Due to the nature of the subject matter in this course, a UK or 5EYES enhanced security clearance will be required.
The Cyberspace Operations programme is designed to develop professionals to support military manoeuvre in cyberspace, in contested operations and as part of integrated planning.


  • Start dateSeptember
  • DurationMSc: 11 months full-time or up to three years part-time; PgDip: up to two years part-time; PgCert: up to two years part-time
  • DeliveryThe course is delivered via blended learning, with a mixture of residential and online teaching, and project based learning
  • QualificationMSc, PgDip, PgCert
  • Study typeFull time MOD students only / Part-time
  • CampusCranfield University at Shrivenham

Who is it for?

Students will be Military and other Government personnel charged with supporting operations in cyberspace, in their current or anticipated role. These staff may also be one or more of the following:

  • Managers or leaders in a cyber environment who need to understand information risk and respond to cyber threats,
  • Procurement staff commissioning critical or sensitive projects,
  • Policy and planning staff interested in computer network and security operations,
  • Personnel interested in social media and associated concepts such as cyber mobilisation,
  • Those charged with accreditation and assessment of security measures.

Why this course?

The course will specifically focus on responses to serious present and emerging threats in the information domain. The course enables the student to understand the context of the cyber domain from a military perspective. Whilst a technical understanding is an advantage, this course enables students from a variety of backgrounds to understand the drivers and constraints within cyber operations and how many roles need to integrate to provide an effective and cohesive operation.

The course specifically evaluates the current military doctrine and planning procedures across a variety of military and civilian contexts. It also evaluates the impact of cyber on control systems, leadership and decision making in the command and control environment.


Informed by industry

The course has an external advisory panel that is selected and chaired by UK MOD.

Course details

The course is taught through a flexible blend of compulsory residential courses, online Virtual Learning Environment (VLE) activities and interaction and project based learning.

It has two components: a taught component comprising twelve 10-credit modules (PgCert/PgDip/MSc) and a dissertation (MSc).

Course delivery

The course is delivered via blended learning, with a mixture of residential and online teaching, and project based learning


Students taking the MSc must develop and demonstrate their expertise, independent learning abilities and critical appraisal skills by producing a clear and coherent research-based dissertation.


Keeping our courses up-to-date and current requires constant innovation and change. The modules we offer reflect the needs of business and industry and the research interests of our staff and, as a result, may change or be withdrawn due to research developments, legislation changes or for a variety of other reasons. Changes may also be designed to improve the student learning experience or to respond to feedback from students, external examiners, accreditation bodies and industrial advisory panels.

To give you a taster, we have listed the compulsory and elective (where applicable) modules which are currently affiliated with this course. All modules are indicative only, and may be subject to change for your year of entry.

Course modules

Compulsory modules
All the modules in the following list need to be taken as part of this course.

Foundations of Cyber

    • To evaluate the context of the course and the wider programme of study,
    • To review and update core vocabulary and concepts required as a foundation for other elements of the course,
    • To develop academic skills,
    • To examine the operational aspects of cyber, information assurance and security.
    • Course structure and the cyber professional,
    • Cyber overview,
    • Enabling technologies and core terminology overview,
    • Cyber strategy overview,
    • Research methods, learning and study skills.
Intended learning outcomes

On successful completion of this module you will be able to:

  • Appraise key concepts and language of Cyber foundation knowledge, research and practice,
  • Critically evaluate published research,
  • Conduct independent research,
  • Write academically credible and professional documents.

Cyberwarfare in Intelligence and Military Operations

    This module equips you with a critical understanding of the opportunities and vulnerabilities faced when planning to deploy cyber capabilities as part of an integrated operation to enhance the overall impact achieved through military action or in planning a full spectrum response against a deliberate cyber intrusion which was intended to cause damage, disruption or destruction against our systems.
    • Current doctrine, policy and strategies - assessment

    Doctrine to be considered could include that of the UK and her allies, along with National cyber security strategies and other national concepts of operation for Cyber and the associated organisation of Cyber capabilities.

