Honours Bachelor of Information Technology – Cybersecurity (IFS)

Formerly known as Honours Bachelor of Technology – Informatics and Security

Starts in January, September

PGWP-eligible Program

Campus

Newnham

Delivery

Hybrid

Duration

8 Semesters (4 Years)

Study Option

Full-time

Credential

Honours Bachelor Degree

School

School of Information Technology Administration & Security

Courses

Delivery: At Seneca, courses are delivered in four formats: online, in-person, hybrid (an online, in-person combination) or flexible (offered in-person and online at the same time).

The chart below outlines the delivery options available for each course in this program. For some academic terms, there may be more than one delivery option available. You’ll be able to choose your preferred options when you select classes to build your course schedule. Selection for preferred course delivery will be considered on a first come, first served basis.

International students: The impact of studying from outside of Canada and Post-Graduation Work Permit (PGWP) eligibility differs significantly based on when you start your program. Please review the PGWP eligibility before choosing your program and course delivery.

Semester 1

Course Code	Course Name	Winter	Summer	Fall
ENG106	Writing Strategies	Online In-person	Not offered	Hybrid Online In-person
	This course focuses on critical thinking and the rhetorical elements of both persuasive and evaluative forms of writing. Students will learn to differentiate between shades of fact and opinion, objectivity and bias, and apply the techniques of sound argument for a variety of purposes. The main elements of effective communication and research techniques are also examined. Techniques explored and skills developed in this course are applied throughout the four years of the program.
OPS105	OS-Unix	In-person	Not offered	In-person
	This hands-on, lab-based course provides instruction on the installation and configuration of Linux desktop operating systems. Students will acquire the skills necessary to manage access and permissions for files and directories. The course also covers the administration of jobs, processes, and the routing of network traffic in a secure manner. Additionally, students will learn to automate repetitive tasks by creating or modifying scripts.
OPS110	OS-Windows	In-person	Not offered	In-person
	In this course, the student will explore the fundamental concepts and operations of computer operating systems. O/S principles will be presented through a study of related terminology and practices. Topics will include operating system design and configuration, data storage and retrieval, network and security considerations, and management tools and services. Students will use the Windows operating system to demonstrate and apply operating system theory and principles.
SPR100	Introduction to Security	In-person	Not offered	In-person
	Information security is a critical component of all computer systems, as such it is important for people to have understanding of it. In this course, students will be given a broad introduction to the field of information security, learning its history, terminology, key concepts, and key techniques. Content includes main threats to security, how to analyze risks, the role of technical tools in reducing risk and their limitations, and simple process and behavioural changes that can reduce risk. Practical experience will be given in examining secure and insecure examples of information, computers, applications, and network infrastructure.
SRT111	Introduction to Problem Solving and Programming	In-person	Not offered	In-person
	This course is an introduction to computational problem solving and programming in python language. The course provides students with an opportunity to learn how to think like a computer scientist to solve the complex problems by breaking them down and writing procedural algorithms. The course provides an overview of python language constructs and gives a hands-on experience to write codes in python language. The course is designed for students with no prior exposure to computer programming. This course will enable them to learn and think computationally and write programs to solve useful problems.

