bachelor thesis it security

Master of Science in Information Security (Face-to-face Program)

At-a-glance.

Less than 6% of the world’s schools offering business degrees have met the rigorous standards for educational quality

Build your future with a Master of Science degree in information security from Cal Poly Pomona!

Face-to-face msis program overview, program overview.

• AACSB accredited  and  STEM designated
• Class mode : hybrid (i.e., mix of face-to-face and online). Most classes are offered on Saturdays.
• Completion Time : 22 months (5 semesters including a summer semester)
• Number of courses (total units) : 10 courses and one comprehensive exam (31 units)
• Scholarships available

Requirements

The admission to this program is based on a holistic view of the following criteria: a) Resume b) Personal Statement c) Minimum GPA at 2.5 if prior degree in Information Systems or a related field; otherwise, minimum GPA at 3.0. 4-year Bachelor's Degree d) Prerequisites

Basic knowledge in the areas of Networking , Programming , and Database is essential to study the MSIS program. If you didn’t take classes in those areas, you should complete the following online courses (or similar ones) and provide proofs as supplemental documents when applying for the MSIS program.

e) English Proficiency Test (only for Applicants with prior degrees conducted not in English)

• TOEFL (if required) 213 Computer Based, 550 Paper Based, 80 Internet Based, or
• IELTS 6.5, or
• Duolingo Score: 105, or
• CPELI level 6

f) For a complete list, visit our Admission Requirements page .

Scholarships

• Criteria: academic performance, relevant major and experience.
• We'll review your application to the program, no separate application needed.
• Our curriculum also prepares students for valuable industry certification exams. Awards available for those who pass any certification exam for CompTIA Security+, CISA (Certified Information Systems Auditor), or CISSP (Certified Information Systems Security Professional).

Student Clubs

• SWIFT : focuses on cybersecurity, networking, and system administration.
• FAST : focuses on digital forensics, cyber crime, and cybersecurity.
• MISSA : focuses on information auditing and data analytics.

Career Opportunities

• Security Analyst
• Security Specialist
• Network Administrator
• Forensics Specialist

Application Deadline

• Domestic Students – July 1st
• International Students – May 1st

Attend an Info Session

Meet the faculty, tuition & fees, request information, forms & documents.

For general questions, please contact a graduate advisor at [email protected] .

For questions about the MSIS program, such as curriculum, prerequisites, course substitutions, or unit transfer, contact the program director, Dr. Zhongming Ma, at [email protected] .

• Bibliography
• More Referencing guides Blog Automated transliteration Relevant bibliographies by topics
• Automated transliteration
• Relevant bibliographies by topics
• Referencing guides

Google Custom Search

Wir verwenden Google für unsere Suche. Mit Klick auf „Suche aktivieren“ aktivieren Sie das Suchfeld und akzeptieren die Nutzungsbedingungen.

Hinweise zum Einsatz der Google Suche

• Professorship of Cyber Trust
• TUM School of Computation, Information and Technology
• Technical University of Munich

Teaching at the Professorship of Cyber Trust

Theses and student projects.

We offer motivated students interested in our research projects the opportunity to write their Thesis (Bachelor or Master) or to conduct Guided Research Projects.

Application

Please send your application to one of our chair members via email, including your motivation (i.e. why you are interested in our research), a short CV and your current Examination Report (TUMonline → Studies → Transcripts → Print Examination Report). Please do not hesitate to contact us for further information.

Open Student Projects

This list is not comprehensive. Please browse through our researchers' websites if you are looking for different topics you may be interested to work on.

Assigned Student Projects

Completed Student Projects

• {{ child.heading }}

Quick access

{{child.heading}}

CAC - Chair of Applied Cryptography

Theses (Bachelor/Master)

We offer thesis topics related to cryptography, IT security and Blockchain technologies. Our major areas of research are:

• Hardware cryptography: for example, designing new cryptographic primitives that are provably secure against side-channel attacks, analyzing existing countermeasures and benchmarking their efficiency.
• Scalability of blockchains: for example, investigating how to improve the efficiency and transaction throughput of blockchain technology.
• Security of blockchain: for example, attacking the privacy or robustness of existing cryptocurrencies.
• Cryptographic protocols: for example, designing cryptographic protocols that guarantee fairness by using smart contracts, or preserve privacy by using zero-knowledge proof systems.

We offer both more theoretical and applied thesis topics. A theoretical thesis may include a literature survey, security models and a formal security analysis of a security/cryptographic/blockchain protocols. In a more applied thesis you will implement new primitives and protocols and benchmark their performance (according to various measures). Alternatively, you may also try to attack existing cryptographic/security/blockchain systems.

If you are interested please do not hesitate to contact us via [email protected].

Supervised Master and Diploma Theses

Some example proposals are listed below. However, these are just samples. If you are interested in doing a thesis with us, we advise to check out our research web-pages and contact us for further topics.

Access restricted section: Log in to see this section .

General Information

Requirements.

We expect that undergraduate students preparing a Bachelor thesis show a strong interest in topics related to our lectures. Bachelor theses may be written in German or English. Please choose German if you have difficulties drafting a flawless document in English.

A Master thesis should have substantial knowledge in at least one sub-field of security or cryptography, and they should have prior experience with the research methodology they plan to use. The default language for Master theses is English.

We only supervise student from TU Darmstadt. In exceptional cases we supervise Master students at a company. In this case you need to write a proposal (ca. 2 pages) highlighting why your topic is important for our research.

Recommendation

Candidates are expected to be familiar with the general instructions for writing a thesis at the Department of Computer Science.

Please consider the following options to find a topic of the thesis:

• Consult our web-pages on research and our projects.
• If you have an idea for an interesting topic that matches the research area of one of our team members, you may also contact him/her and propose your own topic. The decision to supervise will be made by the potential supervisor.

Chair of Applied Cryptography

office@cac.tu-...

work +49 6151 16-25716

Work S2|20 307 Pankratiusstraße 2 64289 Darmstadt

We would like to customise the information and usability of this website to your preferences and needs. To this end, we use so-called cookies. Please choose which cookies you would like to enable when visiting our webpages. Some of these cookies are required to load and correctly display this website on your device. These are strictly necessary or essential cookies and cannot be deselected. The preferences cookie saves your language setting, while the statistics cookie regulates how the open-source statistical software “Matomo” analyses your visits to and activities on our website. For more information about cookies we use, please refer to our privacy policy .

Security and Privacy Lab

Topics for theses.

We are always looking for highly motivated students who want to write Bachelor's and Master's theses with us. If you are interested, please contact the supervisors of the available topics. It is good practice to get in touch well in advance of your planned starting date.

Requirements

We expect that undergraduate students preparing a Bachelor's thesis show a strong interest in topics related to our lectures. Bachelor's theses should be written in German.

Graduate students preparing a Master's thesis should have substantial knowledge in at least one sub-field of security or privacy and they should have prior experience with the research methodology they plan to use. The default language for Master's theses is English.

Doctoral dissertations (Ph.D. theses) are typically prepared while working for one of our research projects. As our research group maintains strong ties to the relevant international scientific communities, we encourage our Ph.D. candidates to make use of the possibility to conduct part of their research at renowned universities abroad.

Typical effort

Although counting pages is generally a bad metric, take the following specifications as rules of thumb:

Bachelor's and Master's Theses

Candidates are expected to be familiar with the general instructions for writing a Bachelor's or Master's thesis at the Department of Computer Science.

• Consult the list of available topics.
• If you have an idea for an interesting topic that matches the research area of one of our team members, you may also contact him/her and propose your own topic. The decision to supervise will be made by the potential supervisor.

Writing an exposé

• your interpretation of the topic
• the status quo with references to academic literature
• the research question(s), your planned approach and method
• a discussion of risks, if necessary
• a rough timeline with 2-3 non-trivial milestones
• the 3-5 most relevant references.

Keep in mind that drafting the exposé is an iterative process involving your supervisor. It may require some time. Your supervisor must accept your final exposé before we schedule an initial presentation in the Seminar mit Bachelorarbeit . This presentation is the formal start of the Bachelor's thesis process. For Master's theses, the completion of the exposé means that the candidate formally passes the preparation.

Writing a Bachelor's thesis

The Bachelor's thesis should demonstrate that the candidate can solve problems independently and document own results according to scientific standards. If you need feedback or assistance, you must take initiative and contact your supervisor. Before every meeting with your supervisor, please send to him/her a rough agenda and supporting materials. This helps the supervisor to prepare and improves the efficiency of the meeting.

