I have developed a deeper understanding of relevant cyber security topics

Certificate in Cyber Security Fundamentals


Earn a globally recognized credential in a rapidly growing field.

Today’s digital environments are highly complex. They are also an integral part of our daily lives. It’s no surprise, then, that the demand for cyber security expertise is on the rise across all types of industries. Professionals trained in cyber security possess the unique ability to protect digital assets and guard intellectual property. As one of the world’s fastest-growing technology fields, many experts see the cyber security job market doubling in the next five years—which means there will be a critical need for qualified individuals.
The cyber security market is expected to double in the next 5 years

Program Description

The Cyber Security program will deepen your understanding of cyber security topics, strengthen your skills as an IT manager or project lead and prepare you to earn a CISSP designation. It will also give you the opportunity to earn one or two distinct certificates:

Certificate in Cyber Security Fundamentals* (5 months)

Explore the fundamental knowledge required to help you become a more effective IT manager and project leader. Students who plan to earn the CISSP designation can choose to continue on to the Certificate in Advanced Cyber Security right away or take a break and enrol in a later term.

Certificate in Advanced Cyber Security** (5 months)

Build upon the foundational knowledge gained in the first certificate to develop managerial competencies and a more thorough understanding of the eight knowledge areas required for the CISSP designation. This certificate is scheduled to align with CISSP examination dates to allow graduates the opportunity to write the exam while the course material is still fresh in their minds.

Enrolment Requirements

  • The Certificate in Cyber Security Fundamentals as a stand-alone offer, as well as the bundle of the Certificate in Cyber Security Fundamentals and the Certificate in Advanced Cyber Security taken together are direct registration programs. No application process is required; simply enrol in the session of your choice to get started.
  • To register directly in the Certificate in Advanced Cyber Security, you must either complete the Certificate in Cyber Security Fundamentals first or hold the CISSP Designation.  Direct enrolment into the Advanced Certificate is subject to review and approval by the Program Manager and is granted only by exception.

Earn your designation, faster

Developed in collaboration with the Lassonde School of Engineering, the two stackable certificates combined cover all eight domains of the Certified Information Systems Security Professional (CISSP) body of knowledge. Our curriculum design focuses on case studies with real-world examples to help you prepare to interview for competitive cyber security roles.

Stackable credentials

Stackable Credentials

For those interested in pursuing the CISSP designation, the (ISC)2 has its own requirements regarding application, admission, accreditation and membership. It is the responsibility of the students to familiarize themselves and comply with the CISSP accreditation requirements from the (ISC)2


Program Format

As of March 16, 2020, all our Continuing Education programs will be delivered 100% online. The School of Continuing Studies has launched and delivered many quality online programs over the years. This is not new to us, and there will be no interruptions or compromise in learning quality for those considering starting their studies with us.

The Cyber Security program is delivered via blended learning on a part-time basis. Each certificate entails online coursework as well as 3 live, online sessions that take place over weekends (Saturday and Sunday).

Our live, interactive online sessions allow you to engage with instructors and fellow students in a learning environment that is practice-oriented and fun, while our asynchronous coursework allow you to study part-time and balance family, work, and other commitments.

Program delivery format is 100% Online

  • Format: Part-Time, blended
  • Delivery: online coursework  + three (3) required live , online sessions per certificate
  • Live Session Schedule: 1 weekend per course (Saturday & Sunday) – 3 per certificate, 6 for the full program
  • Term Starts: January,  May and September
  • Program Length: 10 months
    • Certificate in Cyber Security Fundamentals (5 months)
    • Certificate in Advanced Cyber Security  (5 months)


Who should take this program?

  • Professionals seeking their CISSP designation;
  • Individuals who want to specialize in cyber security regardless of undergraduate major or industry background;
  • Recent graduates in Information Technology, Software Engineering, Computer Science, or Database Administration seeking to focus their IT careers;
  • Project, team, and department leaders who require cyber security knowledge to lead their team more effectively;
  • Managers, administrators and executives who are seeking to master new information security responsibilities.


“The credential has a lot of credibility in the market place. Because York is structuring the program along CISSP knowledge, that positions students to be better prepared”
Ed Dubrovsky Ed Dubrovsky – Managing Director, Cyber Breach Response at Cytelligence Inc.


