Use of cookies

We use own and third party cookies to improve our services.
By continuing to browse this site you accept the use of these cookies.
Information on our cookies policy


Campus in maintenance
User and / or password incorrect
You have no active environment
Your access has been restricted. Consultation with the department of administration
Start   >  Master's & postgraduate courses  >  Education  >  Master's degree in Cybersecurity Management
Request information
Request information Request information or admission
Apply for admission
Apply for admission
10% discount if you enrol before 30th June


10th Edition
60 ECTS (330 teaching hours)
Language of instruction
8.500 €
Notes payment of enrolment fee and 0.7% campaign
Registration open until the beginning of the course or until end of vacancies.
Start date
Classes start: 07/10/2019
Classes end: 09/07/2020
Programme ends : 30/09/2020
Monday: 18:30 to 21:30
Tuesday: 18:30 to 21:30
Thursday: 18:30 to 21:30
Taught at
Facultat d'Informàtica de Barcelona (FIB)
C/ Jordi Girona, 1-3
Why this programme?
Many companies are investing resources in information systems without taking the implications into account. While technology is undoubtedly important, the same should also be true of Security, in terms of both infrastructure and human capital. Furthermore, infrastructures providing protection against security incidents only have value in themselves if they are used by professionals who know how to manage them properly.

The increase in the number of threats, as well as the rise in the number of protection and detection devices to be implemented, have exponentially increased the demand for experts in the design and management of security, in all types of organisations.

The UPC School is organising the Master's Degree in Cybersecurity Management in order to provide training for these professionals. Students taking the Master's degree will have the opportunity to learn the methodologies and techniques necessary for managing, planning, designing and implementing the procedures necessary to optimise the security of various assets, taking the latest threats that have recently appeared into account.

This Master's Degree in Cybersecurity Management has an outstanding teaching team, which contains an excellent combination of practical professional experience and innovation in the field of technology security, from the technical, legal and police point of view. We will also have contributions from internationally renowned speakers, who will offer us their vision of the sector in the present and future.

Students on the Master's Degree in Cybersecurity Management will also be trained to become Certified Information Systems Auditors (CISA) and for the Cyber-Security Nexus (CSX) Certificate. Both these qualifications are awarded by ISACA and are internationally recognised.


Students registering for the programme will be able to register free of charge at ISACA Internacional and ISACA Barcelona and become members until 12/31/2019.

Promoted by:
  • Check the status of an institution's cybersecurity by auditing its various assets and estimating priorities in order to minimise the risks.
  • Proactively detect an attack on an institution using monitoring tools, applying data mining techniques to large amounts of information.
  • Establish contingency plans and respond to security incidents, applying recognised forensic techniques to maintain the chain of custody, analysing and retrieving information.
  • Identify an institution's critical assets and determine the measures required to protect them.
  • Manage an institution's digital security, establishing the appropriate methodologies, designing an architecture based on its needs as a business, and minimising the risks to which the different assets may be exposed.
  • Use the tools and protocols necessary to maintain the confidentiality, integrity and availability of data.
  • Identify the measures necessary to ensure systems function correctly.
Who is it for?
  • Computer or Telecommunications Engineering Graduates.
  • Engineers and scientific-technical graduates interested in obtaining an internationally recognised qualification demonstrating their knowledge of computer security and their ability to protect their installations from cyberattacks.
  • Computer systems administrators.
  • Members of the national security forces and bodies.
  • Consultants for computer security companies.
  • Consultants in security incident response teams.
  • Critical infrastructure technicians.
  • IT directors and managers.
  • Lawyers wishing to specialise in computer crimes.