We offer each student the opportunity to hand in up to five pages of the thesis draft. The supervisor will correct it with the same standard as for the final thesis. We expect the student to extrapolate corrections to the rest of the thesis.

In addition to an electronic copy in PDF format, students must submit a signed declaration of independent work .

Writing a Master's thesis

Writing a Master's thesis is usually a very interactive process involving the supervisor and other members of the research group. Candidates often spend part of the time at a desk in our lab. Some candidates contribute to research project or publish research results related to the thesis project in scientific workshops or conferences.

In addition to an electronic copy in PDF format, students must submit one bound hard copy of the Master's thesis including a signed declaration of independent work in the preface.

105 Latest Cyber Security Research Topics in 2024

Home Blog Security 105 Latest Cyber Security Research Topics in 2024

The concept of cybersecurity refers to cracking the security mechanisms that break in dynamic environments. Implementing Cyber Security Project topics and cybersecurity thesis topics helps overcome attacks and take mitigation approaches to security risks and threats in real-time. Undoubtedly, it focuses on events injected into the system, data, and the whole network to attack/disturb it.

The network can be attacked in various ways, including Distributed DoS, Knowledge Disruptions, Computer Viruses / Worms, and many more. Cyber-attacks are still rising, and more are waiting to harm their targeted systems and networks. Detecting Intrusions in cybersecurity has become challenging due to their Intelligence Performance. Therefore, it may negatively affect data integrity, privacy, availability, and security. 

This article aims to demonstrate the most current Cyber Security Research Topics for Projects and areas of research currently lacking. We will talk about cyber security research questions, cyber security topics for the project, latest research titles about cyber security.

List of Trending Cyber Security Research Topics in 2024

Digital technology has revolutionized how all businesses, large or small, work, and even governments manage their day-to-day activities, requiring organizations, corporations, and government agencies to utilize computerized systems. To protect data against online attacks or unauthorized access, cybersecurity is a priority. There are many Cyber Security Courses online where you can learn about these topics. With the rapid development of technology comes an equally rapid shift in Cyber Security Research Topics and cybersecurity trends, as data breaches, ransomware, and hacks become almost routine news items. In 2024, these will be the top cybersecurity trends .

A. Exciting Mobile Cyber Security Research Paper Topics

• The significance of continuous user authentication on mobile gadgets. 
• The efficacy of different mobile security approaches. 
• Detecting mobile phone hacking. 
• Assessing the threat of using portable devices to access banking services. 
• Cybersecurity and mobile applications. 
• The vulnerabilities in wireless mobile data exchange. 
• The rise of mobile malware. 
• The evolution of Android malware.
• How to know you’ve been hacked on mobile. 
• The impact of mobile gadgets on cybersecurity. 

B. Top Computer and Software Security Topics to Research

• Learn algorithms for data encryption 
• Concept of risk management security 
• How to develop the best Internet security software 
• What are Encrypting Viruses- How does it work? 
• How does a Ransomware attack work? 
• Scanning of malware on your PC 
• Infiltrating a Mac OS X operating system 
• What are the effects of RSA on network security ? 
• How do encrypting viruses work?
• DDoS attacks on IoT devices

C. Trending Information Security Research Topics

• Why should people avoid sharing their details on Facebook? 
• What is the importance of unified user profiles? 
• Discuss Cookies and Privacy  
• White hat and black hat hackers 
• What are the most secure methods for ensuring data integrity? 
• Talk about the implications of Wi-Fi hacking apps on mobile phones 
• Analyze the data breaches in 2024
• Discuss digital piracy in 2024
• critical cyber-attack concepts 
• Social engineering and its importance 

D. Current Network Security Research Topics

• Data storage centralization
• Identify Malicious activity on a computer system. 
• Firewall 
• Importance of keeping updated Software  
• wireless sensor network 
• What are the effects of ad-hoc networks
• How can a company network be safe? 
• What are Network segmentation and its applications? 
• Discuss Data Loss Prevention systems  
• Discuss various methods for establishing secure algorithms in a network. 
• Talk about two-factor authentication

E. Best Data Security Research Topics

• Importance of backup and recovery 
• Benefits of logging for applications 
• Understand physical data security 
• Importance of Cloud Security 
• In computing, the relationship between privacy and data security 
• Talk about data leaks in mobile apps 
• Discuss the effects of a black hole on a network system. 

F. Important Application Security Research Topics

• Detect Malicious Activity on Google Play Apps 
• Dangers of XSS attacks on apps 
• Discuss SQL injection attacks. 
• Insecure Deserialization Effect 
• Check Security protocols 

G. Cybersecurity Law & Ethics Research Topics

• Strict cybersecurity laws in China 
• Importance of the Cybersecurity Information Sharing Act. 
• USA, UK, and other countries' cybersecurity laws  
• Discuss The Pipeline Security Act in the United States 

H. Recent Cyberbullying Topics

• Protecting your Online Identity and Reputation 
• Online Safety 
• Sexual Harassment and Sexual Bullying 
• Dealing with Bullying 
• Stress Center for Teens 

I. Operational Security Topics

• Identify sensitive data 
• Identify possible threats 
• Analyze security threats and vulnerabilities 
• Appraise the threat level and vulnerability risk 
• Devise a plan to mitigate the threats 

J. Cybercrime Topics for a Research Paper

• Crime Prevention. 
• Criminal Specialization. 
• Drug Courts. 
• Criminal Courts. 
• Criminal Justice Ethics. 
• Capital Punishment.
• Community Corrections. 
• Criminal Law.

Cyber Security Future Research Topics

• Developing more effective methods for detecting and responding to cyber attacks
• Investigating the role of social media in cyber security
• Examining the impact of cloud computing on cyber security
• Investigating the security implications of the Internet of Things
• Studying the effectiveness of current cyber security measures
• Identifying new cyber security threats and vulnerabilities
• Developing more effective cyber security policies
• Examining the ethical implications of cyber security

Cyber Security Topics For Research Paper

• Cyber security threats and vulnerabilities
• Cyber security incident response and management
• Cyber security risk management
• Cyber security awareness and training
• Cyber security controls and countermeasures
• Cyber security governance
• Cyber security standards
• Cyber security insurance

Top 5 Current Research Topics in Cybersecurity

Below are the latest 5 cybersecurity research topics. They are:

• Artificial Intelligence
• Digital Supply Chains
• Internet of Things
• State-Sponsored Attacks
• Working From Home

Research Area in Cyber Security

The field of cyber security is extensive and constantly evolving. Its research covers a wide range of subjects, including: 

• Quantum & Space  
• Data Privacy  
• Criminology & Law 
• AI & IoT Security
• RFID Security
• Authorization Infrastructure
• Digital Forensics
• Autonomous Security
• Social Influence on Social Networks

How to Choose the Best Research Topics in Cyber Security?

A good cybersecurity assignment heading is a skill that not everyone has, and unfortunately, not everyone has one. You might have your teacher provide you with the topics, or you might be asked to come up with your own. If you want more cyber security research topics, you can take references from Certified Ethical Hacker Certification, where you will get more hints on new topics. If you don't know where to start, here are some tips. Follow them to create compelling cybersecurity assignment topics. 

1. Brainstorm

In order to select the most appropriate heading for your cybersecurity assignment, you first need to brainstorm ideas. What specific matter do you wish to explore? In this case, come up with relevant topics about the subject and select those relevant to your issue when you use our list of topics. You can also go to cyber security-oriented websites to get some ideas. Using any blog post on the internet can prove helpful if you intend to write a research paper on security threats in 2024. Creating a brainstorming list with all the keywords and cybersecurity concepts you wish to discuss is another great way to start. Once that's done, pick the topics you feel most comfortable handling. Keep in mind to stay away from common topics as much as possible. 

2. Understanding the Background

In order to write a cybersecurity assignment, you need to identify two or three research paper topics. Obtain the necessary resources and review them to gain background information on your heading. This will also allow you to learn new terminologies that can be used in your title to enhance it. 

3. Write a Single Topic

Make sure the subject of your cybersecurity research paper doesn't fall into either extreme. Make sure the title is neither too narrow nor too broad. Topics on either extreme will be challenging to research and write about. 

4. Be Flexible

There is no rule to say that the title you choose is permanent. It is perfectly okay to change your research paper topic along the way. For example, if you find another topic on this list to better suit your research paper, consider swapping it out. 

