Welcome to the EPSRC Centre for Doctoral Training (CDT) in Cyber Security for the Everyday at Royal Holloway.
The Centre was first established in 2013, and has as its main objective to develop cohorts of multidisciplinary researchers with a broad understanding of cyber security and a strong appreciation of the interplay between technical and social issues.
Research in the CDT will address challenges concerning:
- the technologies deployed in digital systems that people use, sometimes inadvertently, every day.
- the everyday societal experience and practice of security.
The CDT is centred around Royal Holloway's Information Security Group and partners with departments throughout the institution. CDT researchers follow a four-year PhD programme. The first year consists of comprehensive multidisciplinary cyber security training. The remaining three years focus on research in an advanced topic in the field of cyber security.
In each annual cohort, we award approximately ten fully-funded PhD studentships (four years of enhanced stipend and fees). We welcome applications from candidates with undergraduate and/or masters qualifications in a wide range of technical and social disciplines of relevance to cyber security.
We are now open for applications for candidates wishing to start their PhD studies in September 2019
Please explore the tabs below to learn more about the entry requirements, funding and eligibility, and how to apply to Royal Holloway's CDT in Cyber Security for the Everyday.
Keep up to date with CDT news and activities - follow us on Twitter
Course Of Study
CDT researchers follow a four-year PhD programme, consisting of a Taught Element, a Research Element and an Internship.
This is delivered over the first year and aims to equip students with a baseline cyber security “body of knowledge”, spanning both technical and social aspects, including a core understanding of cyber security in practice. The taught element is delivered through a combination of modules, projects and research skills development training.
- Cyber Security Fundamentals. The four core cyber security modules from Royal Holloway’s GCHQ-accredited MSc Information Security programme.
- Principles of Securing Cyber Societies. An introduction to reasoning about cyber security from a social science perspective.
- Human Aspects of Information Security and Privacy. Concerning the relationship between people and cyber security.
- Cyber Security “In the Wild”. A programme of visits to the premises of, and visits from, external CDT partner organisations.
- Security Practice Laboratory. Two-weeks of intensive “hands-on” training exercises in a cyber security laboratory.
- Mini project. A short six-week mini project, resulting in a “white paper” report and presentation.
- Summer project. A three-month research project resulting in a substantive research report and presentation.
- Research skills. A comprehensive research skills development programme running throughout the year.
Three years of research in an area of specialism relating to cyber security, under the supervision of a dedicated supervisory team. Throughout their study, CDT researchers are expected to attend and present work at research seminars, workshops or other events off-campus, including internationally.
Potential CDT research themes include:
- Embedded technology security. Providing security and privacy for a sensor-rich hyper-connected cyberspace, including consumer electronics, industrial automation, automotive (avionics and vehicles) and medical devices.
- Secure and trusted systems. Detecting security vulnerabilities and shielding against external threats for a variety of systems ranging from personal devices to desktop workstations and cloud infrastructure.
- Cryptography and its applications. Developing and analysing the strong cryptographic infrastructure necessary for future real world applications, including outsourced data storage systems, post-quantum settings, blockchain applications.
- Trust, rights and understanding. Exploring what mechanisms we can employ to better understand and practise cyber security in social, cultural and political contexts.
- Methodological innovation in researching cyber security. Developing new approaches to exploring cyber security in order to rethink cyber security policy and system design through, for example, community engagement and ethnographically-informed research.
- Difference and inequalities in cyber security. Exploring how digital systems influence social differences and inequalities and asking what more progressive, inclusive and just forms of cyber security might look like.
Every CDT researcher is expected to undertake the equivalent of a three-month internship with an external CDT partner during their study period. There is flexibility in when and how this is instantiated. Over twenty organizations have already pledged to support internships. Previous internship destinations include The Cabinet Office, Amazon Web Services, Microsoft Research Redmond, Shine TV (Hunted), Mozilla Foundation, IBM Zurich, and NATO SHAPE.