Semester 2

Course Code	Course Name	Winter	Summer	Fall
DCN230	Protocol and Standards	Hybrid	Hybrid	Not offered
	This course will focus on current technology to provide students with a comprehensive overview of the data communication field. The course will present data communication knowledge and the role performance issues have in driving protocol and network design. Emphasis will be placed on the 7 layers of the OSI model and where security concerns may arise.
LSP200	Critical Thinking	Hybrid	Online	Not offered
	This subject will introduce learners to the basic elements of critical thinking. Topics covered include the following: structure and types of arguments, deduction and induction, degrees of certainty in reasoning, formal and informal fallacies, and proofs of validity. Learners will develop their critical thinking skills through in-class and on-line discussion and analysis of business related issues.
SPR200	Basic Cryptography	In-person	In-person	Not offered
	Cryptography and encryption are core data security methods. This course builds a solid understanding of the various methods of protecting data by looking at how cryptography has evolved over the centuries from the simple ciphers of the Roman Empire to the complex methods of today, to future concepts and theories. Students will learn how various methods of cryptography have improved over time and to recognize which encryption methods work best for given real-world situations.
SRT205	Deployment Automation	In-person	In-person	Not offered
	This course is designed to introduce students to the concepts and practices of automation in modern IT environments, focusing on the use of powerful automation tool(s). The course emphasizes practical, hands-on experience with industry relevant use cases, enabling students to automate tasks, optimize deployments, and maintain consistency across complex infrastructures. Students will also explore best practices for performance optimization and gain exposure to version control systems as well as cloud computing platforms. By the end of this course, students will be well-equipped to design and implement automated workflows that improve efficiency and reliability in IT operations.
SRT210	Infrastructure Administration	In-person	In-person	Not offered
	Students will investigate and discuss the structure of organizations and the responsibilities of administrators within those organizations. Methods of effective and appropriate communication with end users will be integrated throughout the course. Case studies will be used to develop time management and documentation skills and to illustrate customer service relationships.

Semester 3

Course Code	Course Name	Winter	Summer	Fall
DCN330	Building Networks	Not offered	Not offered	Hybrid
	This course will demonstrate the application of switches and routers in local and wide area networks. Upon completion of this course, students will be able to analyze and design a hierarchical network and implement their design by appropriately selecting, connecting, configuring, and troubleshooting various and different network devices.
LSP400	Presentation Skills	Not offered	Not offered	Online In-person
	This subject prepares students to make professional oral presentations to diverse audiences in a variety of settings. The fundamentals of public speaking and speech writing are covered, as well as the production and use of presentational aids. Students will be in introduced to Microsoft PowerPoint and Adobe Photoshop. They will familiarize themselves with presentation techniques using both PowerPoint and Photoshops raster based imaging manipulation and other Presentation aids. Pre-requisite: ENG205 or its equivalent
OPS300	Enterprise Infrastructure and Security	Not offered	Not offered	In-person
	One of the key objectives of a security professional is to protect digital assets of their organizations. Virtualization provides new capabilities for protecting business-critical applications. At the same time, new technologies are introducing new security threats and require modifications to traditional IT procedures. This course will extend students knowledge about virtualized infrastructures (e.g. overlay networks, VMs, containers, and micro-containers). Topics will include virtual machines, containers, storage, virtual network, and security considerations. Particular attention will be paid to automation/software-defined infrastructure. Upon completion of this course, students will be able to automate system administration tasks including software deployment, system monitoring, and routine maintenance of IT assets.
RIS330	Data Services and Management	Not offered	Not offered	In-person
	This course introduces students to the design, administration and security aspects of databases. Students will implement and replicate database systems and use the SQL language to manipulate data. Topics to be explored will include: Data design, security, backup and recovery, familiarity with different DBMS and handling data from different sources.
SPR320	Endpoint Security	Not offered	Not offered	Hybrid
	In the world of increasingly sophisticated attacks on networks, and the disappearance the traditional network edge due to use of the cloud and mobile devices, the endpoint represents the last line of defense. Students learn to harden their systems, investigate them for evidence of compromise, and remediate security problems once they are discovered.