The Layout of Cybersecurity Research Guidance

It is undeniable that usability is one of cybersecurity's most important social issues today. Increasingly, security features have become standard components of our digital environment, which pervade our lives and require both novices and experts to use them. Supported by confidentiality, integrity, and availability concerns, security features have become essential components of our digital environment.  

In order to make security features easily accessible to a wider population, these functions need to be highly usable. This is especially true in this context because poor usability typically translates into the inadequate application of cybersecurity tools and functionality, resulting in their limited effectiveness. 

Cyber Security Research Topic Writing Tips from Expert

Additionally, a well-planned action plan and a set of useful tools are essential for delving into Cyber Security research topics. Not only do these topics present a vast realm of knowledge and potential innovation, but they also have paramount importance in today's digital age. Addressing the challenges and nuances of these research areas will contribute significantly to the global cybersecurity landscape, ensuring safer digital environments for all. It's crucial to approach these topics with diligence and an open mind to uncover groundbreaking insights.

• Before you begin writing your research paper, make sure you understand the assignment. 
• Your Research Paper Should Have an Engaging Topic 
• Find reputable sources by doing a little research 
• Precisely state your thesis on cybersecurity 
• A rough outline should be developed 
• Finish your paper by writing a draft 
• Make sure that your bibliography is formatted correctly and cites your sources. 

Discover the Power of ITIL 4 Foundation - Unleash the Potential of Your Business with this Cost-Effective Solution. Boost Efficiency, Streamline Processes, and Stay Ahead of the Competition. Learn More!

Studies in the literature have identified and recommended guidelines and recommendations for addressing security usability problems to provide highly usable security. The purpose of such papers is to consolidate existing design guidelines and define an initial core list that can be used for future reference in the field of Cyber Security Research Topics.

The researcher takes advantage of the opportunity to provide an up-to-date analysis of cybersecurity usability issues and evaluation techniques applied so far. As a result of this research paper, researchers and practitioners interested in cybersecurity systems who value human and social design elements are likely to find it useful. You can find KnowledgeHut’s Cyber Security courses online and take maximum advantage of them.

Frequently Asked Questions (FAQs)

Businesses and individuals are changing how they handle cybersecurity as technology changes rapidly - from cloud-based services to new IoT devices. 

Ideally, you should have read many papers and know their structure, what information they contain, and so on if you want to write something of interest to others. 

Inmates having the right to work, transportation of concealed weapons, rape and violence in prison, verdicts on plea agreements, rehab versus reform, and how reliable are eyewitnesses? 

The field of cyber security is extensive and constantly evolving. Its research covers various subjects, including Quantum & Space, Data Privacy, Criminology & Law, and AI & IoT Security. 

Mrinal Prakash

I am a B.Tech Student who blogs about various topics on cyber security and is specialized in web application security

Avail your free 1:1 mentorship session.

Something went wrong

Upcoming Cyber Security Batches & Dates

Bachelor theses in computer science

Here you find lists of bachelor theses in computer science, written at the department for IT by students on the bachelor programme (freemovers are not included). Other programmes: Master in computer science, older programme , Systems in technology and society , Msc in IT engineering , Master in computer science , Master in HCI , Master in computational science , Master in Embedded Systems and the complete list .

• Write my thesis
• Thesis writers
• Buy thesis papers
• Bachelor thesis
• Master's thesis
• Thesis editing services
• Thesis proofreading services
• Buy a thesis online
• Write my dissertation
• Dissertation proposal help
• Pay for dissertation
• Custom dissertation
• Dissertation help online
• Buy dissertation online
• Cheap dissertation
• Dissertation editing services
• Write my research paper
• Buy research paper online
• Pay for research paper
• Research paper help
• Order research paper
• Custom research paper
• Cheap research paper
• Research papers for sale
• Thesis subjects
• How It Works

221 Interesting Thesis Topics for IT Students

Did you know that one of the most important parts of writing your dissertation is finding the best topic possible? You are probably having serious problems finding a topic for your thesis. After all, the thesis topics IT students are looking for are pretty rare. The reality is that in the IT field, most topics have already been written about. There are few things left to write it seems. Well, things are a bit different. We are here to assure you that you can find thesis topics for IT students. Also, we want to assure you that it is not at all difficult to find an interesting topic that you can write an engaging paper about. We will provide you with 21 such topics shortly. College students can use our topics for free; we are very happy to help!

Writing Your Thesis and Looking for Dissertation Topics?

• Why Thesis Topics for IT Students Are Important?
• Fresh Dissertation Topics for You

Best IT Thesis Topics in Artificial intelligence

Exceptional it thesis topics in computer science and engineering, refreshing it thesis topics in communication and media, top it thesis topics on food technology, thoughtful it thesis topics on technology and human identity, top it thesis topics on pharmaceutical technologies, it thesis topic ideas on energy power technologies, it thesis topics on medical devices and diagnostics, it thesis topics on biotechnology, more interesting it thesis topics for you, need more it dissertation topics.

As you are probably already aware, the IT field is advancing rapidly. Advancements are made almost daily in technology, including information technology. This is why so many students are looking for fresh 2022 dissertation topics. They want to write about the latest technologies and the latest gadgets. Of course, one can go online and find various 2022 thesis topics IT students would find impressive. You will probably find some that are relatively decent. But be aware that the evaluation committee will most certainly not be impressed by decent topics. They want something new. They want something that can pique their interest. They want to LEARN something from you. And they want to award you with some bonus points. Why not take them?

Why Thesis Topics for IT Students Are Important

Did you ever wonder why so many people dedicate so much time to finding a great topic? Probably not. Let’s shed some light on this. College students are looking for IT dissertation topics because they want bonus points. The topic is the first thing the evaluation committee sees. It is the most important part of your paper. As such, it must be interesting, engaging, and also helpful. It must show that you have put in the effort to write the dissertation. Awe the admission committee and you will surely get bonus points. Even if your dissertation is not the best, you will still get a good score if the topic you choose is exceptional. But engaging IT dissertation topics are difficult to come by. Most of your classmates have already picked the simple ones. But you are not like the rest of your class, are you? You want to be original and you want to make a lasting impression on the professors. This is why you need to take a look at our fresh dissertation topics.

21 Fresh Dissertation Topics for You (Absolutely Free)

Without further ado, here are the 21 thesis topics for IT students that we think are the most interesting and engaging:

• Conducting virtual business in the era of 3D Internet – the business of the future
• Analyzing e-tourism services in the UK: Factors that Influence Customer Satisfaction
• Mobile government applications and their benefits
• Producing believable emotions using AI systems for e-commerce
• The future of YouTube and multimedia distribution platforms
• Analyzing the impact of media technology on child development throughout the school
• Integrating an ERP system with a cloud service
• Developing a tool to analyze keystrokes and use the data for password security
• Analyzing critical vulnerabilities of the Android mobile operating system
• Analyzing the impact of e-publishing on libraries (one of the best thesis topics for IT students)
• In-depth analysis of the fault-recovery and redundancy in modern 4G mobile networks
• The impact of full-text databases on Google as a search engine
• Creating software capable of reading human emotions using a webcam
• How effective is face recognition as a security measure?
• Analyzing critical security vulnerabilities in IT systems used at the government level
• Does curbing software piracy in developing countries have any negative results?
• Using BitTorrent systems for faster multimedia delivery and playback
• How safe are whistleblowers operating on the Dark Web? (one of the thesis topics IT students are usually reluctant to write about)
• Building a Dark Web crawler that indexes onion sites based on specific criteria
• Creating a modern Tetris game in C# using OpenGL
• The advantages brought by mobile working to IBM and its employees

If you want to write a relevant research topic, consider writing about Artificial intelligence topics (AI). AI is a relevant phenomenon, and here is a look at some ideas of artificial intelligence that you should look into.

• Is deep learning an effective way of dealing with deep learning?
• How do artificial neural networks affect deep learning?
• Discuss the areas of life machine learning that are most influential.
• Ways to select the best algorithm for machine learning.
• How does NASA use robotics?
• Discuss the process of using natural languages to create a unique language.
• How does artificial intelligence affect computer vision?
• Compare and contrast the effects of supervised vs. unsupervised machine learning.
• The effects of reinforcement machine learning algorithms.
• Model-based vs. Model-free reinforcement learning algorithms.
• Deep learning as a subject of machine learning.
• Comparison between single vs. Multi-agent reinforcement learning.
• Ways that the social robots interact with the humans
• How do chatbots aid in the natural language processing system?
• Five ways of computer vision application.
• What is the recommended systems approach?
• What is the interconnection of the Internet of things and artificial intelligence?
• What amount of data is generated by the Internet of things devices?
• Compare and contrast content-based recommendation vs. collaborative filtering.
• What makes the collaborative filtering system stand out?

