National Ph.D. in

Cybersecurity (2022)

Follow this link to vist the latest edition (2023)


Protecting hybrid and complex environments, that many organizations are adopting, from cyber attacks has become increasingly difficult. Cloud computing, remote working, and mobility are putting a strain on the defense capabilities of companies and public administrations worldwide. To cope with increasingly sophisticated attacks, such that zero-day and new malware, technologies, and best practices are necessary. Still, above all, we need people with excellent technical, legal, and organizational knowledge for reducing the skill gap in cybersecurity and for protecting citizens' rights in cyberspace. Although the field of cybersecurity has grown exponentially over the last decade, it is now evident that the needed workforce has not increased adequately. As a result, the demand for skilled workers is now unmatched, with dramatic impacts on the national and international labor markets as well as on the overall security of our society. The national Ph.D. program in cybersecurity aims at training experts who can face technical, legal, and organizational security challenges.

Program highlights

* scholarship conditions may vary with the host institution


The national Ph.D. program in Cybersecurity (Ph.D.-CySec) will prepare you to analyze and solve a wide spectrum of problems related to different aspects of cybersecurity, all having a high institutional, social and industrial interest. The primary objective is to train security experts capable of identifying, from time to time, the most effective solutions depending on the target and the application domain. Job opportunities are therefore in academia, in disciplines such as engineering, computer science, economics, law and management, in the public sector, including the National Cybersecurity Agency, research laboratories, study centres and centres of expertise, and in the private sectors for services, industrial security and professional consulences.


The main objective of the national Ph.D. in Cybersecurity (Ph.D.-CySec) is to train a new generation of scholars, and future leaders, who can support and increase the resilience of infrastructures, public institutions and businesses against cyber attacks, developing and correctly implementing safer and more reliable digital processes and systems. These security experts will be the first and most important line of defence against current and future threats which, unavoidably, will appear in our digital society.

Learning objectives

During the Ph.D. program, students will learn how to address cybersecurity problems from different perspectives, within an inter- and multi-disciplinary team of experts from other fields. Also, they will have the opportunity to learn from real case studies proposed by actors and stakeholders from both private and public sectors. Upon completion of the doctorate, students will be able to address the growing complexity of cyber attacks, thanks to a holistic approach that embraces technological, economic, human, social and legal aspects. Job opportunities include, in addition to the academic career, managerial roles in the private sector and in public administration, in government agencies, as well as integration in research bodies of various kinds requiring professionals, experts and managers characterized by solid scientific skills, technological and methodological background in cybersecurity.

To achieve these goals, the national Ph.D. in Cybersecurity (Ph.D.-CySec) proposes a strong multidisciplinary and interdisciplinary approach by providing a broad-ranging basic training and focusing on certain areas of specialization. Students with different educational backgrounds, ranging from computer scientists, information engineers, mathematicians, physicists, legal experts, economists and social scientists, will be considered for admission. The didactic plan, based on the cultural diversity of the Scientific Board, will include specialized paths aiming to offer a holistic vision of cybersecurity and, at the same time, to specialize in different strategic areas through the four different curricula described below.

Foundational Aspects
of Cybersecurity

This curriculum provides a scientific background for the advancement of cybersecurity research, which includes elements of cryptography, artificial intelligence, secure programming, distributed computing, formal methods and languages, and further innovative and cutting-edge research fields. At the end of the doctoral course, the student will acquire the skills for collaborating with research groups in the academic world and in private or public research centers. 

Software, System, and Infrastructure Security

This curriculum gives the scientific, technological and methodological knowledge necessary to address the main security problems concerning systems and infrastructures of various nature and complexity, including software, hardware and communication systems, with different requirements, depending on their specific field of application. At the end of the doctoral course, the student will be able to collaborate with multidisciplinary teams to assess, both technologically and operationally, the security of systems and infrastructure, including critical ones. 

Data Governance
& Protection

This curriculum addresses the issues related to the effectively and efficiently storage and processing of data. Indeed, truly reliable, scalable and efficient processing platforms must ensure data confidentiality and integrity. At the end of the doctoral course, the student will master the methods and technologies for controlling access to data and regulating their adoption, minimizing the impact on the end user and ensuring data confidentiality, integrity and availability throughout the entire lifecycle, from creation to processing, transmission and storage.

 Human, Economic,  and Legal Aspects in Cybersecurity

This curriculum looks at candidates with a non-STEM background. The goal is to provide a solid understanding of the technical aspects of cybersecurity to understand and assess security risks by adopting adequate strategies for protecting sensitive information. Students will master the technical skills in the field of information technology, as well as a general understanding of the social and legal framework in which they operate for designing processes that comply with the fundamental rights protection standards, regulatory obligations, international policies and economic implications. 


Candidates can choose a research project from the list of reserach projects and research themes. In alternative, the Selection Committee will identify the research theme that best suits the skills and interests of the admitted candidates.