NYU Law’s MS CRS program draws veterans for training to respond to cybersecurity threats

When Wade Warden MS CRS ’25 was serving as a Navy SEAL crisis response operator, his job was to analyze and respond to any crisis within a moment's notice. Today, he is working with his cohort in NYU’s Master of Science in Cybersecurity Risk and Strategy (MS CRS) program to learn how to plan for and respond to cybersecurity threats.

Students in NYU Law's MS in Cybersecurity Risk & Strategy Program
Veterans in the MS CRS Class of 2025: Tyler Hornbeck, Mark Blomquist, Mark Follo, Isidoro Ramirez, AnnMarie Saran, and Swain Sulker

“I think the most challenging cybersecurity threat that anyone should be aware of is the greater and greater amount of personal information, or PII, that is being exposed to the world,” says Warden, now an engineering program manager at Apple, Inc. “Eventually we could see those personal facts being used against [Americans] by institutions while [they are] trying to buy a home, get health insurance, or travel—all coming from leaks by companies, institutions, or even the government that have not invested enough in their cyber programs.”

Warden is one of 21 veterans currently pursuing an MS CRS degree, jointly offered by NYU Law and NYU Tandon School of Engineering. In the five years since the MS CRS program graduated its first class, its offerings have remained a strong draw for students who are veterans of the armed forces. “Veterans bring hard-earned practical experience—usually gained in stressful situations—and a can-do approach to our discussions of cybersecurity policy,” says Professor of Practice Randal Milch, faculty director of the MS CRS program and co-director of NYU’s Center for Cyber Security. “Veterans are a tremendous resource in the cohort.”

Erin O’Brien, executive director of NYU Law’s Institute for Executive Education, notes that veterans bring experience that is particularly applicable to artificial intelligence–related cybersecurity risks. “Members of the military are uniquely positioned to lead in an era when AI is reshaping the digital landscape. Professionals need more than just coding expertise or legal knowledge in isolation—they need the strategic vision to anticipate threats, the technical acumen to implement solutions, and the regulatory understanding to ensure responsible innovation,” says O’Brien.

NYU makes its programs accessible to military veterans by participating in the Yellow Ribbon scholarship program, which helps students supplement their Post 9/11 GI Bill tuition benefits. NYU Law offers unlimited matching for eligible participants.

“NYU clearly makes it a priority to attract veterans to their programs by being a Yellow Ribbon Program participant, assisting veterans with filling out the potentially confusing paperwork of utilizing veterans benefits, and having tons of veteran resources to answer questions and foster a robust veteran community,” says Tyler Hornbeck MS CRS ’25, who was formerly a cyber operations specialist in the US Army and is now an enterprise services engineer at Tanium Inc.

Though a relatively new program, the MS CRS enjoyed immediate success following its 2018 launch. That’s due part to its unique legal focus, according to AnnMarie Saran MS CRS ’25, a Navy veteran who is now a management consultant at Accenture. “I was drawn to NYU’s MS CRS program because it combines legal, strategic, and technical perspectives—something I found lacking in other cybersecurity programs,” she says. “This holistic approach directly aligns with my career path, where I navigate the intersection of business strategy, risk management, and technology. Having advised Fortune 500 companies on AI governance, risk, compliance, and cybersecurity initiatives, I viewed the MSCRS program as an opportunity to deepen my expertise in cybersecurity law and strategy, further enhancing my ability to drive impactful solutions.”

The program’s three semesters cover themes of cybersecurity governance and policy, risk management, and leadership and strategy. Over the course of a year, students attend three five-day residential sessions; between residential periods, students study 10 to 15 hours per week in online and blended-learning formats. Spanning all three semesters is the Integrative Cybersecurity Management capstone, a team-based project.

“By design, and rightfully so, each course within the program hones in on the current legal landscape of cybersecurity concerning the respective business sector/area of focus for the course,” says Swain Sulker MS CRS ’25, an Army veteran who now serves as a program officer in Sub-Saharan Africa for the US Department of State. “Courses like Privacy Law I and II reveal the unsettling reality of minimal consumer rights in a digital landscape where personal data is frequently commoditized, highlighting a pressing need for policy reform.”

Indeed, while 38 percent of graduates come to the program with a robust technological or engineering background, many students in the MS CRS program see the law and legal policy as the most critical area for development in the future of digital security.   

“The legal system will catch up by streamlining cyber security and privacy laws and regulations,” said Mark Blomquist MS CRS ’25, an Army veteran who is currently a lead technologist at the consulting firm Booz Allen Hamilton. “And if I had my way, the development of a new regulatory agency.” 

Posted November 9, 2024