Program Courses & CISSP Domains

Our cyber security program courses are aligned with the eight (8) domains of the CISSP body of knowledge. Completing both programs will prepare you to present the CISSP examination and help you earn your designation.

CISSP Domain and weight

CS1000 Introduction to Cyber Security (Intro to all domains)

CS1010 Information Security Risk Mgmt. & Governance

CS1020 Data, Asset & Identity Protection

CS1030 Engineering for Information Security

CS1040 Cyber Security Operations Management

CS1050 Security Assessment & Testing

Security &
Risk Mgmt. (15%)
Security Architecture &
Engineering (13%)
Communication & Network Security (14%)
Identity & Access
Mgmt. (13%)
Security Assessment
& Testing (12%)
Operations (13%)
Software Development
Security (10%)


“Given the increasing cyber security challenge Canadian organizations of all types face, with skilled and motivated adversaries attacking our collective defenses, I am excited about the depth of expertise that the York University School of Continuing Studies will be imparting to their students with the delivery of the cyber security certificate program.”
John Weigelt. National Technology Officer, Microsoft Canada
John Weigelt – National Technology Officer, Microsoft Canada



Admission Requirements

Cyber Security is a direct registration program. No application process is required to enrol:

  1. In the initial Certificate in Cyber Security Fundamentals as a stand alone offer
  2. In the bundle offer that includes both Cyber Fundamentals and Advanced Certificates together. 

Fundamentals as a stand-alone offer as well as the Fundamentals & Advanced bundle are suitable for individuals with or without an Information Technology background.  Simply enrol in the Fundamentals or Bundle session of your choice to get started.  

For those seeking to continue into Advanced (or those seeking CISSP designation), the successful completion of the Fundamentals Certificate will prepare participants for the Advanced Certificate.

To enrol in the Certificate in Advanced Cyber Security as a stand-alone offer, you must have successfully completed the Certificate in Cyber Security Fundamentals or hold the CISSP designation. Direct enrolment into the Advanced Certificate is subject to review and approval by the Program Manager and is granted only by exception. Please contact a Continuing Studies Advisor at continue@yorku.ca to inquire about direct registration into the Advanced certificate.

Although it is not required to have an IT background to enter the program, an understanding of basic technology concepts is beneficial. To be successful in the program, participants need knowledge of:

  • hardware
  • software
  • networking concepts such as the client-server models (LAN, WAN, MAN, Internet vs. Intranet)
  • network topologies
  • wireless networking
  • the OSI model

Professional Associations

The Cyber Security Program is designed to heighten your understanding of the Certified Information Systems Security Professional (CISSP) body of knowledge and prepare you to take and pass the (ISC)2 CISSP  exam. The CISSP is a globally recognized designation required for most senior cyber security roles.

Those interested in progressing to the CISSP exam will need to meet experience requirements as required by (ISC)2.  For more information on designation requirements please visit their website. https://www.isc2.org/cissp-how-to-certify.aspx


Certificate in Cyber Security Fundamentals

Introduction to Cyber Security

Examine the information security knowledge framework through the lens of the CISSP domains as you develop an enhanced understanding of the eight CISSP domains and gain the fundamental information required for information security projects and the designation.

Information Security Risk Management and Governance

Develop an understanding of the ethical, legal and regulatory issues surrounding cyber security as you learn about security principles, network fundamentals and how to apply these areas to design networks and policies for security and compliance.

Data, Asset and Identity Protection

The amount of digitized data grows in size and vulnerability every day, requiring specialized attention toward processes, protection, security and authentication. Learn how to mitigate risk and protect ownership by understanding best practices for data gathering, classification, storage, retention and protection.

Certificate in Advanced Cyber Security 

Engineering for Information Security

Security engineering requires an understanding of security models, secure design principles and the ability to assess a variety of systems for vulnerabilities. Students will learn these fundamental concepts as well as information on selecting controls and countermeasures, and the application of cryptography.

Cyber Security Operations Management

Effective leadership in the field of information security requires an elevated understanding of security operations concepts and how to apply these in real-world situations. Discover how to apply concepts, from best practices in vendor procurement, through to investigations and preventative measures, resource management, disaster recovery, and business continuity.

Security Assessment and Testing

The development, evaluation and validation of assessment processes is integral to securing system infrastructure and detecting vulnerabilities. Develop an in-depth understanding of the techniques and industry standards for assessment validation, continuity, analysis, reporting and facilitating audits.


Victoria Granova, CISSP, CISA, CPA, MBA

Victoria Granova, Instructor, Certificate in Cyber Security

Victoria holds the CISSP, CISA and CPA designations and has an MBA from Queen’s University. She is currently a Senior Information Security Consultant at a “Big 5″ bank specializing in red team remediation and support. Victoria is passionate about education and contributes to the community as an Assistant Instructor in the Certificate in Cyber Security Fundamentals at York University. She also supports the cybersecurity community as President of the (ISC)² Toronto Chapter board, where she works to create professional education opportunities, encourages increased diversity in the field, and connects the numerous and diverse information security groups across the GTA in order to advance the industry together. Victoria is also researching new insights into the “human element” through marrying the fields of psychology and cybersecurity, and is a frequent speaker at cybersecurity conferences and events.


CS1000: Introduction To Cyber Security

Ali KhanAli Khan is a senior information technology, cyber security, and risk management professional. With experience in information and cyber security, privacy, risk and related technology, he has worked across many different industries including high-tech, financial services, energy and utility, health care, retail, educational institutions, and crown corporations. Ali’s areas of expertise include strategic IT security consultancy on cyber security, cyber security analytics, and information protection solutions.

Ali focuses on consultancy of Privacy/Security Operations Centers (P/SOCs) and related Security Information and Event Management (SIEM) solutions. He works with large enterprise clients to develop and operationalize their cyber security initiatives.

Ali has NATO Secret Clearance and Level II (Secret) clearance from the Government of Canada and holds an Honours BA in information technology management from York University, an advanced diploma in computer engineering technology from Humber College, is a Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), and has completed numerous professional training sessions on industry leading IT solution sets.  Ali is also a member of a number of local and global cyber security groups.


CS1010: Information Security Risk Management and Governance and CS1020: Information Security Risk Management And Governance

Gaurav KumarGaurav Kumar is a security and risk management leader with one of the world’s largest management consulting companies. In his current role, Gaurav is responsible for helping client executives develop suitable security and risk management strategies that meet business needs, seeking to balance defensive and responsive strategic elements.

For over 15 years, Gaurav has been helping businesses understand and proactively manage information technology risks by effectively acting as both a technical subject matter expert and a trusted business information security adviser. Gaurav has worked in all verticals of information security and risk management including access management, threat analysis, security monitoring and response, risk management, security assurance and governance, security consulting, and enterprise security program management.

Gaurav holds a MSc in information security and assurance (majoring in vulnerability management) from Norwich University in Vermont, USA. Gaurav also holds the CISSP, CISM, CRISC, CCSK, and SABSA security architect designations.

Ed Dubrovsky, MBA, MSc, CISSP, PMP

CS1030: Engineering For Cyber Security and CS1050: Security Assessment And Testing


Ed Dubrovsky is an information security executive and practitioner with over 27 years in the technology field. He possesses extensive experience in technology leadership, information security architecture, implementation and management. He has written numerous thought leadership articles and spoken at many professional events about risk management and information security topics.

Ed has provided CISO level consulting services across numerous industries including retail, government and municipal, manufacturing, financial services, energy, educational and health care. His areas of expertise include cyber-security strategy, architecture, penetration testing, threat modelling, user behavior analytics, and data protection.

Ed has a secret clearance from the Government of Canada, holds an Honors BSc in information systems from Athabasca University, an MSc in information systems from Athabasca University, and an MBA from York University – Schulich School of Business. He is a Certified Information Systems Security Professional (CISSP) in good standing since 2003, holds the Project Management Professional (PMP) designation, as well as numerous technical and professional certifications with leading technology and cyber-security vendors.

At present, Ed runs operations at Cytelligence Inc. as COO and Canadian Cyber Leader for Aon. Aon has acquired Cytelligence as of Feb 3, 2020. Cytelligence is a breach response and forensics company with over 2,000 engagements in the past 24 months. They have handled some of the most publicized breaches in recent times and supported some of the resulting litigation/court cases.

Jeff ClarkJeff Clark, CISSP

Course: CS1040: Cyber Security Operations Management

Jeff is the Director of Customer Protection (Authentication) and Cryptographic Services within the information security department of a major financial institution with over 20 years’ experience in 24/7 operations environments. Prior to venturing into information security, his focus was as a director of architecture in the contact centre and application development space, leading technical teams of up to 100 members. He primarily served financial services, telecommunications, and professional services organizations.