    • Constructs, concepts, cases of – critical review

    Concepts to be considered could include: Cyber domain and the Information Environment, Cyber power, Cyberwar, Computer Network Operations (CNO), Electronic warfare, Cyber Electromagnetic Activities (CEMA) Information warfare and operations, Cyber Influence, Command and control warfare, Media operations and public affairs, Cyber intelligence, Integrated planning, Defence in depth, Commander’s responsibilities

    • Existing Academic Theories and their applicability In Cyberspace – assessment

    Example theories could include: Asymmetric and Contested Warfare & threat actor motivations, Attribution, Collective Security, Defence, Deterrence, Deception (Military deception, cyber deception, camouflage, concealment & denial), Espionage, Sabotage and Subversion, Intelligence and Information Requirements, the Security Dilemma, Sense-making and decision-making, and Sovereignty.

    • Military Planning Considerations and their applicability in Cyberspace – assessment

    This could cover topics such as: Full Spectrum Operations, Hybrid Warfare, Fusion Warfare, Effects (for example: Cognitive effects and behaviour change, Deny, degrade, disrupt, destroy, deter, etc). The applicability of concepts in cyberspace such as Attack, Defend and Exploit, Manoeuvre & Lethality, Legality, Ethics, proportionality & collateral damage, Target Systems Analysis, Target Audience Analysis, Targeting and Intelligence.

    • Evolving Technologies & Cyberspace Landscape

    Covering topics such as Autonomy and Artificial Intelligence, Active Defence, Offensive Cyber, SCADA and communications systems, Anonymity, Ubiquity, Scale and Reach.

Intended learning outcomes

On successful completion of this module you will be able to:

  • Assess the main elements and key management issues in the planning and conduct of Cyberspace Operations as part of a Full Spectrum Approach,
  • Assess the implications of the changing operational environment for those conducting Full Spectrum Operations in the Information Age,
  • Assess the applicability of existing academic theories, national strategies, policy doctrine and planning considerations for cyber operations,
  • Assess how existing military and intelligence planning considerations apply in cyberspace,
  • Evaluate and recommend appropriate courses of action to a primary stakeholder for cyberspace operations.

Cyber Law


    To equip you with the awareness and ability to critique different legal and ethical frameworks and factors that need to be considered when designing and delivering cyber operations against a range of adversarial actors or deploying cyber capabilities as part of a Full Spectrum Operation.


    This module will consider the range of different legal regimes that need to be considered when planning or conducting offensive cyber operations. The module will look at the applicable legal framework for intelligence operations, military operations, information operations and propaganda. It will consider the obligations provided through customary international law, international humanitarian law and domestic legislation that need addressing when considering a cyber operation. The module will look at the implication of conducting cyber operations in a range of different contexts, considering cyber as part of a military campaign, prior to the declaration of war and against non-state actors. The applicability of the Laws of Armed Conflict will be explored when considering cyber operations. The applicable legal frameworks and issues will be considered from a range of different perspectives of those actors involved in dealing with cyber operations (both private and public sector). You will be introduced to a range of different concepts that could be considered when developing appropriate courses of action for cyber operations. The concepts include but are not limited to: sovereignty, right to self-defence, espionage, sabotage, subversion, intelligence, ius ad bellum, ius in bello, armed attack, threat or use of force, necessity, proportionality, distinction, targeting, perfidy, ruse and state responsibility. Finally, this module will allow you the opportunity to look at the various proposed legal frameworks for cyber operations and assess their suitability to support operational planners.

Intended learning outcomes

On successful completion of this module you will be able to:

  • Describe the range of legal and ethical issues to be considered when conducting an offensive cyber operation,
  • Summarise the legal frameworks to be considered when considering a cyber operation for intelligence, for military effect against a state adversary or against a non-state actor,
  • Appraise the legal and ethical considerations when conducting a cyber operation, whether as part of a military campaign or not,
  • Evaluate the longer-term consequences of adopting a particular course of action that causes tension against an existing domestic or international legal framework.