Semester 4

Course Code	Course Name	Winter	Summer	Fall
BTC440	Business and Technical Writing	Online In-person	Not offered	Not offered
	This subject focuses on business and technical documentation and correspondence relevant to the software development field. Students will learn to write abstracts, formal and informal reports as well as technical briefs after studying industry examples. Students will learn to communicate complex problems and solutions in a variety of settings using emerging technologies. They will collaborate with teams to produce comprehensive research and critical analysis of information in software development.
RIS430	Vulnerability and Threat Analysis	In-person	Not offered	Not offered
	A variety of instructional techniques will be used including interactive media-rich lectures, problem-based learning, and computer-based lab exercises. Under guidance of faculty, students will apply tools commonly used in industry to test software for vulnerabilities using virtual machines in an isolated security lab, and will look for root causes of these vulnerabilities. Once root causes of vulnerabilities are discovered, students will work in groups to develop mitigation strategies and reports aimed at helping developers make their software more secure.
RIS440	Network Security	Hybrid	Not offered	Not offered
	With the growth of the Internet, computer networks play an important role in our daily and professional lives. New technologies such as the cloud, the Internet of Things, BYOD (Bring Your Own Device) have compounded maters, leading to increased complexity and the disappearance of a defendable border, known as loss of the edge. This course will teach students about network defense, network attacks, and how to analyze a networks security posture.
SPR400	Intro to DFIR	In-person	Not offered	Not offered
	Digital forensics and incident response is an important part of business and law enforcement operations. Criminal justice professionals were some of the first to take an interest in this digital evidence, and now many businesses are turning to DFIR to determine if illegal action has been taken, either by the owner of the equipment or through a vicious cyberattack. This course will provide a foundation of concepts in digital forensics including theory, technical tools and methodologies employed in this area. It represents the skill set that IT professionals use to examine hard-drives and other computing devices. Students will employ professional digital forensic investigative procedures to ensure that evidence collected meets legal standards.
SRT411	Digital Data Analytics	Hybrid	Not offered	Not offered
	This course is an introduction to the digital data analysis for security students. We will look at capturing data from appropriate data sources (such as packet captures, log files, IDS systems, and configuration files) then analyzing and displaying this data, using visualization techniques, in ways that will help detect/mitigate threats or help fulfill compliance requirements. Emphasis is placed on using the applicable tools for data analysis and statistical review.

Semester 5

Course Code	Course Name	Winter	Summer	Fall
IAM500	Identity and Access Management	Not offered	Not offered	Online
	Students will explore the principles and practices of Identity and Access Management (IAM) in modern IT ecosystems. Students will analyze identity lifecycle management, access control models, and authentication mechanisms, emphasizing secure design and governance. The curriculum balances theoretical foundations with practical skills, enabling learners to configure IAM solutions, enforce policies, and address security challenges. Through labs and projects, students will gain proficiency in managing access across diverse architectures while preparing for evolving trends in digital identity.
SPR500	Security Principles: Defenses	Not offered	Not offered	In-person
	This course will give students knowledge of, and procedures for, intrusion detection. Firewalls and related security components that interact to form the defensive perimeter of a Local Area Network (LAN) will be examined. In addition, students will learn concepts pertaining to both hard and software based firewalls, access control, port management, and remote authentication and intrusion detection systems. Students will obtain skills for the assessment of vulnerability, the development of effective security policies and the execution of appropriate responses to incidents of attack in enterprise and government environments.
SRT521	Advanced Data Analysis	Not offered	Not offered	Online
	An information security professional has the responsibility to assure that the world is a safe space. This can only be accomplished with an understanding of what is happening in the increasingly complex systems upon which business and society have come to depend. This understanding requires the analysis of a vast amount of data in order to derive meaning from these systems. Fortunately, the increasing power of distributed technology also provides us with the tools to do so. Distributed systems allow us to create scalable tools which leverage the power of the cloud, machine learning, and artificial intelligence to collect, parse and analyze previously inaccessible amounts of data to find patterns and meaning in the complex systems which control our world. This course introduces the student to these technologies and teaches them how to reduce risk and make our systems more secure
WAS500	Web Application Scripting	Not offered	Not offered	Hybrid
	This course is designed to introduce students to the concepts and practices of full-stack web application development, focusing on modern tools and technologies used to build dynamic, interactive, and secure web applications. The course emphasizes practical, hands-on experience using industry-relevant frameworks and databases, enabling students to create responsive user interfaces, develop server-side logic, and implement persistent storage. Students will also explore foundational topics in artificial intelligence (AI) integration and post-quantum cryptography (PQC), gaining awareness of emerging security challenges in the evolving web landscape. By the end of this course, students will be well-equipped to design, develop, and deploy functional web applications while considering performance, usability, and future-ready security practices.
plus: Liberal Studies Course (1)

