The University of Colombo School of Computing, in its fifty(50) years of computing history since 1967, has sparked the eager young minds by planting seeds of curiosity and a thirst for new knowledge, contributing towards a world-recognized “Sri Lankan” IT industry, and an internationally recognized group of researchers and academics. Thirty (30) years ago, the UCSC introduced the first-ever post-graduate degree in computer science to Sri Lanka, becoming a symbol in Computer Science and ICT. In 2002, Late Prof. Vidya Jyothi V. K. Samaranayake — the father of Sri Lankan Information Technology, pioneered in establishing the now-UCSC as a dedicated, separate institute in computing inside the University of Colombo premises. Today, the UCSC serves arguably the strongest computing school with twenty-four (24) PhD holders from various international universities, over fifty (50) staff members, empowering the bright Sri Lankan minds with several undergraduate and postgraduate degree programmes including PhDs, MPhils, and Masters. Towards the UCSC dream of building the nation’s Computing to a level among the world’s best, the UCSC introduces three main masters degree programmes, namely, Master in Computer Science (MCS), Master in Information Technology (MIT), and Master in Information Security (MIS).

To cater the ever-evolving cybersecurity needs in defending against a plethora of malicious, fraudulent attacks, the University of Colombo School of Computing introduced the interdisciplinary graduate degree programme of Master of Information Security (MIS). This two-year postgraduate degree consists of fourteen(14) course units with hands on experience targeted at empowering students via the acquisition of a wide-spectrum of skillset and knowledge ranging from an in-depth understanding of the core-cybersecurity theory to the state-of-the-art hands-on practices.

The degree is well-suited for inspired fresh-graduates who are passionate about leading roles in cybersecurity, especially in the IT industry. Exemplary job roles include, but not limited to Chief Information Security Officer, Information Security Architect, Information Security Analyst, Incident Responder, Network Security Engineer, Forensics Analyst etc.

Eligibility Requirements:

a) A Bachelors Degree from a University or Institution recognized by the University Grants Commission and/or the University of Colombo; OR

b) Any other academic or professional qualification deemed equivalent to a Bachelors Degree by the Senate of the University of Colombo on the recommendation of the School. Each application under this category shall be considered on a case-by-case basis.

Note: A student who satisfies the specified minimum academic performance in the first two semesters is eligible to register for the second year of the program (third and fourth semesters)


The applicants, who possess the eligibility requirements will have to go through a written selection test (Aptitude test) and an interview in order to be selected to the programme.

Maximum local intake:  25

Maximum foreign intake: 05

Fee Structure:

The fee for MIS is categorized into three (3) types: local, foreign SAARC countries, and foreign non-SAARC countries.

In addition, you will have to pay a Non-Refundable Library Fee of Rs. 15,000/= for using the library facilities of the UCSC as a graduate student. The non-refundable library fee should only be paid once and is valid for the whole duration of the degree programme. The value of the library fee is same for both local and foreign students.

Note: Non-Refundable Library Fee is NOT included in the fee for degree programme.

Student should pay a 75% of the course fee at the initial registration for the degree programme in the first year. The balance of 25% of the fee should be paid at the registration for the second year of the degree programme.

Course Fee:

Local Students:
Initial payment at first year Rs. 450,000
Payment at second year Rs. 150,000
Fee for the Programme Rs. 600,000


Foreign SAARC Students:

Initial payment at first year US$ 5250
Payment at second year US$ 1750
Fee for the Programme US$ 7000


Foreign Non-SAARC Students:
Initial payment at first year US$ 6750
Payment at second year US$ 2250
Fee for the Programme US$ 9000


Academic Programme

The programme is a part time course which consists of four semesters that span over a duration of 2 years. Each semester is 15 weeks long.

Course work includes both theory and practical components which may include continuous assessments. Each semester has an end semester examination. Medium of instruction is in English.

Lectures/Tutorials/Practical will be held on weekday evenings and weekends.

Learning will primarily take place within short lectures, tutorials and practical sessions conducted by foreign and local experts. Short lectures and practical sessions will be organized on Tuesday, Wednesday and Thursday from 5.30pm to 7.30pm. Tutorials will be organized on Saturday 9am to 4pm. A wide range of assessments will be used across the program to assess the knowledge and skills.

Structure of the Degree Programme

Semester 1 (Year 1)

In the first semester of the programme of study, following 5 compulsory courses shall be offered.

MIS1201 Principles of Information Security
MIS1202 Cryptographic Systems
MIS1203 Information Risk Management and Audit
MIS1204 Network Security
MIS1205 Special Topics in Information Security


Semester 2 (Year 1)

In the second semester of the programme of study, following 4 compulsory courses shall be offered.

Course Syllabus
MIS2201 Database Security
MIS2202 Digital Forensics
MIS2203 Security in Mobile and Wireless Networks
MIS2204 Data Mining for Information Security


Semester 3 (Year 2)

In the Third semester of the programme of study, following 4 compulsory courses shall be offered.

Code Title
MIS3201 Information and Coding Theory
MIS3202 Secure Software Systems
MIS3203 Information Security Governance
MIS3204 Incident Management
MIS3205 Individual Project*

*A student may undertake MIS 3205 in the Third Semester or opt to undertake MIS 4203 in the Fourth Semester. MIS 3205 shall span in to the Fourth Semester as well. A student who initially opts for MIS 3205 may be granted permission to drop it and offer MIS 4203 in the Fourth Semester. A student shall take either MIS 3205 or MIS 4203.

Semester 4 (Year 2)

In the fourth semester of the programme of study, following 3 compulsory courses shall be offered.

   Course Syllabus
MIS4201 Cyber Security and Law
MIS4202 Multimedia Security and Digital Rights Management
MIS4203* Independent Studies in Information Security


  • The Independent Studies in Information Security in the fourth Semester of the Programme shall consist of minimum of ten (10) studies and maximum of fifteen (15) studies which solve the given set of problems. And submission of a report based on the solutions to the problems.
  • Each student who undertakes Independent Studies in Information Security should submit a Report based on the solutions to the problems together with Log forms at the end of the fourth Semester. An oral examination on this report will be held.

For Further information on Master of Information Security Degree Programme, please visit:


It is hereby informed that the above information is only for general information and is not for official purposes. Any information contained herein shall be confirmed by reference to the relevant authority.