Training Content

List of subjects
1 ECTS 6h
  • Introduction to TCP/IP.
  • VirtualBox and VMware.
6 ECTS 34h
Ethical hacking
  • Information gathering.
  • Scanning and enumeration.
  • Common vulnerabilities.
  • Manual analysis of vulnerabilities.
  • Automated analysis.
  • Exploitation and Management of Vulnerabilities.
3 ECTS 21h
Monitoring security events
  • Registers within the system.
  • Detection and monitoring systems.
  • Heterogeneous data sources.
  • Correlation of logs.
3 ECTS 22h
Data Driven Security
  • Data Science.
  • Data analysis with R.
  • Viewing data.
  • Reproducible Research.
  • R-net-tools.
5 ECTS 25h
Ubiquitous environments: SCADA and mobiles
  • Static and dynamic analysis.
  • Android.
  • iOS.
  • SCADA.
  • The ICS environment: vulnerabilities in software and protocol.
1 ECTS 9h
Cloud security
  • Introduction to the cloud.
  • Types of the cloud.
  • Security in private cloud: orchestrator.
  • Security over third-party solutions: Amazon, Azure.
  • Containers.
  • API connections.
  • Use cases.
3 ECTS 21h
Responding to incidents
  • CERT and IRT.
  • The attacker's tools.
  • Forensics.
  • Forensics devices.
  • Studying non-assigned space.
3 ECTS 22h
Malware Analysis
  • Introduction to malware: history, threats, actors, trends in attacks.
  • Static analysis (hashing, AV, fingerprinting, strings, tools).
  • Dynamic analysis (environment, tools, memory, debugging, sandbox).
  • Malware in mobile devices.
4 ECTS 31h
  • Regulation, methodologies, regulations and international legislation.
  • IT Auditing Standards and Security.
  • Legal aspects, collection and preservation of evidence.
  • Good practices and security recommendations.
  • Business continuity regulations and impact minimisation.
  • Reports: legal aspects, corporate image, lessons learned.
  • Communication techniques (negotiation, conflict resolution, structuring reports, etc.).
  • CISA Preparation (4): Operations, Maintenance and Support of Information Systems.
3 ECTS 22h
Security governance
  • Principles of corporate governance.
  • Relationship to corporate social responsibility.
  • Characteristics of IT governance.
  • Reference frameworks and models.
  • IT strategy and IT security.
  • Mechanisms for IT governance and IT security.
  • CISA Preparation (2): IT Governance and Management.
5 ECTS 28h
Threats and risk analysis
  • International information security standards.
  • Analysis and risk management processes.
  • Business continuity/contingencies.
  • Risk analysis and management methodologies.
  • Identification of assets.
  • Classification of assets.
  • Vulnerabilities versus threats.
  • Type and classification of threats.
  • Type and classification of vulnerabilities.
  • Estimation of impacts.
  • Security master plans.
  • CISA Preparation (1): Information Systems Audit Process.
5 ECTS 30h
Design, development and implementation
  • Confidentiality, integrity and availability of assets.
  • Service management.
  • Logical access controls.
  • Physical access controls.
  • Protection of services: logical access control.
  • Network protection.
  • Firewalls.
  • Program protection: software design and security.
  • Operating information systems.
  • Maintenance.
  • CISA Preparation (3): Acquisition, Development and Implementation of Information Systems.
4 ECTS 25h
Cryptography and authentication
  • Symmetrical or secret-key cryptography.
  • Asymmetric or public-key cryptography.
  • Protocols.
  • Federation of identities.
  • Trusted services.
  • CISA Preparation (5): Protection of Information Assets.
14 ECTS 34h
End of Master's Degree Project
The UPC School reserves the right to modify the contents of the programme, which may vary in order to better accommodate the course objectives.
Special master's degree issued by the Universitat Politècnica de Catalunya. Issued pursuant to art. 34.1 of Organic Law 4/2007 of 12 April, amending Organic Law 6/2001 of 21 December, concerning Universities. To obtain it, is necessary to have an official university qualification. Otherwise, the student will receive a certificate of completion of the programme issued by the Fundació Politècnica de Catalunya.
Range of modules
The master's degree programme is organized into the following modules. If you don't wish to take the entire master's degree you can sign on one or several modules.
Master's degree:
relation Postgraduate courses:

Learning methodology

The teaching methodology of the programme facilitates the student's learning and the achievement of the necessary competences.