Computer science and engineering combine two different yet interconnected worlds of machines. The use of computer science uses the computer’s brain. It is, in most cases, used to include areas of studies like programming language and algorithms. Here is a list of research topics in computer science and engineering that you can use.

• In what ways is the virtual and human perception connected?
• What is the future of computer science-assisted education?
• What are computer science and high-dimensional data modeling?
• The imperative vs. declarative languages.
• Explain the use of blockchain and AI algorithmic regulations.
• How has blockchain technology impacted the banking industry?
• In what way does machine architecture use to affect the efficiency of code?
• What are the languages of parallel computing?
• Explain the way that mesh generation is used for computational domains.
• The cyber-physical optimization vs. the sensor networks.
• Explain the development of computer graphics in a photorealistic rendering case.
• What are game theory and network economics?
• What are the most effective cryptographic protocols?
• An overview of the software security types.
• It is possible to eliminate phishing.
• Floating point and programming language
• In what ways is the mesh generation used for computational domains?
• How to get the persistent data structure optimization
• In what ways does computer thinking affect science?

One of the first areas that technology affected was communication. With technology, media is used for social interactions, business development, and educational purposes. Here are exciting ideas to use when researching your IT thesis paper.

• What is the impact of ethics on communication?
• How the development of communication through the computer has evolved in the past decade.
• In what ways has social media impacted communication?
• What role do media play during a disaster? Does it increase panic or help in reducing it?
• Compare and construct the authority’s media presence in different countries.
• Will people start preferring newspapers to new media again?
• In what ways has the Internet changed media?
• Discuss communication networks.
• What impact do social media have on super bowl ads?
• What are the new content marketing ideas?
• What is the impact of media exposure on adolescents?
• In what ways do people use hype in the media?
• Discuss the media and freedom of speech.
• Is it possible for people to build trustful relationships in virtual communication?
• What measures can you put to maintain privacy on social media?
• In what ways have computers changed interpersonal communications?
• What is yellow journalism in new media?
• In what ways do enterprises use ICT to get a competitive advantage?
• Is it possible to live without mass media?
• What are the impacts of mass media and morality in the 21st century?

If you are searching for a qualitative research topic about technology in the food industry, here is a list of ideas you can use.

• What are the machines used in the food industry?
• In what ways do robots improve safety in butcheries?
• 3D printing and the food industry.
• Is 3D printing the best solution to offer people with swallowing disorders?
• About drones and precision agriculture.
• In what ways does robotics help in creating eco-friendly food packages?
• Is micro packaging the future?
• Research on the development of edible cling film.
• The solution that technology has to food waste.
• How do preservatives and additives impact the human gut microbiome?
• Physicochemical levels the effect of citric acid on orange juice.
• Compare and contrast vegetable oil in mass production.
• Time-temperature indicators and food industry.
• Farming: hydroponic vs. conventional farming.
• How is food safety a policy issue in agriculture today?
• Ways you can use to limit the detection of parasites in food.
• How is the baking industry evolving?
• How technology is used to eliminate byproducts in edible oils production
• About cold plasma and biofilm.
• Ways to extract good antioxidant peptides are extracted from plants.

The ethical issues surrounding the enhancement technology are intertwined with the questions of human identity and the proper trajectory of human life. Here is a list of thesis ideas you can use in your research.

• Does technology make human life worth living than animal life?
• The dignity of human life concerning technology explained?
• In what ways should humans be observed in informational technology?
• Should tech and scientific investigations on humans have a limit?
• What is the importance of DNA information in forming our identity?
• Is Ancestry DNA testing important?
• Explain multi-racial identification.
• Can scientific investigations tell us what self-care is?
• In what ways will virtual reality technology change us?
• Should there be a limit on the research in virtual reality? The possibility of virtual reality being the future.
• What are the benefits of using virtual reality technologies?
• What is the importance of finding alternative treatments for mental illness other than drugs?
• Has the increase in technology affected the rise of mental illness?
• Ways technology can be used to control addiction.
• Pros and cons of using technology to control brains.
• 7 social dangers of the brain controlling technology.
• Does science dictate who we are?
• What has led to the increase in mental illness among tech enthusiasts?
• Can tech-related mental illness be cured?
• What is the relationship between technology and drug addiction?

Companies are using technology to search for ways they can use it to reduce costs and boost effectiveness by doing pharmaceutical technology research. Impress your lecturer by choosing one of the research topics discussed below

• What is the effectiveness of medical therapy management?
• Explain how prior electronic authorization is a pharmacy technology trend.
• Explain the medical therapy management and the health information exchanges.
• How can electronic prescribing reduce the possibility of drug abuse issues?
• Ways that pharmacists help with meaningful tech use.
• Discuss various pharmaceutical technologies.
• Pharmaceutical technology research.
• What are specialty medications?
• Vaccines for AIDS: can it be developed?
• Ways that the prescription drug monitoring program works.
• How do specialty pharmacies use NCPDP?
• Why are patients interested in real-time pharmacy?
• Phenotypic screening research.
• Impact of ERP with pharmaceutical company’s analytics.
• Pharmaceutical technologies: data security.
• About DNA-encoded library technology.
• Pro and cons antibiotics vs. superbugs.
• How does the body-on-a-chip approach be used for personalized medicines?
• Modern cannabidiol medicine and pain management.
• What is the future of cannabidiol medicine?

It is not possible to have a technology process without energy. That is the reason that scientists are always looking for ways they can improve energy power technologies. So, if you are looking for thesis topics you can use to impress your lecturer, here is a list of power technology research you can use.

• Ways that fuel cells can be used for the generation of stationary power.
• Compare the energy density of lithium-ions and lithium-air batteries.
• Gasoline vs. Lithium-air batteries.
• The pros and cons of renewable energy use.
• How does the UAE use nuclear power?
• Research on India power installation.
• Increase in gas prices and alternative energy sources.
• How can hydrogen energy be used to transform the methods or energy?
• Is hydrogen energy the future?
• About the thermal storage and AC systems.
• In what ways can you use load balance using a smart grid?
• How can distributed energy generation optimize power waster?
• Is the smart energy network a solution to climate change?
• What is the future of tidal power?
• What is the possibility of 3D printing micro stirring engines?
• In what ways can robots be used to adjust the solar panel weather?
• Explain advanced biofuel and algae.
• In what ways can photovoltaic glass be fully transparent?
• Compare the different third-generation biofuels.
• Is space-based solar power a myth or the reality of the future?

The innovation of medicine and technology helps to improve life expectancy. If you feel that saving lives is your purpose, here are some thesis topics you can use in your research paper.

• The effects of robotic surgeries.
• Explain defibrillator & cardiac resynchronization therapy.
• How smart can inhalers be used as a new solution to asthma treatment?
• Genetic counseling: ways of preventing diseases.
• What are the benefits of electronic medical records?
• How is Erythrocytapheresis used to treat sickle cell disease?
• The reason that drug-eluting stents fail.
• An overview of the dissolved brain sensors.
• What are the benefits of 3D printing for medical purposes?
• How soon will it be possible to create an artificial organ?
• Research on wearable technologies in health care.
• Precision medication based on genetics.
• The importance of using virtual medicine devices for educational purposes.
• Research on the development of telemedicine.
• How is technology impacting cancer treatment?
• Is genome editing safe?
• How is the electronic diagnosis tool evolving?
• Brain-machine interface, the future.
• How does the use of wireless communication help medical professionals in hospitals?
• Ten ways wearable technology impacts the medical industry.

The development of biotechnology allows people to cure diseases and help with new machines. Here are some ideas of interesting topics you can use for your biotechnology thesis research.

• Ten impacts of biotechnology in farming.
• How does biotechnology lead to a self-sufficient protein supply?
• Evapotranspiration vs. Evaporation.
• DNA cloning and a Southern blot.
• How are personalized drugs made?
• What is pharmacogenetics?
• Is cloning playing God?
• How is pharmacogenetics used to get cancer medicines?
• Is it possible to control our genetics?
• How much genetic control do humans have?
• Based on genetics, at what point do we cease to be human?
• Research on bioethics and stem cells.
• Definition of genetic engineering.
• Gene therapy and genetic engineering.
• Ten benefits and risks of genetic engineering.
• How does plant genetic enhancement help preserve scarce plants?
• South Africa Y-chromosome genotyping.
• Ways technology is used in the creation of new vaccines.
• How does Nanotechnology help in treating HIV?
• An overview of Genes in heavy metal tolerance.

