Graduate certificate in cybersecurity law and policy

Although cybersecurity issues are often thought of as primarily technical, law and policy are emerging as critically important skills in this arena. Indiana University Bloomington is uniquely placed to meet this need, with more than 15 years of experience teaching and research about cybersecurity issues. Recognized by the federal government as a National Center of Excellence in Cybersecurity Education and Research, IU's cybersecurity efforts are distinguished by a uniquely interdisciplinary approach to cybersecurity and the integral involvement of law and business in them.

The Maurer School of Law will award a graduate certificate to students who complete at least 12 credit hours in courses specified below while maintaining a minimum grade point average of 3.0. With the exception of Introduction to U.S. Law, the Law School’s courses are part of the regular JD curriculum.

Admission requirements

The certificate is intended for students with or without prior legal training. It is intended to serve three categories of students: (1) students already at IU Bloomington who wish to add the certificate to an existing degree program; (2) existing cybersecurity professionals who wish to learn about cybersecurity policy and law issues; and (3) people working (or trained) in other disciplines who wish to transition into cybersecurity careers. As a result, applicants will either need to have earned an undergraduate degree or, in the case of students already enrolled at IUB, they must have completed all of the course requirements for an undergraduate degree.

Courses required for certificate 

Required courses

All students must take one of the following two core courses (and may take both)
Cybersecurity (3 cr.)
Information Security Law (3 cr.) 

Students without a technology background must take
Information Technology Essentials (3 cr.) (Offered at the School of Informatics and Computing)

Students without prior legal experience must take:
Introduction to U.S. Law (1 cr.)

Elective courses

Students must select from among the following courses to satisfy the balance of the 12 credit hours required for the certificate:

Information Privacy Law I—Constitutional Privacy Issues (3 cr.)
Information Privacy II—Privacy Regulation (3 cr.)
EU Data Protection Law (2 cr.)
Health Privacy Law (2 cr.)
Information Privacy and Security Management Practicum (3 cr.)
Information Technology Essentials (3 cr.) (Offered at the School of Informatics and Computing)
IT Risk Management (3 cr.) (Offered at the Kelley School of Business)
Seminar in Information Privacy (3 cr.)

The application deadline is March 1. For more information, or to apply, contact:

Prof. Scott Shackelford
(812) 856-6728