Semester 6

Course Code	Course Name	Winter	Summer	Fall
REA610	Research Methodologies	Hybrid	Not offered	Not offered
	In this course, the student will study the research process by developing their research skills using methodologies to search, summarize, paraphrase, and analyze information. Students will learn to create bibliographies according to specific academic styles, describe how information is organized. They will learn to find, select, and use appropriate sources for research, including libraries, online databases, search engines, and people. They will learn to use standard reliability and validity definitions to determine the reliability/validity of sources. They will learn to Integrate information from a variety of sources and to summarize information effectively. They will also learn how to develop a sound research proposal with a clear hypothesis within a chosen field of interest.
RIS602	Security Assessment	In-person	Not offered	Not offered
	There is an increasing number of stealing millions of records and billions of dollars by hackers. Ongoing security assessments are imperative to help identify new/existing vulnerabilities and develop a plan for remediation. A penetration test is a simulated cyber-attack against your computer system to find the weaknesses in your defense systems before a hacker does and check for exploitable vulnerabilities. Penetration testing can involve the attempted breaching of any number of application systems to uncover vulnerabilities. It simulates real-world attack scenarios to discover security weaknesses. It can compromise networks or applications.
SRT751	Ethics and Law	Hybrid	Not offered	Not offered
	This course will examine the legal framework in which information security professionals operate and examine the legal and ethical issues faced by them. This will be done using a variety of teaching techniques including (i) lecture. (ii) in class exercises. (iii) working in small and larger groups. and (iv) online discussions. Students will be encouraged to think critically, develop an ethical framework and an understanding of the law as it relates to business, current and emerging technologies. The focus will be on Canadian laws, but the laws from the United States and other parts of the world may be addressed as well.
WAS600	Web Security	Online	Not offered	Not offered
	With more and more aspects of our lives involving the World Wide Web, ensuring the security of web applications is essential. Security professionals are often engaged by industry to identify key vulnerabilities which might affect web application security for organizations, and need to recognize the most common areas of security risk and determine how this can impact the reputation of the organization. This course teaches students how to identify web application security flaws, and assess the security posture of web applications.
WTP200	Work Term Preparation	Online	Not offered	Not offered
	This Work Term Preparation course is designed to empower students with the tools, skills, and strategies needed to navigate the modern job market and achieve long-term career success. Through self-assessment, career exploration, helping students to identify and leverage skills from their existing experiences, students will develop a deep understanding of their personal strengths, values, personality, interests and goals. The course covers essential topics such as crafting professional résumés and cover letters, mastering interview techniques, and building a strong personal brand, including an online presence. Students will learn how to research career pathways, evaluate job market trends, and create actionable career plans tailored to their aspirations. Emphasis is placed on professional communication, networking, workplace readiness, and adapting to diverse organizational cultures. Additionally, the course provides insights into negotiating job offers, managing career transitions, and professional growth. With a focus on lifelong learning and continuous improvement, this course equips students with the confidence and resources to pursue fulfilling careers while remaining adaptable in a dynamic and competitive workforce. Ideal for students preparing to enter the job market or those seeking to refine their career trajectory, this course fosters self-awareness, professional readiness, and strategic career planning.
plus: Liberal Studies Course (1)