Your IT thesis does not have to be boring. Here is a list of interesting thesis topics that will impress your lecturer.

• Ways that you can eliminate heat-resistant microorganisms with ultraviolet light.
• In what ways can pesticides be used to diagnose cancer?
• How can the smeller nuclear reactors be more efficient?
• An overview of renewable energy technologies.
• Explain electronic use in the food industry and agriculture.
• The harm of polyphenols in food.
• Hope for anticancer nanomedicine.
• Does increasing military technology make use safe?
• What is the importance of military research?
• In what ways can technology be used to gauge intelligence?
• In what ways is Google search changing us?
• Blogs vs. books.
• How is teaching IT research skills important today?
• Should parents and schools encourage or discourage social media?
• Does Google affect the attention span of young people? What is the borderline in hardware and software cloud computing?
• What will be the impact when everything moves to the cloud?
• How will virtual reality change education?
• If the computer takes over most of our tasks, what will humans do?
• What will computer language be important in the future?
• What are the benefits of robots in health care?

Of course, there are dozens of other thesis topics on which students could write a paper. Some companies specialize in providing college students with entire lists of topics on a specific subject. You just need to contact an online academic writing company and tell its writers what you need. These people have extensive experience in the IT industry and have probably written dozens of dissertations. They can help you with more dissertation topics. And the best part is that some of these online services are quite affordable. An exceptional topic is worth the money – guaranteed!

Are you stuck with writing your thesis? Just enter promo “ mythesis ” – that’s all you need to get a 20% discount for any IT writing assignment you might have!

Leave a Reply Cancel reply

Master´s Programme in Information Security

• 120 credits cr.
• Gå till denna sida på svenska webben

Information security and cybersecurity are some of the most exciting and growing areas within IT. In just a few years, it’s estimated that companies and authorities will double their investments in information- and cybersecurity. This creates a high demand on the job market for graduates from advanced studies in the field.

Protecting information and digital assets from various forms of threats, attacks, disasters and mistakes is important for individuals, organizations and companies. Concepts and topics that are covered within the master’s programme include information security, cybersecurity, network security, organizational security, IT security policies, legal aspects of security, personal privacy and data protection, and governance of information security in organizations. The programme also covers topics related to crime science, for example, digital forensics, intelligence analysis and technologies and methods for analysing social media. 

The demand for educated information security specialists is already very high, almost always among the first top jobs in IT and in the coming years it is expected to continue its growth almost exponentially. Graduates of the programme are ready to work in the area of information security and related fields in both private and public sector organisations as managers, advisors and specialists providing professional and expert know-how, or with intelligence and investigations. 

Stockholm University pioneered academic research and education in information security in Sweden in the 1960s. The university has since then contributed with thousands of graduates who are now part of academia and industry around the globe.

Important about selection The selection is made from the following three criteria:

• Grades of academic courses,
• mandatory motivation letter and
• the relevance of previous studies in relation to the programme.

It is therefore very important to submit a motivation letter . Find instructions for the motivation letter under “How to apply” below.

Information for admitted students autumn 2024

Congratulations! You have been admitted at Stockholm University and we hope that you will enjoy your studies with us.

In order to ensure that your studies begin as smoothly as possible we have compiled a short checklist for the beginning of the semester.

Follow the instructions on whether you have to reply to your offer or not. universityadmissions.se

Checklist for admitted students

Activate your university account

The first step in being able to register and gain access to all the university's IT services.

Register at your department

Registration can be done in different ways. Read the instructions from your department below.

Read all the information on this page

Here you will find what you need to know before your course or programme starts.

Your seat may be withdrawn if you do not register according to the instructions provided by your department.

Information from the department - programmes

Welcome to DSV!

We hope that you will enjoy your studies with us. Follow the link below for information about how to start your studies at DSV and how and when to enrol.

New student at DSV

Welcome activities

Stockholm University organises a series of welcome activities that stretch over a few weeks at the beginning of each semester. The programme is voluntary (attendance is optional) and includes Arrival Service at the airport and an Orientation Day, see more details about these events below. Your department may also organise activities for welcoming international students. More information will be provided by your specific department. 

su.se/welcomeactivities  

Find your way on campus

Stockholm University's main campus is in the Frescati area, north of the city centre. While most of our departments and offices are located here, there are also campus areas in other parts of the city.

New student

During your studies

Student unions

For new international students

Pre-departure information

New in Sweden

Programme overview

You will find detailed course information, list of course literature, schedule and start date on the course information page at "Courses and timetables". Select semester in the drop-down menu and search by course name. Courses and timetables

Programme outline We approach the subject area from both the business side and the technical side. This master’s programme includes courses such as:

• Introduction to digital and information security 
• Intelligence and security informatics
• Information security in organisations
• Network security
• Information security project management
• Legal aspects of information security
• Cyber forensics

The programme also includes studies relative to scientific communication and research methodology for computer and systems sciences, leading up to the independent thesis work in the final term before the graduation.

1st Semester

Two alternatives, depending on the student’s previous background.

Alternative 1: For students that do not have 90 credits in computer and system sciences, informatics or equivalent:

Mandatory course 1 x 15 credits

Supplementary course in Computer and Systems Sciences 15 credits

Alternative 2: For students with 90 credits in computer and system sciences, informatics or equivalent:

Mandatory course 1 x 7,5 credits Digital Forensics 7,5 credits

Elective courses 1 x 7,5 credits One from the following three courses: Advanced Requirements Engineering of IT-systems 7,5 credits Foundations of Data Science 7,5 credits Enterprise Computing and ERP Systems 7,5 credits

Alternative 1 and 2: Mandatory courses 2 x 7,5 credits

Fundamentals of Information Security 7,5 credits  Information Security in Organisations 7,5 credits

2nd Semester

Mandatory courses 4 x 7,5 credits

Scientific Communication and Research Methodology 7,5 credits Network Security 7,5 credits Cyber Forensics 7,5 credits Cyber Security 7,5 credits

3rd Semester

For this semester, you have the possibility to apply for exchange studies. Note that , you must read the course Research Methodology for Computer and Systems Sciences 7,5 credits (or a similar course) during your exchange period to be able to write your thesis when you return. Exchange studies

Research Methodology for Computer and Systems Sciences 7,5 credits Intelligence and Security Informatics 7,5 credits Legal Aspects of Information Security 7,5 credits Information and IT-security Management 7,5 credits

4th Semester

Master thesis 30 credits

How to apply

Required supporting documentation.

Motivation letter

The letter shall include:

• Tell us something about yourself. Who are you?
• Motivate why you want to study this programme.

Maximum one A4 page. Save the letter as “Motivation letter SMINO”. Submit the letter together with your application at universityadmissions.se

More information

This program starts each autumn semester. 

Please note that it is only possible to apply for this programme in the first admission round (mid-October to mid-January). The programme is not open for admission in the second admission round.

Find answers to the most common questions regarding application, requirements and study format (distance or campus).  FAQ Master's programmes

Find the degree awarded for this programme in the syllabus, either in the right sidebar (desktop) or below (mobile device).

Please note, that you can only be awarded one bachelor’s degree, one master’s degree (60 credits) and one master’s degree (120 credits) in computer and systems sciences from our department.

Research subject at the department with relevance to the program:

Cyber Security

Career opportunities

The job market for information security professionals is very good. Information security graduates from Stockholm University work, among other, as information security managers (CISO), information security consultants, cyber security specialists, cyber and digital forensics professionals. Some graduates choose to pursue their careers in research education that eventually leads to a doctoral degree in this exciting field.

[email protected]

Know what you want to study?

What can I study?

Selected reading

Discover Stockholm and Sweden

As a student at Stockholm University you get the benefit of living in the Swedish capital.

Step-by-step guide

Here we explain all the different steps you need to go through when applying to a course or programme. Please read the instructions carefully.

Meet us online and around the world

Stockholm University arranges regular webinars and participates in educational fairs and events virtually and around the world to meet students and inform them about our study programmes. Meet us and ask what it's like to study with us!

Students of Stockholm University

Every year Stockholm University welcomes thousands of international students from all over the world. Each bringing their own backpack full of experiences, expectations and dreams. Each with their own story.

