General information


​After completing the studies, the student will have gained a general overview of cyber security and he (she) will know the essential technologies related to cyber security. The student will know the legislation and regulations of cyber security and he (she) will able to audit a cyber security system. The student will know the technical methods of security testing and he (she) can implement his knowledge for real-life test cases. The student will know the methods used in implement cyber security and he (she) will able to apply his (her) knowledge to information systems.

Degree level

Master’s degree

Starting group code


Degree-related qualifications

​The requirements for eligibility are a bachelor's level degree in Information Technology or an equivalent degree, and at least three years of relevant work experience within the field of the degree after having achieved the bachelor's degree. Student selection is based on a personal interview, the grade of his (her) bachelor's thesis, and the work experience. English language skills are assessed in the interview on a pass or fail basis.


Targeted competence

The students have an understanding of legislation in cyber security, standardisation and the function of authorities. They are familiar with the most important theories, protocols and applications in information security. They can design and implement technical, organisational and software solutions concerning maintenance and development of cyber security as it is needed by companies.

Degree profile

​The degree programme focuses on cyber security. Cyber Security can briefly be defined as data network security. The term in general refers to security objectives to protect networks and services from attacks over networks. Cyber security is a central ICT strategy of the Finnish Government (Finnish Government, Cyber Strategy, June 2011). In the strategy the government emphasises the reliability of functional security of networks for a modern information society. The aim of the strategy is to highlight Finland worldwide as one of the leading countries in the development of cyber security. This goal also requires in education and training significant investments in cyber security. The Master's Degree Programme in Cyber Security meets the challenges of cyber security in business and public sector by focusing on the further training of professionals with a Bachelor’s Degree in ICT.

Structure of studies in Peppi

Individual courses


The Prior Learning Recognition Procedures are described in the Degree Regulations and the Study Guide.

Degree programme application and selection

Information about applying for degree programmes and student selection

Structure and completion of studies

​Studies include advanced vocational studies, elective studies, as well as the master’s thesis or a working life development assignment. The studies consist of courses and the wider competence areas.

Information Tecnology, Cyber Security

The key method of studies is Project Based Learning, in which students complete study modules in accordance with the learning objectives by doing and learning. The knowledge is founded on real-life information security projects of JAMK University of Applied Sciences (in the first phase JYVSECTEC and SkyNest projects) in which the assignments are completed in sub-projects. The studies in the degree programme are part of a project undertaking in tight connected with projects.  The studies are implemented as sub-projects, research, research papers, theses, lectures/exams based on literature/web studies, lectures by specialists in the field and seminars. Study attainments are carried out as research on the course's subject field and as sub-projects, as well as through implementation and documentation in the form of research papers and/or new security applications.     

Further information is available in the Study Guide:

Assessment and learning guidance

Learning outcomes are assessed in relation to the learning objectives of the course. Assessment decisions are based on the assessment criteria provided in the course descriptions. Courses are assessed on the assessment scale specified in the course description. According to its purpose, the scale may be either of five steps: 5 (excellent), 4 (very good), 3 (good), 2 (satisfactory) and 1 (adequate) or a pass (P)/fail (0). Completion of the course has been failed (fail (0)) if the student does not achieve the minimum outcomes set for completion of the course.

The student has the right to know how the criteria apply him or her. Course performance is recorded in the transcript of records no later than one month after the declared time of completion of the course and always before the end of the school year.

Further information is available in the Study Guide:

Forms of study

​Part-time studies


Being awarded a Master’s degree certificate requires the student to complete the studies of the degree programme within his/her study period in accordance with his/her Personal Learning Plan. Further information in the Degree Regulations.

Employment and further studies

Professional profiles of graduates with examples

​Students are capable of designing and implementing ICT solutions improving the cyber security of companies and public organisations. Students can expand their knowledge by choosing elective studies on total security management. After graduation students can work as information security managers, cyber security consultants, auditors in information security and, after additional studies, also as a general security manager of organisations. Depending on their previous studies, the new training creates employers’ interest in the students due to their special knowledge in cyber security, although their responsibilities at work are connected to a field of previous studies. Good examples of this are software engineers who gain further training in the degree programme to be able to develop secured software.

