Skip to main content

Master of Information Technology Security

Our university’s innovative MITS degree program is one of only a few specialized information technology (IT) security graduate degrees available in the world. Through theory and applied learning, the MITS program will enable you to develop an extensive understanding of business and IT security in a team learning environment. The curriculum contains most of the domains found in the Certified Information Systems Security Professional (CISSP) exam and in the SysAdmin, Audit, Networking and Security (SANS) Essentials course.

The MITS program is 12-24 months long, based upon full-time study.


Curriculum and Courses

Curriculum and Courses

Admission Requirements

Admission Requirements

Grad Studies Viewbook

Grad Studies Viewbook

Apply Now

Apply Now


The MITS program prepares you to work in an assortment of high-tech positions and in a variety of professions including:

  • All levels of Government
  • Financial Institutions
  • Health-care Agencies
  • Small and Large Corporations

Graduates of the MITS-AI program stream can seek employment in the growing artificial intelligence industry, public, and private organizations, as well as IT security firms.


What is the length of the program?
12-24 months, based on full-time study.
What are the intakes for the programs?
September (Fall) & January (Winter) start.
What is the delivery method?
Whom can I contact with questions regarding the MITS and/or MITS-AIS programs?
Please contact or visit the Ontario Tech Graduate & Postdoctoral Studies website.

In addition to the general admission requirements for graduate students, applicants must meet the following program-specific requirements.