Our researchers. Your teachers

As a student at Stockholm University, you will have direct contact with leading researchers in your field and access to the most recent scientific findings. Our researchers. Your teachers. Meet a few of them here.

Hear from our alumni

Are you wondering what former students thought about your programme? Are you curious about what your education can lead to after graduation? Hear from our alumni!

Selected Topics in IT-Security

Cs 408 | english.

Lecturer: Prof. Dr. Frederik Armknecht Teaching Assistant: Youzhe Heng

The large-scale deployment of Internet-based services and the open nature of the Internet come alongside with the increase of security threats against existing services. As the size of the global network grows, the incentives of attackers to abuse the operation of online applications also increase and their advantage in mounting successful attacks becomes considerable.

These cyber-attacks often target the resources, availability, and operation of online services. In the recent years, a considerable number of online services such as Amazon, CNN, eBay, and Yahoo were hit by online attacks; the losses in revenues of Amazon and Yahoo were almost 1.1 million US dollars. With an increasing number of services relying on online resources, security becomes an essential component of every system.

This course aims to increase the security awareness of students and offers them a basic understanding with respect to a variety of interesting topics. After this course, students will be able to (1) learn about symmetric and asymmetric encryption schemes, (2) classify and describe vulnerabilities and protection mechanisms of popular network protocols, web protocols, and software systems (3) analyze / reason about basic protection mechanisms for modern OSs, software and hardware systems.

Exam Information and Dates

The final exam is a 90 minute written in-person exam. You may find up-to-date information on the exam schedule at https://portal2.uni-mannheim.de/portal2...flow . Please also check the “My Studies – My registrations” section in your student portal. The regular and re-sit exam dates, respectively, for the FSS 2024 will be made available as soon as they have been determined by the university administration.

Lecture and Exercise

See Portal2

ILIAS & Portal²

Please register via Portal² to gain access to our ILIAS course in which you may find all lecture materials.

Once registered, you may access the course using the following URL: https://ilias.uni-mannheim.de/goto.php?target=crs_1475793

Lecture Topics (tentative)

• Security Goals
• Crash Course in Cryptography
• Access Control
• Authentication
• Social Engineering
• E-Mail Security
• System Vulnerabilities
• Network Security
• Web Security

Lecture Roadmap (2024)

Tracking cookies are currently allowed.

Tracking cookies are currently not allowed.

• Blog & News
• Certifications
• Point of contact
• Directions & Parking

Master- & Bachelor-Thesis in Information & IT-Security

We regularly offer thesis work on e.g. the following topics:

• Mobile security
• Automotive IT security
• Cloud Computing security
• IT risk analysis according to ISO/IEC 27005
• Information security management according to ISO/IEC 27001
• Methods/tools for the implementation of technical assessments

Further potential IT security topics include traffic analysis, Shadow IT and vulnerability management

Start: by arrangement

Duration: min. 6 months

Become part of our team!

Have we aroused your interest?

Send us your documents in digital form to:

Lena Unseld

Will gladly answer your questions:

Get the Reddit app

A subreddit for all questions related to programming in any language.

Looking for interesting topics for my IT security bachelor's thesis - suggestions?

Hello everyone, I am about to write my bachelor's thesis in the field of IT security and am looking for interesting and current topics that I could write about. I would like to hear your opinions and suggestions. Maybe there are certain areas that you are particularly interested in or where you see a need for further research? Or maybe you have even had experience with a fascinating topic that you can share? Thanks in advance!

By continuing, you agree to our User Agreement and acknowledge that you understand the Privacy Policy .

Enter the 6-digit code from your authenticator app

You’ve set up two-factor authentication for this account.

Enter a 6-digit backup code

Create your username and password.

Reddit is anonymous, so your username is what you’ll go by here. Choose wisely—because once you get a name, you can’t change it.

Reset your password

Enter your email address or username and we’ll send you a link to reset your password

Check your inbox

An email with a link to reset your password was sent to the email address associated with your account

Choose a Reddit account to continue

• Advisers & Contacts
• Bachelor of Arts & Bachelor of Science in Engineering
• Prerequisites
• Declaring Computer Science for AB Students
• Declaring Computer Science for BSE Students
• Class of '25, '26 & '27 - Departmental Requirements
• Class of 2024 - Departmental Requirements
• COS126 Information
• Important Steps and Deadlines
• Independent Work Seminars
• Guidelines and Useful Information
• Undergraduate Research Topics
• AB Junior Research Workshops
• Undergraduate Program FAQ
• Minor Program
• Funding for Student Group Activities
• Mailing Lists and Policies
• Study Abroad
• Jobs & Careers
• Admissions Requirements
• Breadth Requirements
• Pre-FPO Checklist
• FPO Checklist
• M.S.E. Track
• M.Eng. Track
• Departmental Internship Policy (for Master's students)
• General Examination
• Fellowship Opportunities
• Travel Reimbursement Policy
• Communication Skills
• Course Schedule
• Course Catalog
• Research Areas
• Interdisciplinary Programs
• Technical Reports
• Computing Facilities
• Researchers
• Technical Staff
• Administrative Staff
• Graduate Students
• Undergraduate Students
• Graduate Alumni
• Climate and Inclusion Committee
• Resources for Undergraduate & Graduate Students
• Outreach Initiatives
• Resources for Faculty & Staff
• Spotlight Stories
• Job Openings

A Formal Approach to Practical Network Security Management (thesis)

When a system administrator configures a network so it is secure, he understands very well the users, data, and most importantly the intent—what he is trying to do. However,he has a limited understanding of the mechanisms by which components interact and the details of each component. He could easily miscongure the network so a hacker could steal confidential data. In addition to this complexity, about one hundred new security vulnerabilities are found each week, which makes it even more difficult to manage the security of a network installation---because of the large number of program vulnerabilities and challenging time constraints. Even professional administrators find this a difficult (impossible) task. How does one enable the system administrator to securely congure the network with a limited understanding of its components, program bugs and their interactions? The solution is a security analysis framework that modularizes information flow between the system administrator, security expert and the bug expert. The administrator specifies what he is trying to do, the security expert specifies component behavior, the bug expert specifies known bugs. We developed a rule based framework—---Multihost, Multistage, Vulnerability Analysis (MulVAL)---to perform end-to-end, automatic analysis of multi-host, multi-stage attacks on a large network where hosts run on different operating systems. The MulVAL framework has been demonstrated to be modular, flexible, scalable and efficient. We used the framework to find serious configuration vulnerabilities in software from several major vendors for the Windows XP platform.

Cyber Risk Bachelor & Masterthesis Topics

We talked with Dr. Daniel Woods of the University of Innsbruck about our list of topics in February of 2021. Besides a short introduction of the topics, in the video we also rate them with regards to their feasibility and relevance for academia and the industry.

Getting into cyber insurance and risk quantification is not a straightforward process yet. Compared to varying degree well-established paths of starting a career in cyber security, established insurance lines of business, actuarial modeling, or insurance law, many current practitioners of the cyber insurance ecosystem are first exposed to the topic when they start their careers in the respective field, usually right out of university/college, or when they transition into it from their previous professional field.

While there are already a few dedicated degree university courses on cyber insurance, the majority of students that might have heard of cyber insurance will at most have had a single semester course on the topic and might have difficulties writing their bachelor or master thesis about cyber, be it for lack of awareness, availability of suitable academic chairs, or a lack of awareness for possible research topics. These difficulties are further magnified by the vastness and interdisciplinary nature of the topic, For example, a bachelor student of cyber security might be interested in cyber insurance, but not able to find access to the financial or law aspects of the topic during the completion of just three months.

While bachelor and master theses allow students to take a deep dive into a given topic and push the envelope (within reasonable constraints), cyber-economics.com wants to lower the barrier of entry for the cyber insurance and risk quantification industries and combat the chronic skill-shortage of quantitative cyber risk professionals by providing students and perhaps even academics with a list of topics that are suitable for a thesis and of ongoing interest for academic research community and industry.

As the quantification of cyber risk in an open field that touches many current and future industries and academic disciplines, we categorize the research topics broadly into qualitative and quantitative topics, with an occasional overlap of methods and thesis topics. In addition to the thesis topics, we provide the reader with literature recommendations that serve as a natural first step to dig deeper into a given topic.