​Further studies

The master's degree of the university of applied sciences is a Master's degree of a University. The graduate may get the opportunity to continue their studies in the scientific or artistic studies of universities (§ 37/558/2009). Students can also continue for example by applying for the corresponding follow-up training programs at foreign universities. The University of Applied Sciences also offers continuing education opportunities for specialisation studies and in working life-based continuing education. All further studies must be applied for separately.

Studies include advanced vocational studies, elective studies, as well as the master’s thesis or a working life development assignment. The studies consist of courses and the wider competence areas.

Courses are described in detail in ASIO student management system.

The course must be completed in no more than two full semesters from the start thereof. The exception is for the thesis and practice, as well as for the extensive courses completed in a number of semesters. If a course is not completed, the student shall re-start it.

In the first contact lesson of a course, the learning outcomes and the content of the course are reviewed, along with the various procedures and evaluation criteria. In addition, a potential examination date is agreed upon (the immediate performance time) and the course completion date is announced, after which attempts are no longer accepted. Students have the opportunity to try the completion of a course a total of three times: during the immediate performance time of the course or in two specially determined re-examination times. 

Other information


Finland’s Security Strategy approved by The Finnish Government emphasises the meaning of cyber threats targeted at critical networks and various information environments. They are an essential challenge for the security of the whole nation and particularly for the government and the vital operations of the society. In the new government programme cyber security became part of the security and defense policy (Source: Catharina Candolin). Information network reliability is essential to the functioning of a modern information society. The Finnish Government is drawing up a national cyber-security strategy and it actively participates in international cooperation. The aim is that Finland is one of the leading countries in the development of cyber security.
The new degree programme has remarkable significance for technology. In the current situation where annual intake is being diminished this emphasises the major turning point in ICT and the need for education in cyber security. Recently, worries about and the need for cyber security have constantly been highlighted in the media. The government's cyber security strategy raises the meaning of security to a completely new level. The defense forces have, in week 45 of 2011, published their need for soldiers who are capable of mastering network warfare. This is a clear professional description for a person with an engineering degree in cyber security.
The TUVE network (the security network for government use) is a network aimed at the high command of the state and 30,000 security authorities, in the design of which the preparation for cyber attacks and their prevention are highlighted. The design is still being developed and its maintenance in the future will require a large number of experts.
The main objective of the national security audit criteria (Kataktri) is to unify authority operations based on a joint set of criteria. Another major objective is to promote and evaluate the security level of companies and other organization co-operating with authorities. Kataktri brings with it a huge level of change and advances in the development of cyber security for various organisations and authorities if deployed. Its use creates the need for engineers who are knowledgeable in development work and in the maintenance of cyber security.
The composition of the ICT strategy in Jyväskylä in autumn 2010 indicated that cyber security plays a major role in the new ICT strategy.  The realisation of the strategy demands measures that the JYVSECTEC project strives to meet. This project is a significant opening in Central Finland for creation of new knowledge and business operations in the field of cyber security. It takes more than a project or a published strategy to bring about change. It also requires remarkable investment in new education. The Degree Programme in Cyber Security is a new degree programme that strives to create new knowledge and know-how in cyber security in Central Finland.
The degree programme is implemented in such a way that any Bachelor of Engineering in ICT is eligible.  The degree programme combines Project-Based Learning and work in projects. The students work in sub-projects of JYVSECTEC and SkyNest projects and at the same time they learn about the topics and contents of the degree programme.
Based on current situation there is no equivalent master's degree programme in Finland yet. The planned master's degree programme is a new opening in data network security education in the Universities of Applies Sciences.

Contact information

Jari Hautamäki, Head of the ICT Programmes, +358 405402361
Piippukatu 2
40100 Jyväskylä