Semester 7

Course Code	Course Name	Winter	Summer	Fall
CSA700	Cybersecurity System Analysis	Not offered	Hybrid	Not offered
	Students will explore the principles and practices of threat hunting and incident response investigations in modern IT ecosystems. Students will analyze systems through labs and projects with the goal of discovering threats which were not detected by defensive security mechanisms. They will also study remediation of discovered threats. Students will gain proficiency in hunting threats across diverse architectures while preparing for evolving trends in cyber security.
GRC700	Governance, Risk and Compliance	Not offered	Hybrid	Not offered
	Students learn to develop a cybersecurity-aligned governance, risk and compliance (GRC) strategy for an enterprise environment. They will apply risk assessment methodologies to identify, prioritize, and manage security risks. They learn to interpret and implement regulatory and industry-specific cybersecurity compliance requirements (e.g., NIST CSF, PCI DSS, GDPR), evaluating internal controls and mapping them to cybersecurity risks and frameworks. Ultimately they will know how to communicate risk posture and compliance status to technical and executive audiences.
SPR705	Detection Security Controls	Not offered	In-person	Not offered
	This course provides an in-depth exploration of detection engineering, focusing on the deployment of Security Information and Event Management (SIEM) systems and security detection sensors. Students will gain practical knowledge and skills to mitigate cybersecurity risks through the strategic deployment of detection controls. They will study various cybersecurity threats and vulnerabilities, develop strategies to mitigate risks, and learn how to turn detection controls into actionable insights by developing custom signatures to identify and respond to specific security threats. By the end of this course, students will be equipped with the skills to deploy and manage SIEM systems, implement robust detection controls, and create custom signatures to enhance their organizations cybersecurity posture.
WAS705	Application Security Methodology	Not offered	Hybrid	Not offered
	Computer applications have become pervasive in modern life. In a networked world computer software is key to our political, economic and cultural experience on a global scale. Failures in software security have had immense repercussions on the global community, including hospital closures, failures of power grids, transportation sector interruptions, international supply chain disruptions, the loss of control of critical infrastructure, and compromised financial security. Because of this, developing secure software and testing it has become a critical aspect of cybersecurity. This course will allow students to develop the skills and learn the methodologies used to improve application security during the software development lifecycle. Students will learn to understand application security from a developers point of view, the principles of secure design, how to utilize security features in application frameworks, how to test software for known vulnerabilities, and how to implement a security program into the software development lifecycle.
plus: Liberal Studies Course (1)

Work-Integrated Learning Term 1

Course Code	Course Name	Winter	Summer	Fall
IFS771	Informatics and Security, Co-op	Not offered	Not offered	Hybrid Online In-person

Work-Integrated Learning Term 2

Course Code	Course Name	Winter	Summer	Fall
IFS772	Informatics and Security, Co-op II	Hybrid Online In-person	Not offered	Not offered

Semester 8

Course Code	Course Name	Winter	Summer	Fall
SPR708	Attack and Defense	Not offered	In-person	Not offered
	This course provides an in-depth exploration of detection engineering, focusing on the deployment of Security Information and Event Management (SIEM) systems and security detection sensors. Students will gain practical knowledge and skills to mitigate cybersecurity risks through the strategic deployment of detection controls. They will study various cybersecurity threats and vulnerabilities, develop strategies to mitigate risks, and learn how to turn detection controls into actionable insights by developing custom signatures to identify and respond to specific security threats. By the end of this course, students will be equipped with the skills to deploy and manage SIEM systems, implement robust detection controls, and create custom signatures to enhance their organizations cybersecurity posture.
SPR888	Applied Security Project	Not offered	Hybrid	Not offered
	In this capstone course, students will design and implement a comprehensive system project from conception to final presentation. Emphasizing real-world application, learners will define a problem, propose a high-level solution, plan detailed timelines, and achieve technical milestones. The course encourages the use of open-source tools, industry frameworks, and scholarly research to create a solution that addresses an identifiable security gap. Students will demonstrate methodological awareness, critical reflection, and professional communication through iterative deliverables. This project-based experience fosters autonomy, responsibility, and interdisciplinary thinking essential for cybersecurity professionals.
plus: Liberal Studies Course (1)
plus: Professional Options (2)