Likely the first topic that was discussed in the academic cyber quantification literature, the insurability of cyber risks has been used by bachelor and master students as a thesis topic since the early 2000s. While the general question, if cyber risks are insurable given the current cyber insurance market with an estimated $5 to 8 Billion in worldwide written premiums today somewhat redundant, there are still a lot of derived questions that can provide a great thesis topic.

Possible Thesis Topics

• Coverage for breaches of third party systems contracted by the insured party, like cloud providers (currently partially insurable).
• Ransomware payments ( the actual ransom, as well as, the cleaning of systems is currently insurable. This also has a strong legal component).
• Next generation IoT devices and autonomous driving cars.
• Coverage for Intellectual property (currently not insurable in cyber directly, but there is intellectual property insurance).

Suggested Academic Reading

In the spirit of , , , and other papers, analyzing the contents of cyber insurance forms and policies provides tremendous insights for academics and the industry alike. The SERFF filling system ( ), which offers extensive up-to-date and historical documents of the US cyber insurance market, is a great source of primary information for this purpose.

• An update to the above-mentioned papers. For example, , while being published in 2019 in an academic journal (there are earlier draft versions available), and analyzed policies from 2009 to 2016. As the cyber insurance market has undergone tremendous growth and associated evolution in the last years, it would be interesting to see how the content of cyber insurance policies changed in the previous years and how carriers reacted, for example, to the increased damages through ransomware during the COVID-19 pandemic.
• In the context of a bachelor or master thesis, the analysis of cyber insurance forms from other countries is likely to the respective local market, e.g., a student at a German University analyzing German cyber insurance policies. Most of the content analysis of cyber insurance policies has been done for the US market, given the size and importance (an estimated 60-70% of global written cyber premiums are underwritten in the US), as well as the availability of policies via the SERFF system not surprising. An example of this is (starting from page 193), which analyzed Dutch cyber insurance policies and compared them to the US market. However, we are not aware of any system even remotely as complete as the SERFF system for other countries, which makes gathering of sufficient number of local cyber insurance policies a requirement.

Of special interest for insurers and brokers is the relationship between the coverage of cyber insurance and other related insurance types. Often the coverage of D&O (Link to cyber-economics.com page on cyber insurance), E&O, media liability, and general P&C (silent cyber, see below for a explicit discussion) , overlaps with the coverage of current cyber insurance policies. The question of how to structure cyber insurance with other insurance types is especially interesting, as there are two primary ways on how cyber insurance is currently sold, either as an addon on an existing P&C policy or as a standalone policy. The primary ways to investigate a question in this nexus are either via qualitative interviews or surveys with brokers, primary insurers, insurance lawyers, and risk owners, or by analyzing the wordings of cyber insurance and the (potential) overlap policies.

• How large/in or which scenarios does cyber insurance overlap with other insurance types? Is this overlap sizeable, i.e. could a combination of policies reduce premiums significantly? Does the overlap depend on the type of cyber insurance policy (addon or standalone)?
• What insurance policy gets priority in case of a cyber incident?
• If addon policies can mitigate the risk over double insurance, does this make them inherently better than standalone cyber insurance policies?

Standard research topics in microeconomics and contract theory, market failures induced by moral hazard and adverse selection can inhibit the efficient transfer of risks or prevent the formation of a functioning market for cyber insurance entirely. Linked to the insurability of cyber risks, the early academic literature on cyber of the 2000s and 2010s, in the absence of the sizeable cyber insurance market of today to empirically analyze, looked at these and other market failures as a consequence of asymmetric information or the inability for the cyber insurer to continuously monitor the cyber security maturity level of an insured entity. To setup a suitable, often agent-based model,  agood way to start is to look at classical game theoretical games and adapt them to cyber as needed.

• Under which circumstances can a pooling/separate equilibrium exist when the insurer has only a little information about the cyber maturity level of a potential insured?
• Can an unusual combination of coverage sum and deductible (e.g. very high coverage for a firm with a relatively small turnover) be utilized to draw conclusions about the cyber security level of a firm seeking cyber insurance, i.e. to combat adverse selection in a signaling game?

The underwriting process is the gatekeeper for cyber insurance and shapes the insurance market in many ways. While there is an overlap with analyzing current cyber insurance policies (Topic #2), e.g. by comparing what security controls or other information are required in the underwriting process, a thesis about this topic should likely involve interviews with underwriters or other industry practitioners to get additional insights into the current sentiments of underwriters towards cyber risk. gives a good overview and methodological template to conduct qualitative research into the underwriting process.

• What does the current cyber insurance underwriting process look like? How does it differ for small or medium companies compared to large ones? Is there a significant difference in the undewriting requirements between industries?
• How does the reinsurance underwriting process differ from the primary underwriting process? How does this influence makeup current cyber portfolios?
• Which technical expedients (cyber security stores, external scans, audits) are utilized in the underwriting process? How does it change the decision to insure, coverage level, or premiums?

Cyber insurers have become an important principle for cyber security, law firms, PR firms and all other services or products that are involved in the claims management or underwriting process. Understanding the incentives of the various stakeholders, and perhaps even clearly mapping the current or future value chain in the first place, is important to understand and anticipate the future development of the cyber insurance market.

• Where is currently the market power (primary insurer, reinsurers) in the ecosystem and how is it going to change in the future?
• Does the cyber insurance industry have enough contracted capacity in case of a cyber catastrophe (Ransomware attack like NotPetya or a longer cloud outage) to service all claims? Where are likely bottle necks in the ecosystem?
• How does the cyber insurance ecosystem respond to COVID-19? Will certain services or products be in more demand in the future?
• How do certain parts of the cyber risk ecosystem look under the microscope? For example, what are possible incentive incompatibilities for a breach counsel to handle in case of a cyber incident?

Analogous to topic 6, the cybercrime value chain is the dark side of the cyber insurance value chain and “producer” of the underlying cyber risk. The incentives of cybercriminals are a key consideration when it comes to cyber insurance. From recent developments of cyber crime-as-a-service and the wholesaling of databases and sensitivity of information over the darknet, the cybercrime value chain is perhaps as organized as the cyber insurance one.

• Does cyber insurance increase the payout for cyber criminals and if so, is cyber insurance even a net welfare loss (See also the 8th topic on welfare below)?
• Does the shutdown of a darkmarket (like SilkRoad) correspond with measurable temporary declines in cybercrime activity?
• Does the activity of well-known bot networks, especially pauses in their activities like the one observed with Ryuk in 2019, allow conclusions about the perpetrators?

In economic terms, all insurance types provide utility by smoothing the consumption of risk-averse parties, which in turn are willing to pay an economic premium on top of the expected value of damages. In the case of cyber, there are additional factors that impact the overall welfare.

A key feature of cyber incidents is that the overall costs are most often not solely internalized by the directly affected party, but also cause collateral damages to other firms and entities: Firms using the affected party as a supplier are not able to receive their raw materials and ransomware and phishing attacks can spread more quickly to business partners as well. While the damages of the directly affected party are usually only slightly increased by these collateral damages, e.g. through fines for broken service level agreements, the social planner, usually the government, following standard economic welfare theory, should internalize all damages regardless of who suffers them. Cyber incidents are, therefore, a negative externality and its mitigation via cyber insurance or a better cyber security maturity level is a positive one.

Another factor that impacts the overall welfare effect of cyber are possible substitutions of the cyber security budget of a firm by cyber insurance: If the premiums for a cyber insurance policy are paid from the existing cyber security budget, the overall cyber maturity level of a company is likely to be adversely affected and the underlying risk could even increase.

Positive externalities for cyber include the minimum requirements to get a cyber insurance policy, which prompts poorly secured companies to invest more into cyber security as a prerequisite for cyber insurance, possible cross financing opportunities of cyber security measures with a premium reduction in insurance, the knowledge transfer between the insurer and insured, and the mitigating effects of a prompt incident response orchestrated by the insurer compared to the damages the insured suffers without premeditated external help.

• How is Cyber Insurance impacting the cyber maturity level of a company? Is there a difference in the size of the company? i.e. is the overall welfare gain of smaller companies stronger with a cyber insurance policy in place than for larger companies?
• What are the economic incentives for companies to invest in cyber security when it has an active cyber policy?
• Is the damage mitigation of incident response organized by the cyber insurer significant and on which factors (company size, policy structure, concrete damage scenario) does it depend?
• Can the exclusion of certain risk transfers, e.g. limiting the insurability of ransomware payments, be used to enhance the overall welfare of an economy?
• What are sensible policies for governments to adopt to cost-efficiently increase the cyber maturity level of their respective economy?

