Cybersecurity Postgraduate Programme

Cybersecurity has broad coverage in terms of subject matter and application domains. To provide adequate protection it is necessary to know what you are protecting and the impacts (risks) of data breaches and other undesirable outcomes.


Protection in computing systems relies heavily on the use of cypher codes that ensure confidentiality and secrecy of protected information. This is referred to as encryption, which in computer systems employs advanced mathematical techniques to make decryption very difficult (ideally impossible). Encryption tools can be software or hardware derived and when used together with other blocking and securing methods on a computer system, they can provide a suite of tools to minimize the possibility of unauthorized computer access or denial. For these tools to be effective it is necessary for the users, operators and managers to follow robust security policies and procedures. Furthermore, the degree of security measures that need be applied is highly application dependent. Therefore, effective cybersecurity protections requires tools and techniques that cross the technical disciplines of computer networks, operating systems, electronic engineering, and mathematics together with the human related disciplines of management, training, privacy protection, standardization, system assurance policies and procedures. Not all cybersecurity personnel need be expert in all these topics but they benefit from a broad understanding of Information Assurance and a comprehensive understanding of the technological limitations and application of cybersecurity tools.

The most appropriate level to comprehend these topics is at the postgraduate Programme level. The proposed courses will lead to a well-regarded Postgraduate diploma in Cybersecurity. The term cybersecurity is well understood by industry and the wider community. This degree will lead directly to many information security jobs or be a supplement to other computing positions, to include: Chief Information Officer (CIO); Cybersecurity Consultant; Operations and Security Manager; Incident and Threat Manager; Systems Architect; Computer Forensic Analyst, and; Security Risk Assessor.

Consult the  USP Handbook for the latest list of degrees. 

Postgraduate Diploma in Cybersecurity

CS401 – Cybersecurity Principles
CS402 – Cybercrime
CS403 – Cyber Defense: Governance and Risk Management
CS404 – Network Security Principles

CS401: Cybersecurity Principles

The course would provide basic knowledge on the various Information assurance practices and techniques. An overview of the various cybersecurity threats in the modern era and the defensive controls required to mitigate those threats are also covered in the course. An introduction to the risk management strategies are also discussed in this course. The course provides the foundations for cybersecurity to managers, executives and other professional level decision makers with technical or non-technical background. Necessary foundations to understand the threats of cybersecurity for government organizations, commercial or non-profit organizations would be provided.

Learning outcome: Student should be able to apply the information assurance principles and the foundations of cybersecurity to cyberattacks.

CS402: Cybercrime

Prerequisite CS401

This course provides an overview of the various risks, threats and vulnerabilities prevalent in organizations. The various measures to overcome those risks and threats to prevent cybercrimes are also covered in the course. Various security issues and concepts like web security, authentication and encryption are covered in detail. An understanding of the various tools and strategies to secure the network are also covered. Students will also be introduced to incident analysis and response with scenarios and case studies.

Learning Outcome: Student should be able to interpret the issues related to cybercrime and web security domain.

CS403: Cyber Defence: Governance and Risk Management

Prerequisite CS401

The course aims to provide operational aspects of Cybercrime with particular focus on the implementation of the governance policies. Analyzing the key information systems, their choice for organization and how security can be assured the management systems will also be covered. The information systems strategies and their scope and purpose in governance for them are covered in detail. The course also focuses on the various risks related to the information systems, managing the risk of cyberattacks and how various risk management policies relevant to the organizations can be applied with emphasis on e-commerce and e-health.

Learning Outcome: Student will be able to recognize risk management issues of the ICT systems. Student should be able to compare the various legal and ethical issued surrounding cybersecurity in the national and international level.

CS404: Network Security Operations

Prerequisite CS401

This course provides students with a detailed understanding of the various risks that needs to be addressed in a networked environment. A detailed analysis of various defence mechanisms against threats is part of this course. Various policies that are in practice to mitigate threats and their effectiveness are covered in the course. The course will have both theoretical knowledge and practical hands-on experience on various threats and ways to mitigate them in a network.

Learning outcome: Student should be able to apply the knowledge of cybersecurity to attacks in real world problems.

Can you provide some background of the Cybersecurity Programme?
Cybersecurity breaches are a growing concern. They can have major financial and safety impacts on today’s connected society. Nobody is immune, either from data breaches or denial of service attacks. This can result in serious negative impacts for our industry and government bodies. Organisations are now spending significant time and money to protect their computer systems and hence their reputations. Quality education that supports practical cybersecurity knowledge is now essential and represents a valuable long-term investment. The growing number of new online business services across the South Pacific will need the support and trust of an Internet that is both dependable and safe.

How many courses are there in this programme?
The first course covers Cybersecurity Principles (CS401) and sets the foundation for the Cybercrime (CS402), Cyber-Defence, Governance and Risk Management (CS403) and Network Security (CS404) courses that follow.

Who should do this Postgraduate Diploma?
USP’s new Postgraduate Diploma programme in Cybersecurity, consists of four courses that will provide ICT managers and practitioners the skills they need to protect their ICT infrastructure and investments. Entry requirements is an IT degree or equivalent.

When will this programme start?
The programme will commencing in July 2017 (Semester II) with the first cohort able to complete in June 2018.

How can I find out more?
Please contact Professor Peter Croll, Head of School of Computing, Information and Mathematical Sciences.

How do I register my interest?
Send an email to Priyashana Kumar stating your Name, Phone number and Qualifications.

Is there a need for Cybersecurity in Fiji and the South Pacific region?
All nations now need effective cybersecurity protections. Recent attacks like the ransomware malware ‘WannaCry’ demonstrated that all nations are vulnerable and attacks are not necessarily targeted. Good security management of ICT systems significantly reduces the risks from such attacks. Details are sketchy in the Pacific Islands as there currently is no CERT (Computer Emergency Response Team) to record and act on cyber-attacks. Hence, we may only know what is reported in the media which may not be as reliable when companies do not wish to publicly reveal their weaknesses. This programme will supply the necessary expertise to support effective cybersecurity responses. The need for this and other necessary cyber-protections was highlighted in the 2016 CROP ICT working group.

Can regional students outside of Fiji do this programme?
The programme is offered in ‘Blended’ mode at USP’s Laucala campus in Suva, Fiji. That means the course may be available at some of our selected regional campuses subject to demand. ‘Online’ mode will not initially be available but we will work towards this in the future. Also, short-course summer and winter offerings will be available, based on demand.

What benefits that this programme bring?
On successful completion of the course students will be able to apply information assurance principles to cyberattacks, understand the critical risks relating to cybercrime, developing pragmatic cyber-defence solutions and govern today’s ICT systems by putting appropriate cybersecurity protections in place. This is critical in today’s connected world.

Who is supporting this new programme?
Many of our current ICT students have made enquiries regarding the programme. The school’s industry advisory group has given strong positive support to this programme and made several pragmatic recommendations that we have adopted.

Anything else I should know?
This exciting and highly beneficial new qualification is being developed and delivered by cybersecurity expert Professor Peter Croll, an Australian Certified Professional. These new courses will be run from USP’s Laucala campus and will include use of our dedicated Cybersecurity Laboratory in the well-resourced Japan-Pacific ICT Centre.

USP Chat Service
Lets start: