CIS Department To Add Cybersecurity Concentration To Major In Fall 2026

By David Gil de Rubio

According to U.S. Bureau of Labor statistics, cybersecurity (or Information Security Analysts as defined by the bureau) job opportunities are anticipated to grow by 29 percent between 2024 and 2034. For context, the average growth rate for all occupations during that same time frame is predicted to be 3 percent. The demand for these roles was so high that in 2024, 182,800 cybersecurity positions were filled.

It’s an important enough shift in the job market that the Medgar Evers College Department of Computer Information Systems (CIS) not only took notice of this change, but decided it was important enough to warrant having a cybersecurity concentration folded into their degree beginning in fall 2026. It all dovetails swimmingly with the department’s mission to prepare students to design, build and implement software solutions that are intrinsically baked into the infrastructure of every business, not-for-profit and government agency.

At its heart, cybersecurity is the practice of protecting systems, networks, and data from digital attacks all while ensuring confidentiality, integrity and availability of information by defending against threats like malware, phishing and unauthorized access using technology, processes and people. This reliance on layered defenses, strong policies and user awareness to safeguard personal data, business operations and critical infrastructure has become all the more crucial given how daily life has been getting transformed into an increasingly digital world in recent years. The adding of this concentration was in response to a request from the administration according to Dr. David Ahn, Deputy Chair of the Department.

“The reason why we couldn’t [launch this was because] we didn’t have a faculty member who could deliver it,” Ahn said. “We had five full-time faculty and other industry adjuncts, but no one could actually teach cybersecurity in the way students wanted it taught. Many of those professors retired and we were grateful for their contributions. They opened up the faculty line and we hired someone with cybersecurity experience. We feel that this is the time we can offer cybersecurity now.”

One of the professors brought aboard in fall 2025 is Professor Avinash Jairam, who is using research centered on securing mobile devices through A.I. biometrics to earn his Ph.D. Prior to that, he worked for three-and-a-half years on a government-funded project via U.S. Bureau of Justice Assistance which is an agency within the Department of Justice. This initiative had him and his team performing digital forensics on smart devices, refrigerators and other mechanisms to determine how they can be compromised. The work done by Jairam and his team led to the creation of a nationwide database of what the weak points are of the most common smart devices, how they can be compromised and how law enforcement can go about extracting data from those situations. This database is currently live right now and is only available to U.S. law enforcement agencies, criminal justice agents and their partners. It’s the kind of real-world experience Ahn and Jairam hope to impart to CIS students choosing this cybersecurity concentration, particularly how prevalent and frequent cyberattacks are by hackers in this day and age.

“As a former cybersecurity professional myself and a bank CIO [Chief Information Officer], cybersecurity is an area that requires more than training and instruction,” Ahn said. “Most of the time, cybersecurity experts are former hackers.”

Jairam added, “We are going to let them understand the hacker’s mentality—like that movie Catch Me If You Can. Unless you know how hackers think, a cybersecurity professional will not be able to catch them. Hackers are genius. Many of them don’t have a high school or college degree, but they are going to attack or compromise networks for fun.”

The five program learning outcomes for his cybersecurity concentration are:

1. Integrate core concepts from database, networking, security, programming and web technologies.
2. Demonstrate practical competence with hardware/software installation, configuration and troubleshooting.
3. Describe how technology supports and transforms business operations.
4. Use technical knowledge and analytical skills to solve business and cybersecurity problems.
5. Evaluate effectiveness of different technologies within business and IT environments.
6. Exhibit professional integrity and ethical responsibility (ACM/AITP standards).

Five specialized cybersecurity courses will be integrated with the existing CIS curriculum. There will be two foundational prerequisites in the junior year and four advanced (400-Level) courses to be taken in senior year. They are:

• Computer Networks (CIS 323) – Previously named Network Operating Systems, this prerequisite focuses on OSI/TCP-IP models, IP addressing, subnetting, VLANSs, routing, switching and wireless configuration. The course will reflect current industry standards while replacing outdated references like Novell NetWare and Lotus Notes. Tools will be Cisco Packet Tracer, Wireshark, pfSense and Nmap.
• Cybersecurity (CIS 331) – Previously named Information Security, this prerequisite focuses on CIA triad, encryption, authentication, risk assessment, access control and ethical foundations. Hands-on labs are access control implementation, encryption/decryption exercises and vulnerability assessment and reporting.
• Network Security (CIS 4XX) – Computer Networks (CIS 323) is the prerequisite for this course. The focus is defensive security—protecting organizational networks. Key topics are firewalls, IDS/IPS, VPNs, network hardening and incident response. Labs will be vulnerability scanning, firewall configuration, intrusion detection, wireless security and incident response simulation. Tools are Wireshark, pfSense, Snort/Suricata and Security Onion.
• Ethical Hacking & Penetration Testing (CIS 4XX) – Cybersecurity (CIS 331) is the prerequisite for this course. The focus is offensive security—think like an attacker to defend better. Key topics are reconnaissance, vulnerability scanning, exploitation, privilege escalation and professional reporting. Labs will be OSINT reconnaissance, network enumeration, controlled exploitation, web app testing and pen test reports. Tools are Kali Linux, Metasploit, Burp Suite, Nmap and OWASP ZAP.
• Digital Forensics & Information Assurance (CIS 4XX) – Cybersecurity (CIS 331) is the prerequisite for this course. The focus is investigation and evidence handling for cyber incidents. Key topics are evidence collection, forensic imaging, file system analysis, metadata recovery, legal procedures and chain of custody. Labs will be evidence collection, forensic imaging, file/metadata analysis, recovering deleted files and log analysis. Tools are Autopsy, FTK Imager, Wireshark and VirtualBox.
• Cloud Security & Applications (CIS 4XX) – Computer Networks (CIS 323) is the prerequisite for this course. The focus is securing modern cloud infrastructure. Key topics are IaaS/PaaS/SaaS security, shared responsibility model, IAM, encryption and cloud incident response. Labs will be cloud service models exploration, IAM configuration, cloud encryption, monitoring and logging and incident response simulation. Platforms are AWS, Azure and Google Cloud.

A key to the success of the cybersecurity concentration is that it is rooted in a hands-learning approach driven by each course including five structured labs (which make up 50 percent of the grade for each class). Students will work with real tools used in the industry, simulated environments will be utilized for safe practice and professional documentation and reporting will be required. Along the way, CIS majors will be building a portfolio for job applications. The concentration will provide curriculum maps to NICE Framework (NIST) and prepare students for certifications in CompTIA PenTest+, EC-Council Certified Ethical Hacker (CEH), EC-Council Certified Network Defender (CND) and CompTIA Security+. Two internship coordinators will also be overseeing internship opportunities (CIS 401) for real-world experience.

With a CIS degree that includes a cybersecurity concentration, graduates an expect to earn median annual starting salaries of $85,000 in the New York City metro area with entry-level positions including security analyst, SOC analyst, Network Security Administrator, Junior Penetration Tester, Digital Forensics Analyst and Cloud Security Engineer. One potential career path for graduates that Jairam is especially keen on is with city government.

“New York City Cyber Command is a cybersecurity division within the Office of Technology and Innovation, which itself is a cabinet-level city agency” Jairam explained. “Their job is to monitor and protect the cyber-structure of New York. They have a program where they recruit students and we plan on partnering with them. Roles in this field include Security Operations Center (SOC) analysts and cyber-threat analysts. These are professionals who review network logs, identify suspicious patterns, investigate potential anomalies, and open tickets for further analysis. Such are high-demand positions that our students will be well-prepared to pursue upon completing the concentration.”