Insurers have to adhere to regulatory requirements such as Solvency II in the European Union. Solvency II consists of three pillars that define governance, reporting, and risk capital requirements. The Solvency II standard formula mandates an insurance company to have a maximum annual risk of ruin of 1-to-200 or 0.5%. Especially for cyber risks, the standard formula might be underestimating the fat tails of cyber and, therefore, underestimate the risk of ruin of insurers underwriting cyber, as discussed by .

An interesting possible research angle for this topic is the aforementioned SERFF filing system, which besides accepted rate schedules and documents also shows rejected and modified ones, as well as the correspondence between insurer and regulator. The unprecedented insights into how cyber insurance is regulated on an operative level have so far not been analyzed in the academic literature and might be a great thesis topic.

• Is the Solvency II standard formula adequately calibrated to determine the necessary risk capital for cyber? If not, what are possible stress tests that can be applied to capture the long tails of cyber?
• What are regulators looking for when approving rate schedules? What are common reasons to decline a cyber insurance rate schedule, i.e. an analysis of the correspondence between cyber insurers and regulators?

A great hurdle and growing concern for insurance carriers is silent cyber or non-affirmative cyber. In contrast to all affirmative cyber policies that explicitly provide protection against cyber incidents and their related causes, silent cyber describes the exposure of insurers to cyber damages in traditional property and casualty lines of business. A property example of a silent cyber claim is a fire that was started after a hacker manipulated the temperatures of a blast furnace in a steel mill or the loss of a week production of a food manufacturer because a ransomware attack has disrupted the cold chain by disabling the refrigerators. While these claims are a direct consequence of a cyber incident and would likely be covered by most affirmative cyber policies, they might be also be covered within an existing fire or loss of production insurance. This means that every P&C carrier is likely already incurring cyber-related losses, even though it might not even be offering affirmative cyber coverage.

One of the most important measures to combat silent cyber has been the silent cyber mandate by Lloyd’s of London, which requires all P&C policies underwritten in London to clearly state if they cover cyber damages. Mandatory for property policies since 2020 and 2021 for liability policies, it is perhaps a little bit too early to empirically analyze the effects of the silent cyber mandate. However it will become one of the most tangible sources for the market reaction and sentiments towards silent cyber.

• Did the Lloyds requirement declare the coverage of cyber damages increases the transparency of silent cyber in P&C portfolios?
• How large is the impeding effect of silent cyber on the affirmative cyber insurance market? One could approach this topic by interviews with industry practitioners or by modeling the correlation between silent cyber and affirmative cyber damages and joint impact on the mandatory risk capital (see also topic #9).
• How is silent cyber handled in local markets? , for example, analyzes German P&C Insurance policies after exclusions for silent cyber.

While cyber insurance has seen a sharp rise in awareness and market penetration, there is still a lot of misconceptions about it in the minds of risk owners. Anecdotally speaking, the willingness of risk owners to pay for cyber insurance is low unless they or someone in their immediate peer group is hit by a cyber attack. As these behavioral inefficiencies of cyber insurance also apply to cyber security as a whole, an important research topic is how to phrase and present the facts regarding cyber to the wider public. This of course, has a natural intersection with the commercial interests of brokers and primary insurers that are looking to increase their sales.

The European Union started the CYBECO Grant ( ) in 2018 to study the behavioral aspects of cyber. The programs website is a good starting point in the topic.

• Is the uptake of cyber insurance and/or security increased after big and media salient hacks such as NotPetya or Solarwinds?
• What wordings in marketing and policies can help to raise awareness for cyber insurance and cyber security and increase its uptake?

Of tremendous importance for cyber risk research is the modeling of cyber damages. While looking monolithic on the surface, cyber risk modeling actually encompasses a plethora of different questions and methods. In the context of cyber insurance, the three most important questions are the (1) pricing of cyber insurance policies based on factors such as industry type, security questions, requested coverage of a given applicant, (2) the modeling of cyber damages for a given entity (firms or natural persons), with or without cyber insurance, and (3) the modelling of cyber damages for a given industry sector or cyber insurance portfolio, which are highly dependent on the correlation between cyber damages. While these questions are deeply linked to each other, from an operative view they have varying relevance for different stakeholders of the cyber insurance value chain. For example, primary insurance underwriters are often looking at the pricing of a single policy, while reinsurance underwriters are more concerned with the correlation and performance of the entire portfolio.

The approaches to model cyber also differ. The straightforward to fit a distribution to a damage dataset can and is also be utilized to model cyber, for example, by . However, because of the evolving and hard to predict threat landscape, this method does not yield the same predictive value for more traditional risks. Additionally, in the context of a bachelor or master thesis, the above discussed limited availability of free datasets might be an additional hindrance.

Besides the tried and tested method in the actuarial sciences to fit distributions to damage datasets, which are classified under 1.2.1 in our cyber-economics.com library , there are other approaches that might be interesting for a thesis. Under 1.2.2 Scenario/Catastrophe Analysis , we have gathered studies and papers that look at possible economic and insurable losses arising from bad to worst-case scenarios, like a widespread ransomware attack or outage of a major cloud provider. Under 1.2.3 Network/Node Models , you can find modeling approaches that are based on computer systems based on atomic nodes and connected via edges, which have inherent similarities with the modelling of pandemics.

Quantitative topics often require empirical cyber damage datasets or distributions. These datasets are hard to come by in general, especially if they are free of charge. The following sources for data are freely available and most of them have been used in the academic literature. We add new datasets to the 3.1 Cyber-Damages/-breaches/-Incidents Dataset in our cyber-economics.com library .

A completely different approach to modeling cyber is employed by , which reverse engineers cyber damage loss distributions based on current rate schedules of insurers. From an epistemological standpoint, rather than modeling cyber damages directly, this method quantifies the sentiments of insurers towards cyber risk. While, of course, the rate schedules should be closely connected to the “real” cyber loss distributions, at the very least this approach captures the attitude of entities that put their money where their mouth is. The mentioned paper of woods et all averages out the reverse-engineered cyber distributions of 17 insurers to provide a consensus loss distribution. However, especially within the time constraints of a bachelor and master thesis, it is probably a better idea to apply the method of Woods to a single or few recent rate schedules of a major insurer, to get an up-to-date cyber loss distribution.

• Using a direct loss distribution fit, what are the cyber loss distribution and fair price of a cyber insurance contract for a given dataset?
• Using a direct loss distribution fit, what is the correlation between damages for a given dataset?
• Using a node model, how sensitive are the total damages of a hypothetical ransomware attack based on the “contagiousness” of the attack or the difficulty of removing it?
• Using a reverse-engineered loss distribution based on a current rate schedule of a major insurer, what is the sentiment of the respective insurer towards factors in the pricing of cyber insurance. For example, how are policies for small firms priced compared to large ones? How does the security standard of a company change the price? Does this allow a meaningful cross financing of security spending with reduced premiums (see also Topic 8)?
• Using a reverse-engineered loss distribution based on a current rate schedule of a major insurer, what is the sentiment of the respective insurer towards factors in the pricing of cyber insurance. For example, how are policies for small firms priced compared to large ones? How does the security standard of a company change the price? Does this allow a meaningful cross-financing of security spending with reduced premiums (see also Topic 8)?

Pricing higher cyber risk transfers via reinsurance within the insurance sector or with cyber bonds via the capital market is an important topic for the insurance industry, possible capital market investors, and academics. While for the pricing based on single risks the correlation between cyber damages can be neglected, it becomes the most consideration for higher risk transfers. Getting a suitable dataset to empirically model the correlation of cyber damages becomes even more difficult than getting one for cyber damages. Often the parameters guiding the correlation between damages are, therefore, exogenously imposed or derived from other parameters or assumptions within the model. A robustness analysis, i.e, changing the correlation parameters to simulate a low, medium, or high correlation, is then used to analyze the results with respect to their sensibility towards the model parameters.

• What is the distribution for the reinsurer or fair price for a reinsurance contract (be it proportional or excess-of-loss) for a given cyber damage distribution? How sensitive are prices and reinsurers payout distributions towards the underlying model assumptions?
• Are cyber bonds able to pay an on-par premium with natural catastrophe bonds (around 5% p.a. since their inception) for a given damage distribution?

Daniel Kasper

Daniel Kasper is the principal of Cyber Economics.

cyber-economics.com provides you with the newest developments and news about cyber risk from academia and the business sector.

• Privacy Policy
• Cookie Policy