Applicants should have, or be expecting to obtain, a high-quality (ideally first class) undergraduate or masters (ideally distinction) degree in a relevant discipline. Suitable backgrounds are (but not limited to) computer science, criminology, economics, electronics engineering, geography, geopolitics, information security, law, mathematics, philosophy, politics, psychology, software engineering and war studies. We will also consider applicants with a professional background, so long as they are able to provide evidence of demonstrable academic skills as well as practical experience.
To qualify for funding, applicants must satisfy EPSRC funding eligibility criteria. Such applicants must have:
- settled status in the UK, meaning they have no restrictions on how long they can stay;
- been ‘ordinarily resident’ in the UK for three years prior to the start of the grant (apart from temporary or occasional absences); and,
- not been residing in the UK wholly or mainly for the purpose of full-time education (this does not apply to UK or EU nationals).
Please refer to EPSRC Student Eligibility for further details.
In addition, we will consider applications from a small number of highly-qualified applicants in possession their own funding (for four years of fees and maintenance).
PhD candidates who do not satisfy all three funding criteria are encouraged to check the (non-CDT) PhD programme in Information Security at Royal Holloway. This is a standard three-year, research-based PhD programme, with no compulsory first-year taught element
How to Apply
We are now open for applications for candidates wishing to start their PhD studies in September 2019.
Application to the CDT involves a three-step process.
Step 1: Informal enquiry
Candidates should make an initial informal enquiry via the email address CyberSecurityCDT@royalholloway.ac.uk to discuss suitability for the CDT programme. Please include:
- a CV highlighting academic background and experience;
- a brief motivation for pursuing a PhD in Cyber Security at Royal Holloway.
Before sending an enquiry, please make sure you are aware of the entrance requirements, including those related to CDT funding.
Step 2: Formal application
After an initial assessment, applicants may be invited to submit a formal application.
When filling in your application online, please select "PhD Information Security" (under "Information Security Group"). You should include the following four pieces of information in your application (these can be covered in section labelled Supporting Statement):
- A clear statement that you are applying to the CDT in Cyber Security for the Everyday.
- A detailed explanation why you wish to pursue a PhD in cyber security.
- Why you think you would be a good fit for the CDT, and why the CDT training model is suitable for you.
- An indication of the research areas that most interest you, and why (you do not have to formally define a full research project, although you are welcome to do so).
In the online application, you will be asked to nominate one referee. For CDT admissions, we will need a second reference letter. When sending your application please also name a second referee. You should contact this second referee directly, and ask them to send their reference letter directly to CyberSecurityCDT@royalholloway.ac.uk (the first referee will receive an automated request from the admissions system, and their reference letter will be included in your application).
Step 3: Interview
We will start a formal assessment as soon as we receive your application and will contact you as soon as a decision is made. In most cases, if we are impressed with your application then we will invite you to visit Royal Holloway for an interview.
Management and Governence
Prof Keith Martin is the CDT Director and is responsible for the day-to-day management of the CDT. Responsibilities include coordinating recruitment, overseeing delivery of training, arrangement and management of supervision and liaison with external partners. The CDT Director also acts as the ultimate point of contact for CDT student welfare issues.
Claire Hudson is the CDT Administrator, supporting day-to-day running of the CDT and acting as a first point of contact for CDT students, with particular responsibilities for managing admissions, financial reporting, communications and event management.
The Management Committee is chaired by the CDT Director, and supports all aspects of the CDT operation. The Management Committee is:
The Advisory Panel provides independent advice on the strategic direction, coverage and progress of the CDT. The Advisory Panel includes experts from industry, academia and public sector. The Advisory Panel is:
Mr Timothy Bauge Thales UK
Professor David Basin ETH Zurich
Ms Bedria Bedri KPMG UK
Sarah Foster DCMS
Professor Liqun Chen University of Surrey
Professor Paul Dorey IISP
Mr Chris Ensor CESG
Professor Dieter Gollmann TU Hamburg-Harburg
Dr Richard Horne PwC
Mr Peter Lockhart Roke Manor Research
Professor Igor Muttik Royal Holloway
Professor Bart Preneel KU Leuven
Dr Simon Shiu HP Labs