His experience in architecture, data centre, program management, application development and strategy has led him to experience every one of the 8 domains prescribed within the CISSP Common Body of Knowledge.

Jeff wrote his Certified Information Systems Security Professional (CISSP) certification exam in 2013. He first trained as an aircraft engineer and continues to carry learnings from that industry into technical operations.


Graduates of the Certificate in Cyber Security Fundamentals are prepared to lead teams and projects related to information security management.

Graduates of the Certificate in Advanced Cyber Security who successfully earn the CISSP are prepared for roles such as:

  • Computer Security Specialist
  • Information Security Manager
  • Senior Security Manager

Diploma or Degree in a non-IT Field


Certificate in Cyber Security Fundamentals
2 years of work experience



IT or Project Manager or Consultant

College Diploma in an IT related field


Certificate in Cyber Security Fundamentals
Certificate in Advanced Cyber Security
4 years of work
Certified Information Systems Security Professional (CISSP) designation



Computer Security Specialist
Information Security Manager Senior Security Analyst


Certificate in Cyber Security Fundamentals
2 years of work experience



IT or Project Manager or Consultant

Bachelors Degree in an IT related field


Certificate in Cyber Security Fundamentals
Certificate in Advanced Cyber Security
4 years of work
Certified Information Systems Security Professional (CISSP) designation



Computer Security Specialist
Information Security Manager
Senior Security Analyst


Certificate in Cyber Security Fundamentals
2 years of work experience



IT or Project Manager or Consultant

Internationally Educated Professionals: 90-Credit Degree in an IT related field


Certificate in Cyber Security Fundamentals
Certificate in Advanced Cyber Security
4 years of work
Certified Information Systems Security Professional (CISSP) designation



Computer Security Specialist
Information Security Manager
Senior Security Analyst


Certificate in Cyber Security Fundamentals
2 years of work experience



IT or Project Manager or Consultant

Internationally Educated Professionals: 90-credit Non-Technical Degree


Certificate in Cyber Security Fundamentals
2 years of work experience



IT or Project Manager or Consultant

Advisory Council

Senior executives from many of Canada’s leading organizations help us ensure that our graduates have the skills and knowledge that employers value most, including the following:

John Weigelt, CD, BEng, MEng, RMC, CISM, CISSP

National Technology Officer, Microsoft Canada

John Weigelt. National Technology Officier, Microsoft Canada

As the National Technology Officer for Microsoft Canada, John Weigelt is responsible for driving Microsoft Canada’s strategic technology efforts. In this role, Mr. Weigelt helps business and governments innovate with technology while avoiding the unintended consequences that might arise.  He leads Canadian outreach for technology policy issues across a wide range of subjects including: economic development, digital economy, open government, environmental sustainability, accessibility, privacy, security, critical infrastructure protection, government 3.0, spectrum and intellectual property.   Mr. Weigelt’s 25 plus years of experience in cyber security, and his pioneering work in protocols, practices, policies, programs and partnerships to increase cyber assurance, provides him with a unique perspective on the challenges and opportunities associated with overcoming the inertia often associated with initiatives to increase trust and confidence in the digital world.

Ed Dubrovsky, MBA, MSc, CISSP, PMP

Head Security Practice, OnX Enterprise Solutions

Ed Dubrovsky. Head Security Practice, OnX Enterprise SolutionsEd Dubrovsky is currently the head of the national security practice at OnX Enterprise Solutions, dealing with issues that directly affect security and IT departments’ ability to collaborate effectively. Mr. Dubrovsky is an information security expert with over 24 years’ experience in the technology field. His primary interests include infrastructure and application security, and vulnerability assessment. Mr. Dubrovsky has expertise in vital topics such as: protecting perimeter devices, cyber compliance, employee training, and selecting the right technology tools to help keep your organization safe.

Darren Jones, BMath, CPA, CMA

Senior Manager, Cyber Security Services, KPMG Canada

Darren Jones. Senior Manager, Cyber Security Services, KPMG CanadaDarren Jones is an internationally recognized leader in the fields of IT audit and security, with extensive experience in the field since 1986.  He has excelled in delivering innovative solutions for organizations in a variety of industries. As a part of KPMG Canada’s national cyber security consulting practice, Mr. Jones provides clients with impactful solutions to help them improve their security policies, processes, and technologies. Mr. Jones’s business development and project delivery successes include solution areas as diverse as information security, corporate governance, IT strategy, enterprise systems management, network architecture and management, and outsourcing.  Since 1993 he has been a sought-after speaker on IT audit, security, crisis management and IT reliability issues.  He is frequently interviewed and is a published author on IT security matters.