  • While applicants may hold any four-year honours undergraduate degree (or its equivalent from a recognized institution), preference is given to applicants whose undergraduate degree is in the field of information technology, engineering, science or related fields.
  • Minimum overall academic standing of a B (GPA: 3.0 on a 4.3 scale or 73 to 76 per cent), with a minimum B average in the last two full-time years (four semesters) of undergraduate work or equivalent.
  • Successful completion of at least one course in advanced programming (e.g., Java/C/C++/C#) and advanced mathematics (e.g., linear algebra, calculus, number theory, etc.), and at least one course or proven work experience in operating systems (Windows and/or Unix or Linux).
  • Work experience in IT-related jobs is preferred.
  • MITS 5100G - Law & Ethics of IT Security
    Laws govern commercial and personal interactions whether they take place online or offline. However, new technologies create novel ways for people to communicate and interact, and the law does not always adapt very well. But, when one knows what to look for, successes can also be found. This course provides an overview of the laws and professional ethics that IT Security Professionals must understand—both because they are bound by those laws and because these laws can be important tools. In the early weeks of the course, basic ideas and dynamics are introduced that will help analyze and discuss the interplay between technology and law. Students then study one or two substantive areas of law each week, including e-contracts; e-regulation; jurisdiction; evidence; online crime; intellectual property; privacy and data breach liability; Spam; cloud computing; and emerging areas such as IOT, artificial intelligence, and cryptocurrencies. Students also examine professional ethics developed by their professional community and peers since ethical frameworks can sometimes provide direction where the law fails to do so.
    Credit hours: 3
  • MITS 5200G - Advanced Communication Networks
    This course provides a detailed technical presentation of important networking concepts and technologies used in modern communication networks. The reference models for network architecture are described and compared, and main network protocols are reviewed. Core and emerging technologies of modern networks including, but not limited to, routing technologies, software-defined networks, network virtualization, Internet of things, and cloud networks are discussed. Characteristics of network access technologies, in particular, wireless and cellular networks are reviewed. Methods for analyzing and improving network performance and quality of service are presented.
    Credit hours: 3
    Cross-listed: ENGR 5660G and CSCI 5300G
  • MITS 5300G - Operating Systems Security
    This course introduces the main components of operating system security and addresses the IT professional interest in the design and operation of secure operating systems. This course covers various practices, standards, and technology from Linux and Windows operating systems. Operating systems fundamentals are covered to provide a basis for the remainder of the course. The laboratory part of this course puts a particular focus on the Windows and Unix/ Linux operating systems. It provides an overview of the security risk and management of the specified operating systems and preventive efforts to use the security features built within the systems and third-party applications. This course includes a series of hands-on technical exercises in Linux, SELinux and Windows.
    Credit hours: 3
  • MITS 5400G - Secure Software Systems
    One of the fundamental causes for most of the computer security problems is insecure software design and implementation. This course takes a proactive approach to cover current software vulnerabilities and the best methods of prevention. In tandem with that, students are taught to implement security in the early stages of the software development life cycle. This course takes a hands-on approach to secure software by design. Labs are designed so that students are able to recognize insecure software and prevent any security vulnerabilities. Students are also taught about logging, obfuscation and how to secure their software from piracy.
    Credit hours: 3
  • MITS 5500G - Cryptography and Secure Communications
    Protecting information assets is certainly important to the secrecy, integrity and availability of systems. Indeed, the need for secure communications is more profound than ever, recognizing that the conduct of much of our commerce and business is being carried out today through the medium of computers and digital networks. This course is on cryptography, the umbrella term used to describe the science of secure communications. In this course, students with strong mathematical backgrounds learn the details about the transformation of a message into ciphertext form by encryption and the recovery of the original message by decryption. This course describes the cryptographic mechanisms through which confidentiality, integrity, availability, authentication and message signature can all be provided. Furthermore, the course explores the basics of malware and defence mechanisms while touching on general aspects of intrusion prevention and detection.
    Credit hours: 3
    Cross-listed: ENGR 5670G - Secure Communications and Networking, and CSCI 5310G - Cryptography and Secure Communications.
  • MITS 5600G - Security Policies and Risk Management
    This course concerns the role and importance of risk management and security policies. It describes how attackers exploit the interactions between computer systems and their environment in order to learn how to prevent, detect and respond to such attacks. It will also discuss broader business-related security issues such as business continuity, incident recovery and legal issues related to security policies and risk management. Current technologies to aid in implementing security policies and risk management plans will be discussed throughout the course.
    Credit hours: 3
  • MITS 5620G - Special Topics in IT Management
    This course focuses on topics in IT Management that are not currently covered by the other courses in the program. Topics may vary depending on the interest of the students and the availability of faculty. A detailed description of the course content will be posted before the start of term.
    Credit hours: 3
  • MITS 5640G - Special Topics in AI and Security
    This course focuses on advanced topics related to the theory and applications of Artificial Intelligence in information security, trust and privacy and related decision-making processes. Topics may vary in each semester depending on the interests of the students and the availability of faculty. A detailed description of the course content will be posted before the start of each term when the course is offered.
    Credit hours: 3
  • MITS 5900G - MITS Seminar
    Students are required to present a seminar upon completion of their chosen option (i.e., their capstone research project II, their internship, or on a topic related to their electives courses). This course carries a pass/fail grade.
  • MITS 6100G - Attack and Defense
    The course covers the fundamental theories of vulnerabilities in network protocols, intrusion detections and defence against network attack. It discusses the latest cutting-edge insidious attack vectors and the patterns of denial-of-service attacks. This course also presents the tools needed to prevent attackers from gaining access and covering their tracks. This course examines and reviews various types of hacking tools and ways to strengthen the system or application against the attack. The course also discusses defences and attacks for Windows, Unix, switches, routers and other systems.
    Credit hours: 3
    Prerequisite(s): MITS 5200G and MITS 5300G.
  • MITS 6300G - IT Security Capstone Research Project I
    This course provides students with an opportunity to gather knowledge and skills learned from the program coursework and to conduct a research project with industrial applications. Students are expected to do a research literature review and to develop a set of hypotheses for a research project in IT security. A research proposal outlining hypotheses and alternative remedies to the problem should be submitted to the research faculty advisor by the end of the course semester.
    Credit hours: 3
    Prerequisite(s): Nine credit hours in MITS courses or permission from instructor.
  • MITS 6400G - Biometrics/Access Control and Smart Card Technology
    This course discusses in detail the theoretical constructs around Access Control and provides an overview of the fundamental background. Traditionally, most security systems authenticate users based on something they know, like a password. However, where security really matters, it makes sense to add a second layer such as a smartcard. A third option, and probably the most authentic method, is something that, at least theoretically, is virtually impossible to forge. This course discusses biometric controls. Biometrics is generally the study of measurable physical characteristics and behavioural patterns. The course deals with various authentication techniques, their effectiveness, cost, intrusiveness and accuracy.
    Credit hours: 3
  • MITS 6600G - IT Security Capstone Research Project II
    The research outlined in the MITS 6300G proposal should be completed during this course. The final report of the research findings and recommendations for the problem addressed should be submitted to the research faculty advisor along with a presentation of the results. The results should have direct practical applications and/or be publishable in refereed publications.
    Credit hours: 3
    Prerequisite(s): MITS 6300G.
  • MITS 6700G - Complex Networks
    This course studies commonalities across diverse engineered and physical networks such as computer networks, information networks and social networks. It focuses on rigorous data-driven methods aimed at understanding the structure and dynamics of these networks. We will cover recent research on analysis of large social and information networks and on models and algorithms that abstract their basic properties. Class also reviews fundamental algorithms behind high-impact companies, such as Google, Facebook, etc. We explore how to measure and predict the structure and dynamics of large-scale networks, measure the robustness of networks, make networks more robust, predict the dynamics of information cascades, and develop and test our own data-driven hypotheses about networks.
    Credit hours: 3
  • MITS 6800G - Machine Learning
    Students will learn the mathematical foundations of machine learning and how to program a computer system to make predictions on, classify, or cluster data that the system has never seen before. Topics include theory and practice of supervised and unsupervised learning, covering well-known algorithms such as ordinary and penalized linear regression, Naïve Bayes, support vector machines, ensemble methods and K-means.
    Credit hours: 3
    Cross-listed: INFR 3700U
  • MITS 6900G - Blockchain Foundations and Technologies
    This course covers blockchains - and related technologies - from an architectural perspective. Students will be exposed to the fundamental architectures of core blockchain technologies; distributed applications and their integration with enterprise systems; key business and value drivers of blockchain services; blockchain development and coding best practices; common security vulnerabilities impacting blockchain technologies and smart contracts. This course includes the development and deployment of a custom blockchain using Python, followed by multiple smart contract implementations using Solidity. 
    Credit hours: 3
  • MITS 7000G - MITS Internship
    The MITS Internship course is an important experiential learning component of the MITS program, and its objective is to provide students with practical exposure to actual work environments in IT security businesses and industries, which is essential for a more complete understanding of the application of IT Security theories and procedures. The internship program permits MITS students to be registered who have met the minimum requirements of the program. The result of the program and course are to further develop a student’s skill set and experience in their field of study, and provide them with an opportunity to gain actual work experience in organizations they may consider for future careers post-graduation.
    Credit hours: 6
    Prerequisite(s): Must have completed at least four (4) courses (12 credits) from the MITS/MITS-AIS program, have been enrolled in the MITS program for at least two (2) semesters (eight (8) months) prior to the commencement of an Internship placement, and have a minimum GPA of 3.0.
    Note(s): Course restrictions: MITS 6300G and MITS 6600G

