Graduate certificate in cybersecurity law and policy

Although cybersecurity issues are often thought of as primarily technical, law and policy are emerging as critically important skills in this arena. Indiana University Bloomington is uniquely placed to meet this need, with more than 15 years of experience teaching and research about cybersecurity issues. Recognized by the federal government as a National Center of Excellence in Cybersecurity Education and Research, IU's cybersecurity efforts are distinguished by a uniquely interdisciplinary approach to cybersecurity and the integral involvement of law and business in them.

Indiana University Bloomington is uniquely placed to address these problems, with more than 15 years of experience in teaching and researching about cybersecurity. Recognized by the federal government as a National Center of Excellence in Cybersecurity Education and Research, IU's cybersecurity program is distinguished by its interdisciplinary approach to cybersecurity and their integration with law and business.

The Maurer School of Law will award a graduate certificate to students who complete at least 12 credit hours in courses specified below while maintaining a minimum grade point average of 3.0. The certificate can be earned on campus in Bloomington or online from anywhere in the world. All credits earned as a certificate student can be applied toward the 30 credits required for a Master's of Science in Cybersecurity Risk Management.

Courses required for certificate

Required courses

All students must take one of the following two core courses (and may take both):

Students without a technology background must take:

Elective courses

Students must select from among the following courses to satisfy the balance of the 12 credit hours required for the certificate:

Center affiliation

JD students seeking to earn a certificate in Cybersecurity Law are required to become affiliated in their choice of cybersecurity centers on campus. These include the long-established Center for Applied Cybersecurity Research and the new Ostrom Workshop Program on Cybersecurity and Internet Governance.

How to apply

Prospective cybersecurity law students must apply using Indiana University's online graduate and professional admissions application. Applicants to a certificate program should select "Law Special Programs" as the academic program to which they are applying and then select the desired plan option. Please attach your personal statement and résumé to IU's online admissions application. Applicants should also identify at least one person as a reference (please note: an online reference form is emailed to the person(s) listed only after an application is submitted). Standardized test scores (e.g., LSAT) are not required.

The application deadline is July 1. For more information, or to apply, contact:

Learning outcomes

All students will be expected to demonstrate:

  • Familiarity with U.S. federal and state laws and regulations and major judicial opinions concerning cybersecurity;
  • Familiarity with major U.S. federal and state regulators with responsibility for cybersecurity, their regulatory powers and jurisdiction, and other tools available to them;
  • Familiarity with major models of cybersecurity law in other parts of the world, and specifically their likely impact on U.S. institutions;
  • Familiarity with sources of information about cybersecurity issues, technologies, threats, and law, and the ability to assess their relevance, accuracy, and reliability;
  • The ability to assess cybersecurity laws, regulations, and judicial decisions in terms of their likely effectiveness, their impact on institutions and individuals, their efficiency, their cost-effectiveness, and other legal or policy issues they might raise;
  • The ability to assess new technologies, applications, products, and services in terms of the cybersecurity issues they may present and their lawfulness under existing law; and
  • An understanding of the broader context in which cybersecurity issues occur and other values that are likely to be implicated by efforts to address cybersecurity challenges, including information privacy, freedom of expression and association, and efficient commerce.

In addition, students lacking familiarity with U.S. law will be expected to demonstrate:

  • A general understanding of the basic structure of U.S. law; and
  • A general understanding of the basic structure of the U.S. legal system.

In addition, students lacking familiarity with information technologies will be expected to demonstrate:

  • A general understanding of computers, networks, and mobile devices, and how they interconnect;
  • A basic understanding of “big data” analytics and algorithms; and
  • A basic understanding of authentication tools.