Gary Perkins, BA, MBA, CISSP

Chief Information Security Officer, Province of British Columbia

Gary PerkinsGary Perkins is the Chief Information Security Officer (CISO) for the Government of British Columbia.  As the Executive Director of the Information Security Branch, he is responsible for providing cyber security services in support of the province.  He has over 19 years of experience in information technology, risk management, and cyber security.  Prior to joining the BC Government, he worked in the private sector as chief of staff for security at Telus and, earlier in his career, led teams responsible for incident response, operations, delivery, and architecture for both corporate and managed security services customers.  A certified information systems security professional (CISSP) since 2004, Perkins also holds an MBA from Simon Fraser University’s Management of Technology program.

Manish Khera, BASc, CISSP, C|CISO

Senior Director, Application Security, Data Protection and Security Consulting, RBC

Manish-Khera---layer-maskManish Khera is currently the lead of application security, data protection, and security consulting in the office of the CISO for the Royal Bank of Canada. Mr. Khera is a seasoned technical security leader with nearly 20 years of experience in the fields of IT security and privacy consulting, data protection, forensic investigations, fraud detection, and IT auditing. He was formerly the Canadian Chief Information Risk Officer, Head of Global Merchant Cyber Security Investigations and PCI Compliance for JP Morgan Chase. His responsibilities included management of the IT risk posture in Canada for the firm, global head of merchant breach investigations, merchant PCI compliance, and merchant service provider registration. Prior to joining JPMC, Mr. Khera was the head of the IT security function for TJX Companies responsible for IT risk assessments, policy administration, security project management, identity management, and security administration, operations, and engineering.

Hamzeh Roumani, PhD

Senior Lecturer, Department of Electrical Engineering & Computer Science, Lassonde School of Engineering

Dr. Hamzeh Roumani is an award winning professor and a recipient of the 3M Fellowship, the highest and most prestigious recognition of teaching excellence in Canada. His teaching philosophy is founded on the clear separation of abstraction levels, and his pedagogy is based on learning by doing. He embraces the experiential approach in his books and courses and has recently implemented it to help design a new computing curriculum for the newly founded Lassonde School of Engineering at York University. The new courses are themed around sensors and actuators, web technologies, mobile computing, and cyber-physical systems. Dr. Roumani’s main areas of interest are computer security and quantum computing and cryptography.

Christopher Russel

Director, ICT Infrastructure & Information Security Officer, York University

Program Policies



Why should I take York’s Cyber Security certificates instead of programs offered by other universities, institutes, or other organizations?

  • Quality of instruction – our instructors are not only experts in the field, but are also certified by (ISC)2. Their breadth of experience is as tremendous as their teaching and academic qualifications.
  • Innovation – We’re the first School of Continuing Studies in Ontario to offer a non-credit two-certificate program to prepare for the CISSP designation.

What does the field of cyber security encompass?

Cyber security refers to the protection of digital environments and assets from internal and external threats and the guarding of intellectual property. The field of cyber security includes industry risk management, engineering, communications, identity protection, assessing and testing, operations and software development.

How long will it take to complete this program?

The Certificate in Cyber Security Fundamentals takes just 5 months to complete. If you choose to continue on to the Certificate in Advanced Cyber Security right away, you can be prepared to write the CISSP exam in as little as 10 months.

What is the likelihood that I will receive employment in this field once I complete the certificate program?

Very likely.

According to the Digital Adoption Compass, a consortium of the industry’s major players, over 27,000 new jobs in this field are expected to be created in Ontario by 2019. Combined with replacement demand, Ontario would need to fill 76,300 ICT positions over the next five years.

Furthermore, they project that the availability of home-grown talent will not be sufficient to meet these hiring requirements. So if you’re qualified, you’ll most likely get a job.

What’s the salary range for roles in cyber security?

According to the Government of Canada’s Job Bank, the average hourly rate being paid for cyber security services is between $60 and $98 per hour.


If you would like more information or have a question about the Certificate in Cyber Security Fundamentals, please Contact us

Register for this Program