Programme structure

Information Security - Master's Programme

Programme structure

The Master’s degree in Information Security is a two-year full-time programme (120 ECTS credits). The programme is offered in Gjøvik and taught in English.

You build your expertise step by step – from foundational understanding to advanced specialisation. The programme places a strengthened emphasis on data science and interdisciplinary skills from day one.

The programme has the following general structure:

1st year of study: The Foundation

The first semester consists of four compulsory courses that provide the foundation for your further specialisation:

  • Scientific Methodology and Communication
  • Introduction to Cyber and Information Security Technology
  • Introduction to Information Security Management
  • Data Science for Security and Digital Forensics.

In the second semester, you take the course Introduction to Digital Forensics, the interdisciplinary project course Experts in Teamwork (common to all technology students), as well as elective courses.

2nd year of study: Specialisation and Research

In the second year, you use the autumn semester to plan a research project and take advanced elective courses.

Choose Your Direction – Connected to Research:

  • Digital Forensics (DF) – analyse digital evidence and help solve cybercrime
  • Information Security Management (ISM) – lead security efforts and manage organisational risk
  • Data Privacy and Security (DPS) – work with regulation, technology and data protection
  • Critical Infrastructure Protection (CIP) – secure the systems society depends on
  • eHealth and System Security (ESS) – safeguard the future of healthcare technology
  • Communication and IT Security (CITS) – work technically with networks, cryptography and secure software development

The programme concludes with a Master’s thesis in which, under the supervision of an academic member of staff, you carry out an independent research project and contribute new knowledge to the field of cybersecurity.

Study plan details

Check the current schedule for compulsory and elective courses by year and semester, as well as other details about the programme.

Study plan

Choose Your Direction – Connected to Research

Choose Your Direction – Connected to Research

The curriculum has been updated in line with active research at NTNU. You can tailor your degree by specialising in one of six research profiles:

Digital Forensics (DF)

Digital Forensics (DF)

Help bring cybercriminals to justice

This profile focuses on the investigation of digital evidence using advanced forensic tools and methods. You will develop the skills to collect, analyse and present digital evidence for use in legal proceedings.

Who is this for?
Students who want to combine technology and law and work at the intersection of cybersecurity and criminal investigation.

Key courses include:
Cybercrime Investigation and Computational Forensics.

Information Security Management (ISM)

Information Security Management (ISM)

Lead security efforts within organisations

This profile focuses on managing information security at a strategic level. You will develop expertise in risk management, policy development and the implementation of effective security controls. You will also learn how to evaluate security performance and ensure regulatory and organisational compliance.

Who is this for?
Students who aspire to leadership roles in security management, consultancy or strategic decision-making.

Key courses include:
Security Performance Measurement andRisk Management in Information Security.

Data Privacy and Security (DPS)

Data Privacy and Security (DPS)

Protect the fundamental right to privacy

This profile focuses on privacy regulation, data protection mechanisms and privacy-enhancing technologies. You will gain insight into how legal frameworks, technical safeguards and ethical considerations interact to protect personal data in a digital society.

Who is this for?
Students interested in the ethical, legal and technical dimensions of data use and digital privacy.

Key courses include:
Cryptology and Introduction to Data Privacy.

Critical Infrastructure Protection (CIP)

Critical Infrastructure Protection (CIP)

Secure society’s most critical systems

This profile focuses on protecting essential infrastructure such as power grids, transport systems and communication networks. You will develop expertise in threat modelling and risk assessment for complex and high-impact systems.

Who is this for? 
Students interested in national security, emergency preparedness and strengthening societal resilience.

Key courses include:
Network Security and Critical Infrastructure Security.

eHealth and System Security (ESS)

eHealth and System Security (ESS)

Secure the future of healthcare services

This profile addresses the unique security challenges of digital healthcare systems. You will gain expertise in protecting patient data, securing medical technologies and strengthening trust in digital health services.

Who is this for?
Those who want to work at the intersection of health and technology.

Key courses include:
Introduction to Data Privacy and System Security.

Communication and IT Security (CITS)

Communication and IT Security (CITS)

Work on the front line of cybersecurity

This profile focuses on securing communication systems and IT infrastructure through cryptography, network security and secure software development. You will develop strong technical expertise in protecting complex and interconnected systems.

Who is this for?
Students who want deep technical competence and hands-on skills in building and defending secure digital systems.

Key courses include:
Cryptology and Network Security.

LUFT