MS Program

The Tufts University Cybersecurity and Public Policy MS is an innovative on-campus master’s degree being jointly offered by The Fletcher School and the Department of Computer Science in the Tufts School of Engineering. This program integrates tech and policy, focuses on international issues and responses, and includes a wide range of in-depth policy focus areas for cyber, ranging from intelligence to digital approaches to development to role of force. 

View the program brochure.

Both. Developing effective cybersecurity is increasingly understood to require not just technical solutions, but also policy, economics, and political controls and levers. Our program and faculty embrace an interdisciplinary approach, teaching and producing research through a variety of lenses across departments and schools. Therefore, students in the Cybersecurity and Public Policy master’s program will have many avenues to become cybersecurity policy experts, across both disciplines.

We pride ourselves on two differentiators – our focus is international and we integrate tech and policy in our curriculum.

The Master’s in Cybersecurity and Public Policy is best suited for students with a primary interest in cybersecurity policy and a background in either policy or technology. Alternatively, the Technology and International Affairs field of study at the Fletcher School allows students to focus on how technology and communication affect global affairs.

Graduates will gain a variety of skills. Depending on focus, they will be able to help organizations analyze policies for reducing risk and improving security, identify and manage cyber risk, determine the privacy threats from proposed technology, recover from cyber-attacks — and much more. Potential positions for graduates of the program include policy advocate for a civil society organization; a staffer in agencies and legislative bodies concerned with privacy or cybersecurity policy; a threat detection analyst in the private sector; a policy analyst at a think tank; or a policy officer in global private industry.

Students will also complete the Professional Development Program.

Taking PDP is a requirement for using the Fletcher Office of Career Services, which students have access to not only during their time at Tufts but afterwards; OCS often has postings and other valuable information for more senior positions. The first two OCS classes are taken via video module before students arrive.

Beginning in Fall 2023, Students will fulfill a minimum of 10 courses and 30 credits over the course of 16-24 months, divided between computer science and policy studies. The following courses are required:

• CS 201 / DHP D291: Cyber for Future Policymakers (Every fall, 3 credit hours | This course is recommended for students with a computer science background, though it may be possible to take a different advanced course)
• CS 202 / DHP D292: How Systems Work (Every fall, 3 credit hours | It is anticipated that students with a computer science background will substitute a more advanced computer science course instead)
• CS 203 / DHP D293: How Systems Fail (Every spring, 3 credit hours – link is to policy section)
• CS 183 / DHP P237: Privacy in the Digital Age (Every spring, 3 credit hours)
• DHP P249: International Cyber Conflict: An Introduction to Power and Conflict in Cyberspace (Every spring, 3 credit hours)
• DHP P236 / CS 182 Cyber in the Civilian Sector OR CS 184 / ILO L235: Cyberlaw and Cyberpolicy (Every fall, 3 credit hours)

Please view the Curriculum and Requirements section above for a full list of electives. Students completing a Tufts BA/CSPP or BS/CSPP degree can “double-count” a maximum of 6 SHUs.

Note: As of Fall 2023, Cyber for Future Policymakers, How Systems Work, and How Systems Fail will change to three credits from four credits.

The normal load is between 9-12 SHUs per term. Any more requires the permission of the CSPP program director.

Yes. As the intention of the program is to integrate policy and technology into the learning experience, students, including part-time students, will be expected to take How Systems Work and How Systems Fail early. For full-time students, this translates to taking How Systems Work and Cyber for Future Policymakers in their first or second term in the program, and How Systems Fail in the second or third term. Note that How Systems Work and Cyber for Future Policymakers are taught each fall, How Systems Fail, each spring.

Yes. The degree must be completed within four years of enrollment because the area is quite topical.

Part-time students have many choices; however part-time students should plan on taking How Systems Work and How Systems Fail, and Cyber for Future Policymakers by their second, third, and fourth terms respectively.

Students in the MS in Cybersecurity and Policy Program are eligible to cross-register at the Harvard University graduate schools for one full-credit course.  Please see myFletcher for details on cross registration information (access to myFletcher is limited to CSPP and Fletcher students).

Tuition for the M.S. in Cybersecurity and Public Policy program is charged per credit hour for all students enrolled in the program, at the standard School of Engineering graduate credit hour rate. View graduate credit hour tuition rates.

Yes. Two graduate-level credits (100-level or higher) Computer Science courses can cross-count toward the master’s degree so long as they fill the Cybersecurity and Public Policy requirements. Students doing a Tufts BA/CSPP or BS/CSPP degree can “double-count” a maximum of 6 SHUs. The joint degree in Cybersecurity and Public Policy requires full-time enrollment and at least two semesters of residency during the MS program.

Learn more about the joint BS/MS degree program.

Students who are doing a BA or BS degree at Tufts may cross-count two graduate-level (100-level or higher) Computer Science courses, one Fletcher and one graduate-level Computer Science course, or two Fletcher courses toward the master’s degree, as long as the courses fulfill the Cybersecurity and Public Policy requirements. Students will still have to fulfill the Tufts BA or BS residency requirement as well as other requirements for the CSPP degree; these include three computer science and three Fletcher courses (four Fletcher courses if the student is not taking the Fletcher versions of Cyber for Future Policymakers, How Systems Work, and How Systems Fail).