Professional Options

Semester 8

Course Code Course Name Winter Summer Fall

DPI905 CISCO Network Security TBD TBD TBD

This course provides the knowledge and skills required to develop a network security infrastructure. Students, through the use of core security technologies learn to configure, troubleshoot and monitor network security devices such as switches and routers to recognize and mitigate network vulnerabilities and threats. A variety of tools in a lab setting are used to develop, test and administer effective security policies. Upon completion of this course, students will have the necessary knowledge to acquire CISCO CCNA Security certification.

DPI906 Malware Analysis and Response TBD TBD TBD

There is an increasing number of stealing millions of records and billions of dollars by hackers. Ongoing security assessments are imperative to help identify new/existing vulnerabilities and develop a plan for remediation. A penetration test is a simulated cyber-attack against your computer system to find the weaknesses in your defense systems before a hacker does and check for exploitable vulnerabilities. Penetration testing can involve the attempted breaching of any number of application systems to uncover vulnerabilities. It simulates real-world attack scenarios to discover security weaknesses. It can compromise networks or applications.

DPI907 IT Physical and Environmental Security TBD TBD TBD

This course covers the principles and practices of physically securing an organizations people, facilities and data resources against unauthorized access, theft, sabotage and other security breaches. Topics will include, but are not limited to, facility access control, environmental and safety measures, social engineering techniques, physical security penetration testing, locks and lock picking, video surveillance systems, and biometric authentication systems. Students will also learn how to develop policy and procedures for physical security, including appropriate incident response.

DPI911 Incident Response TBD TBD TBD

Despite best efforts, evolving computer threats mean that network defenses are frequently penetrated and security incidents have become a regular occurrence in our I.T. infrastructures. It is accepted that it is a matter of when, rather than if, an incident will occur. This course covers various aspects of computer incident response. Topics include incident response preparedness, incident detection and characterization, data collection, data analysis and remediation.

DPI912 Python for Programmers: Sockets and Security TBD TBD TBD

This course focuses on developing intermediate and advanced competencies in socket programming, and is informed and guided by information technology and cybersecurity concepts, concerns, and problem sets. Students will explore developing applications on TCP/IP as well as in higher level protocols. Applications developed may include forensic, defensive, and offensive security tools.

DPI913 Cloud Infrastructure and Security TBD TBD TBD

In todays rapidly changing environment enterprises are adopting cloud technology at a great rate. The cloud allows businesses to quickly deploy new business applications and scale them on demand. At the same time, from a security perspective, use of the cloud introduces new layers of abstraction to IT infrastructure which increases complexity, therefore introducing new vulnerabilities. The student will learn to build a private cloud, to understand key elements of cloud technology, and to protect cloud infrastructure and applications running on it.

DPI914 Social Engineering TBD TBD TBD

Social engineering is one of the most common attack methods in IT and the most difficult to counter. The course provides a broad overview of social engineering, including cognitive mechanisms utilized by social engineers and their use as attack vectors, their attack cycles/stages, along with the common tools used to do research and execute the attacks, attack vector countermeasures including the tools and techniques. Practical work in this course covers various aspects of the tools and techniques used in attacks and for countermeasures.

Program Learning Outcomes

Learn more about program learning outcomes for this program.

Archived Program & Course Information

To find details on programs or courses from prior academic years, browse our archive of program information.

Seneca has been granted consent by the Minister of Colleges, Universities, Research Excellence and Security to offer this degree for a seven-year term starting Dec. 18, 2019. In conformity with the Minister's criteria and requirements, Seneca will submit an application for the renewal of the consent for this program 12 months prior to the expiration of the consent. Seneca shall ensure that all students admitted to the above-named program during the period of consent will have the opportunity to complete the program within a reasonable time frame.