Current Tuition and Fees

Fees, funding and general grad finance questions:                                                         

Inquiries about scholarships and awards: 

The Faculty of Business and Information Technology houses a wide collection of leading-edge laboratories to enhance the learning experience and provide students with the hands-on skills and knowledge they will need in the world of IT security.

Of particular relevance to the MITS program is the Hacker Research Laboratory, which hosts a variety of network settings specifically configured for the MITS curriculum. Faculty members conduct various IT security research projects in this laboratory, including:

  • Business process integration
  • Electronic negotiation and agreement
  • Interconnection protocols
  • Mitigation of denial-of-service attacks
  • Network intrusion prevention, detection and reaction
  • Security and privacy
  • Services computing
Vector Logo

The MITS-AIS program has been recognized by the Vector Institute as an AI-Related Master’s program in Ontario.

Students in the MBAI program become part of the Vector Institute community and receive access to networking and career events, the Digital Talent Hub, professional development, and other opportunities to grow your AI career! 

Students in the program are also welcome to apply for the competitive Vector Scholarships in Artificial Intelligence, which provides $17,500 towards an AI-related master’s degree at an Ontario university.

Most courses in the MITS and MITS-AIS program include hands-on and laboratory assignments that simulate a variety of computer networking, security attacks, and defense scenarios. A cloud-based practice environment is available to MITS students and provides you with an opportunity to gain exposure to different aspects of IT security.

For example, one student team may attempt to secure an information system using available hardware and software tools, while another student team endeavours to compromise the system as it was designed. Alternatively, a team may be assigned to undertake a forensic analysis of a compromised system.

MITS or MITS-AI students may choose to complete their degree with a Capstone project to conduct research on a topic related to AI and security under the supervision of a faculty member, or qualified students may apply for an industry internship instead of a Capstone project.

Examples of Capstone projects in the past include the following:
  • AI-based predictive security methods
  • AI-based penetration testing
  • Adversarial AI
  • Applications of AI in Trust management
  • Prototyping NLP Modules
  • Security and Privacy issues in Robotics
The internship course requires a minimum of 12 weeks or 420 hours of work in an industry position in the area of AI and IT Security. Internship positions are subject to availability and require approval from the Graduate Program Director.

International Students

International Students

Graduate awards and funding

Graduate awards and funding