charges and Expenses Regulations in the University Calendar available at

You’ll learn through a mix of lectures, seminars, private study and independent research. Some modules include lectures from industry speakers. Activities such as the analysis of key risk publications, group presentations and simulations will help you to apply you learning. They will also enhance your team working, communication and critical thinking skills. In addition, academics use examples from their own research to demonstrate the practical application of theories and concepts. 

Some of the quantitative and technical modules involve computer lab sessions, in which students can analyse data or try hacking into and defending systems in a lab environment. You’ll have access to Bloomberg terminals and a wide range of databases for quantitative analysis, as well as computer facilities in the Business School and within Electronics and Computer Science. 

Assessment methods will depend on your module choice, but will include exams, coursework and your dissertation. 

Student support

This course has a relatively small intake so the programme leader is able to get to know all the students and keep track of their progress. Your personal academic tutor can provide advice on course-related matters, and the University offers a range of learning and support services should you need them.

Study locations

Share this course Share this on Facebook Share this on Twitter Share this on Weibo
Privacy Settings