Cyber Deception


    To equip you with the awareness and ability to employ cyber deception in both active network defence and computer network exploitation.

    This module will address this important emerging discipline by moving beyond established practices of passive network defence such as firewalls and anti-virus patching. Consideration will be given to both the psychological and the technical aspects of exploiting deceptive assets on a network within a wider cyber deception campaign that leverages them. This module equips you with a critical understanding of the opportunities and vulnerabilities faced when considering the issues of managing deceptive activities to create active and proactive network defence capabilities. The module will emphasise the need for a systematic, human factors based approach to both technical and enterprise risk management in this area.
Intended learning outcomes

On successful completion of this module you will be able to:

  • Distinguish the technical structures of information systems that facilitate successful cyber deception,
  • Determine the human factors associated with attacking and defending computer systems exploiting principles of cyber deception,
  • Formulate the technical basis for a successful cyber deception,
  • Evaluate the threats and opportunities necessary to conduct a risk assessment for the use of cyber deception,
  • Critically appraise the use of cyber deception in relation to concepts of Effects Based Operations and deterrence.

Elective modules
One of the modules from the following list needs to be taken as part of this course

Understanding Risk


    The module develops an understanding of the importance of taking a risk-based approach to Cyber Security and Information Assurance.


    Mapping the Landscape

    • Definitions and terminology,
    • History of hacking,
    • Threat landscape.

    Cyber Security Risk Management in Practice

    • Basic principles,
    • Legislation and standards,
    • Risk management approaches,
    • Strategies for managing risk.


    • Quantifying risk in a complex environment,
    • Risk economics,
    • Social dimension of risk,
    • Risk communication.
Intended learning outcomes

On successful completion of this module you will be able to:

  • Critically appraise a range of approaches for assessing risk in the complex cyber environment,
  • Evaluate the factors that influence effective risk management in organisations,
  • Critically assess the level of risk faced by an organisation.

Cyber Attack - Threats and Opportunities


    To develop a broad understanding of the security technologies available to support Information Assurance and security requirements and vulnerabilities corresponding to attack vectors.

    • Cyber activity
      • Different types of malware, how they are used and combined within a malicious event,
      • Approaches for modelling the attacker TTPs,
      • Lifecycles for infrastructure supporting cyber attacks,
      • Complexities of attribution,
      • The Insider threat.
    • Attacks and vulnerabilities
      • The common approaches to reconnaissance prior to hostile cyber activity,
      • An exploration of the nascent vulnerabilities in network infrastructure, web applications and native code,
      • The attacks and exploits that target these vulnerabilities,
      • The approaches to understanding the business and mission effects from malicious activity.
    • Defensive TTPs
      • Common tools, techniques and procedures that can be used to improve an organisations defensive posture,
      • Approaches to cyber threat hunting.
Intended learning outcomes

On successful completion of this module you will be able to:

  • Assess cyber operations from a variety of threat actors,
  • Evaluate the different cyber vulnerabilities and how they might impact an organisation,
  • Appraise the strengths and weaknesses of various security technologies and their suitability for protecting an organisation,
  • Develop a security strategy using appropriate technologies and techniques,
  • Prioritise cyber threats and vulnerabilities based on their potential business impact.

Social Technologies


    To develop an understanding of the impact of social media, from the perspective of security, intelligence and cyber influence.



    • What are social technologies and media,
    • Development and horizon scanning,
    • Social interaction, E-inclusion and the citizenship agenda & other uses of social media – education, scenario planning, simulation and design social technologies and security,
    • Impact on productivity and working practices & understanding generational differences.

    Social technologies and OSINT

    • Security awareness and policies,
    • Social networks and information exploitation,
    • Personas, identity, privacy and anonymity,
    • Information leakage,
    • Social technologies and intelligence,
    • Open source exploitation,
    • Challenges for situational awareness,
    • Operational security (OPSEC).

