New Drury program takes integrated approach to cyber-risk management; blends business, computer science

SPRINGFIELD, Mo., April 3, 2018 — A new academic major launching this fall at Drury University will take an innovative approach to building the workforce necessary to address ever-growing threats in cybersecurity.

Cybercrime costs the global economy more than $400 billion a year, according to estimates by the Center for Strategic and International Studies (CSIS). The pressing need to combat the problem has led to tens of thousands of unfilled job openings in the U.S. alone. 

Drury’s new Bachelor of Business Administration in Cyber-Risk Management will help graduates stand apart in this high-demand field by giving them equal, in-depth exposure to both business principles and computer science know-how. It will be the only program in the region – and one of the few in the nation – to take such a deeply integrated approach to training cybersecurity professionals.

Most cybersecurity degree programs focus almost exclusively on computer science skills. Drury’s B.B.A. in cyber-risk management will train future leaders in business fundamentals such as ethics, management, accounting, marketing and finance – as well as highly technical areas such as programming, software development, network security, and hacking tools. It will teach not only pragmatic skills, but also the ability to analyze when, how, and where to use them from an enterprise-level perspective.

“We don’t have to look very far to see that the traditional approach to cybersecurity isn’t working,” says Dr. Shannon McMurtrey, assistant professor of management information systems, and a leading expert in the field of cybersecurity with more than 20 years’ experience. “Our focus will be on teaching graduates about the bigger picture of cyber risk. They need to understand business and how businesses make money, but they also need to understand the technology and how to protect businesses. It’s critical that they understand that balance.”

High Demand, High Wages

Each year, 40,000 jobs for information security analysts go unfilled and employers are also struggling to fill some 200,000 additional cybersecurity-related roles.

The Bureau of Labor Statistics forecasts a 28 percent growth in demand for information security analysts through 2026. Wages reflect that demand. In 2016, the median pay for such roles was $92,600 for those with a bachelor’s degree and less than five years of experience, according to the BLS. Drury’s program will give graduates solid grounding for future leadership roles, too, where salaries can be much higher. 

High-Tech Issues, Liberal Arts Solutions

Drury’s cyber-risk management program leverages the university’s liberal arts tradition to address issues that exists on the cutting edge of technology. The program should appeal equally to students interested in business and computer science, seamlessly blend the two tracks in a way that isn’t possible at most other schools.

“A lot of people look at this as a technical problem. It’s not – it’s a business problem,” says Mark Garton, director of information security, compliance, and quality at O’Reilly Auto Parts, and a 1996 Drury alumnus. “If you only treat it as an IT problem, you’re going to be chasing your tail.”

Mitigating cyber-risk is ultimately a human endeavor, McMurtrey says. It’s people, not machines, who carry out the attacks and it is people who benefit from the services business provide – and feel the effects when cybersecurity measures fail.

“We feel this degree will offer the market students who are truly much more well-rounded and better able to tackle the very human challenges of cybersecurity, in addition to the technical challenges,” McMurtrey says.


Media Contact: Dr. Shannon McMurtrey, Assistant Professor of Management Information Systems - (417) 873-7242 or   

Share on Social