Learning tools
Participatory lectures
A presentation of the conceptual foundations of the content to be taught, promoting interaction with the students to guide them in their learning of the different contents and the development of the established competences.
Practical classroom sessions
Knowledge is applied to a real or hypothetical environment, where specific aspects are identified and worked on to facilitate understanding, with the support from teaching staff.
Solving exercises
Solutions are worked on by practising routines, applying formulas and algorithms, and procedures are followed for transforming the available information and interpreting the results.
Case studies
Real or hypothetical situations are presented in which the students, in a completely participatory and practical way, examine the situation, consider the various hypotheses and share their own conclusions.
Problem-based learning (PBL)
An active learning methodology that enables the student to be involved from the beginning, and to acquire knowledge and skills by considering and resolving complex problems and situations.
Students are given technical support in the preparation of the final project, according to their specialisation and the subject matter of the project.
Assessment criteria
At least 80% attendance of teaching hours is required.
Level of participation
The student's active contribution to the various activities offered by the teaching team is assessed.
Solving exercises, questionnaires or exams
Individual tests aimed at assessing the degree of learning and the acquisition of competences.
Work out projects
Studies on a specific topic, by individuals or groups, in which the quality and depth of the work is assessed, among other factors.
Completion and presentation of the final project
Individual or group projects in which the contents taught in the programme are applied. The project can be based on real cases and include the identification of a problem, the design of the solution, its implementation or a business plan. The project will be presented and defended in public.
Work placements & employment service
Students can access job offers in their field of specialisation on the My_Tech_Space virtual campus. Applications made from this site will be treated confidentially. Hundreds of offers appear annually of the UPC School of Professional & Executive Development employment service .The offers range from formal contracts to work placement agreements.
Virtual Campus
The students on this master's degree will have access to the My_Tech_Space virtual campus, an effective work and communication platform for students, lecturers and course directors and coordinators. My_Tech_Space allows students to find background material for their classes, to work in teams, ask their lecturers questions, consult their marks, etc.

Teaching team

Associates entities

Strategic partners
  • Associació pel Control i Auditoria dels Sistemes d'Informació. ISACA Barcelona
    • Disseminates the programme in the professional sphere and area of expertise.
Collaborating partners

Request information or admission

Your request has been received correctly at the UPC School.

We will contact you soon.

Thank you for your interest in our training programmes.

Due to an error in the connection to the database, your submission has not been processed. Please try again later, phone us on (34) 93 112 08 08, or send us an email at:
You have exceeded the maximum size of the file
  • If you have any doubts about the master's degree.
  • If you want to start the registration procedure.
How to start admission
To start the enrolment process for this programme you must complete and send the form that you will find at the bottom of these lines.

Next you will receive a welcome email detailing the three steps necessary to formalize the enrolment procedure:

1. Complete and confirm your personal details.

2. Validate your curriculum vitae and attach any additional required documentation, whenever this is necessary for admission.

3. Pay €110 in concept of the registration fee for the programme. This fee will be discounted from the total enrolment fee and will only be returned when a student isn't admitted on a programme.

Once the fee has been paid and we have all your documentation, we will assess your candidacy and, if you are admitted on the course, we will send you a letter of acceptance. This document will provide you with all the necessary information to formalize the enrolment process for the programme.

  date protection policy

Información básica o primera capa sobre protección de datos


Fundació Politècnica de Catalunya (en adelante, FPC). + INFORMACIÓN


Contestar a las solicitudes de información del interesado sobre actividades de formación gestionadas o realizadas por la FPC. + INFORMACIÓN

Establecimiento o mantenimiento de relación académica con el interesado. + INFORMACIÓN


Consentimiento del interesado. + INFORMACIÓN

Interés legítimo en el desarrollo de la relación académica. + INFORMACIÓN


No existen cesiones o comunicaciones.


Acceso, rectificación, supresión, limitación, oposición y portabilidad. + INFORMACIÓN

Información adicional

Política de Privacidad de nuestra página Web. + INFORMACIÓN

Cesión de imagen

Aceptación a la cesión, por un periodo de 10 años, las imágenes que la FPC pueda captar en las instalaciones donde se desarrolle su actividad, a fin de difundir y promocionar las actividades de la FPC y por el medio que esta tenga por conveniente.

Servicios de pago

En caso que el interesado formalice la relación con la FPC, el ordenante (interesado) autoriza y da su consentimiento al cargo, por tanto, con renuncia expresa al derecho de devolución sobre el cargo.