    Social technologies and influence

    • Social marketing,
    • Mobility and pervasiveness,
    • Persuasive technologies,
    • Terrorism and social media,
    • Social mobilisation,
    • Two-way communication and dialogue,
    • Second life and alternative worlds,
    • Data analytics & big data driving behavioural profiling,
    • Automated tools and techniques,
    • Influence and Information Operations.
Intended learning outcomes

On successful completion of this module you will be able to:

  • Assess the societal impact of social media,
  • Appraise the security requirements concerning risk and social media,
  • Evaluate the threats and opportunities provided by social media in relation to state activities and military operations, business practice, influence, intelligence and information assurance.

Data-led Decision Support

    The aim of this module is to provide an understanding of the processes by which organisations and individuals can gain insight and actionable intelligence from data.
    • Machine Learning and Artificial Intelligence,
    • Data mining pipeline,
    • Big Data models for exploring data,
    • Data Science.
Intended learning outcomes

On successful completion of this module you will be able to:

  • Assess and explain value of Artificial Intelligence solutions to an organisation,
  • Appraise current practices for decision support in organisations,
  • Contrast methods of analysing data to enable business intelligence,
  • Assess the appropriateness of big data for organisational decision-making.

Emerging Technology Monitoring

Module Leader
  • Ian Owens

    To enable you to identify and assess new and emerging technology to provide an on-going assessment of their relevance and potential to defence and security.

    • Generic methods and tools:
      • Horizon scanning,
      • Predictive methods,
      • Strategic assessment of new technologies,
      • Evaluation,
      • Maintaining personal awareness.
    • Emerging technologies: a selection of currently relevant technologies will be studied.
Intended learning outcomes

On successful completion of this module you will be able to:

  • Appraise emerging technologies,
  • Evaluate emerging technology that are likely to impact on national security and defence in the next five years,
  • Contrast the methods available for identifying and managing the risks and benefits of the use of emerging technology,
  • Exploit emerging technologies in relevant working practices,
  • Compare and contrast emerging technologies appropriate to a particular scenario in order to assess potential business benefit.

Incident Management


    This module will enable you to gain an understanding of threat detection and management at the macro and micro levels. The module will develop both the knowledge of strategic Business Continuity Management and introduce practical approaches to identifying, triaging and responding to threats and attacks.


    Incident Identification

    • The role of the Security Operations Centre,
    • Intrusion detection methods and tools.

    Incident Containment

    • Intrusion management,
    • Intrusion analysis, monitoring and logging,
    • Evidence preservation.

    Incident Management

    • Backup management,
    • Disaster recovery techniques,
    • Business continuity management,
    • Stakeholder management.
Intended learning outcomes

On successful completion of this module you will be able to:

  • Understand the construction of evidence preservation procedures,
  • Analyse, select and justify appropriate responses to detected intrusions,
  • Formulate the assumptions and requirements for developing a business continuity strategy,
  • Critically analyse, design and select appropriate technical solutions and processes for the identification, triage and response to cyber attacks and threats.

The Human Dimension

Module Leader
  • Antoinette Caird-Daley

    To understand the importance and contribution of human dimension when designing and implementing Cyber Defence and Information Assurance (CDIA) measures.


    Individual level

    • Human performance and error

    Organisational/stems level

    • Socio-technical context of use,
    • System weaknesses and latent errors,
    • Circumventing security.


    • Behaviour change,
    • Awareness and training for cyber security,
    • Designing security measures for and with the end user.
Intended learning outcomes

On successful completion of this module you will be able to:

  • Apply appropriate theory to the identification, description and analysis of human performance and error in any given CDIA context,
  • Identify and examine, from the perspective of the human dimension, socio-technical system weaknesses and their likely impact on system security in any given CDIA context,
  • Critically evaluate, from the perspective of the human dimension, security policies and mechanisms such that they fit the task demands, needs and capabilities of the end user, and the organisation’s requirement for secure end-user behaviour, in any given CDIA context,
  • Compare and contrast different approaches to behaviour change and their likely outcomes in CDIA contexts,
  • Identify, select, and apply tools for engaging with stakeholders when designing security measures in any given CDIA context.