Learn more about the joint BA or BS/MS degree program.

All students enrolled in the CSPP degree must take a minimum of three Fletcher courses to complete their degree (they must also take a minimum of three computer science courses as well). If you’re skipping one of the required courses for the degree because you already know the material or have taken the course, you would work out the courses you’re taking with your advisor to ensure you have a balanced program.

No, we do not "cross-count" courses between degrees.

You would first need permission to skip those courses. If you are granted that permission, you would need to take three advanced computer science courses from the list provided as well as four Fletcher courses—one more than the norm—as Cyber for Future Policymakers, How Systems Work, and How Systems Fail have a policy component in addition to the technical aspect. If you’re skipping one of the required courses for the degree because you already know the material or have taken the course, you would work out the courses you’re taking with your advisor to ensure you have a balanced program.

For other questions about enrollment or coursework, please contact Josh Anderson, Program Administrator.

The answer depends on whether you intend to audit a Computer Science course or a Fletcher course, as each has its own policies.

• Computer Science: Informal audits (just sitting in on the class) can be arranged directly between the instructor and student, so long as the instructor agrees. There is also a way to audit that allows it to show up on a student's transcript. This is through the EXP-106: Auditing for Breadth course. The audit is pass/fail and counts for one credit on a student's transcript. They won't register for the course they audit, but after the paperwork is completed they will be granted permission to register for EXP 106. This option still needs the instructor's approval, and students can only audit via this course up to three times.
• Fletcher: Full-time (enrolled in 12.0 credits) residential students may, with the permission of the instructor, register to audit one Fletcher course per semester. This is in addition to the normal full course load. Upon satisfaction of requirements specified by the instructor, the audit will be recorded on the student’s transcript as a Certified Audit “CA”. In all other cases, including language courses for audit taken at Tufts, courses will be graded with Audit “AU” in SIS and do not appear on the student’s Fletcher transcript. Audits may not satisfy degree require­ments. There is no additional tuition charge for auditing a class. Audit registration forms will not be accepted after the audit registration deadline indicated in the Academic Calendar. Certified Audit “CA” grading basis is not available for independent study courses. You must complete a registration form with the instructor's signature to audit. Eligible course numbers begin with DHP, EIB, and ILO. Here is the full text of the policy.

Students with an interest in cybersecurity policy and a background in either policy—which could mean political science, international relations, law, economics, etc.—or technology are encouraged to apply.

Prospective students should submit an application online using the Graduate Admissions application portal. Completed applications include:

• Application Fee
• Resume/CV
• Personal Statement
• Official TOEFL, IELTS, or Duolingo if applicable
• Transcripts
• Three letters of recommendation

Prospective students should have a solid background in computer science (major, strong minor, or the equivalent) or an undergraduate or advanced degree in economics, international relations, law, political science, or a related field.

Prior to enrolling, you must successfully complete an introductory course in computer science including programming in any language, roughly the equivalent of Tufts courses COMP 10 or 11.  The introductory programming course can include programming in C++, Python, or Java, but should not be Javascript based. The course needs to teach not only programming (in any language), but also introduce algorithmic thinking and data structures. Examples of good introductory courses in computer programming include:

• CS 10 or CS 11 at Tufts University (those who have never studied programming should take CS 10)
• Compsci 101 Introduction to Computer Science at Duke University:
• CS50 at Harvard University Extension School (through EdX)
• CS 1301 Intro to Computing at Georgia Tech University
• CS 101 Introduction to Computing Principles at Stanford University
• CSE 142 Computer Programming I at the University of Washington

Students can apply to the MS in Cybersecurity and Public Policy and to another program at the same time, as long as that second program is not administered by the Department of Computer Science. Please note that it is not possible to pursue a dual MS in Cybersecurity and Public Policy with any degree program at The Fletcher School. Students will pay the required application fee for each program applied to.

There is currently no funding available for new domestic or international students enrolling in this program. Current Tufts undergraduate students and undergraduate students who attend select bridge institutions may quality for special funding opportunities – see full details for current Tufts students.

For information about graduate student loans and how to apply for financial aid and services, visit the Tufts Financial Aid site, email studentservices@tufts.edu, or call 617-627-2000.

Yes! You can take policy courses in the spring term (International Cyber Conflict and Privacy in the Digital Age, both required for the degree, are offered in the spring, as are a number of policy electives). Then you must take a programming course before enrolling in courses in the fall; this can be in your initial spring term or in the summer. Note that the programming course does not count towards the degree.

The Tufts University Office of Graduate Admissions can assist with questions regarding your application and admissions (gradadmissions@tufts.edu, 617-627-3395). For questions about the MS program in Cybersecurity and Public Policy, please contact program administrator Josh Anderson at joshua.anderson@tufts.edu.