Critical Networks and Process Control

    This module will examine the management and technical considerations relating to critical networks and control systems focusing on interdependence and resilience.

    Critical national infrastructure

    • Definitions and approaches to classifying national infrastructure and critical national infrastructure,
    • The global, national and organisational view of national infrastructure,
    • Frameworks for identifying and managing cyber risk in critical national infrastructure.

    Cyber Physical Systems

    • Characteristics of cyber-physical systems and the inherent security and privacy concerns.

    SCADA and OT

    • The differences between OT and IT,
    • The technical and socio-technical elements to managing the cyber risk of SCADA systems.

    IoT and smart technologies

    • IoT devices and wider supporting ecosystems,
    • Frameworks to support the identification and management of cyber risk associated with the Internet of Things deployed in smart homes, smart cities and smart grids.

    Strategic effects

    • How critical networks are targeted to deliver strategic outcomes by malicious actors.
Intended learning outcomes

On successful completion of this module you will be able to:

  • Critically evaluate theories of criticality and interdependence in the context of security planning,
  • Appraise the current state of best practice in network and security operations management in the security context,
  • Assess the factors that facilitate or prevent effective risk management of interdependent systems in the context of critical national,
  • Summarise the cyber risks associated with IoT devices and wider IoT ecosystems,
  • Using appropriate frameworks evaluate the extent to which cyber risks of essential functions are managed effectively within the context of national infrastructure.

Systems Thinking for Organisational Viability

    To provide the necessary skills and knowledge that enable professionals working in implementing information systems or critical cyber contexts to consider the wider context and adapt to continual change. It focuses on investigative methods, systems thinking and anticipating futures with a view to problem solving in a real-world context.
    • Adapting to change in complex environments,
    • Representing and navigating complexity,
    • Systems methods including Soft Systems Methodology, the Viable Systems Model and Critical Systems Heuristics,
    • Organisational dynamics and change,
    • Monitoring and adapting,
    • Anticipating future requirements,
    • Dealing with disruptive and novel technologies, events and emergent changes.
Intended learning outcomes

On successful completion of this module you will be able to:

  • Critically evaluate a range of approaches to understanding complex information system and cyber environments,
  • Critically assess approaches to innovation in contested and competitive problem spaces,
  • Appraise the techniques that can be used to design investigation, problem formulation and structuring, and interpretation of data,
  • Design and apply methods to investigate problems in organisational contexts leading to their review and resolution,
  • Analyse and scope a complex problem-space with a view to action and improvement.

Teaching team

You will be taught by Cranfield's leading experts with many years' defence and industry experience as well as external speakers from those same sectors. The Course Director is Darren Lawrence. The teaching team includes:

Your career

This qualification will take you on to become one of the next generation of operators who can support manoeuvres in cyberspace, in contested operations and as part of integrated planning. Additionally, it provides you with both the theoretical and practical understanding of cyberspace within an organisation, thereby enabling you to become one of the next generation of military leaders.

Cranfield Careers and Employability Service

Cranfield’s Career Service is dedicated to helping you meet your career aspirations. You will have access to career coaching and advice, CV development, interview practice, access to hundreds of available jobs via our Symplicity platform and opportunities to meet recruiting employers at our careers fairs. Our strong reputation and links with potential employers provide you with outstanding opportunities to secure interesting jobs and develop successful careers. Support continues after graduation and as a Cranfield alumnus, you have free life-long access to a range of career resources to help you continue your education and enhance your career.

How to apply

See our Application guide for information on our application process and entry requirements.

Part-time applications

Click on the ‘Apply Now’ button to start your online application.

Full-time applications (MOD only)

Please contact Admissions at cdsadmissionsoffice@cranfield.ac.uk for further information.