My CDT Journey - Dr Andreas Haggman

I came to the CDT almost as the token non-technical person in my cohort. With an academic background in War Studies I thought I was going to occupy a small niche in cyber security separate from computer science and mathematics. I was partially right, but also very wrong.

Sure, my previous knowledge was different from most other students, but instead of working in isolation from more technical colleagues I found that their skills and experiences enriched my own work and in turn I was able to enrich theirs – I hope! Cyber security truly is an interdisciplinary subject and for me the CDT offered an ideal environment to both appreciate and embrace this.

My research journey was unlike anything I could have envisaged – indeed, I am still not entirely convinced I did a PhD. My thesis emerged from my summer project investigating cyber wargaming, which had just been intended as an exploratory foray into something different and fun, but quickly grew into something much more substantial. For my thesis I ended up producing a tabletop wargame based on the UK National Cyber Security Strategy (see picture) intended to provide players with an introduction to key concepts and terminology in cyber security. Through serendipity and perseverance, the game got traction with key stakeholders and I then travelled the world deploying the game to different groups of people to ascertain its pedagogic efficacy. Does three years of playing board games constitute legitimate research fieldwork? Apparently so!

Apart from being an immensely engaging thesis that I never tired of, the work also yielded some insightful results. Most importantly, the game was successful in enabling players to create learning moments where they could share knowledge and come away from the game with a greater understanding of cyber security than they started. Statistically, the groups that performed best in the game were made up of players from mixed backgrounds (technical, non-technical, military, civilian) which reinforces the idea that cyber security is best tackled through interdisciplinary approaches.

In addition to my thesis work I used the opportunities afforded by the CDT to put my fingers in as many pies as possible. I published articles and book chapters on diverse topics including Stuxnet, offensive cyber, cyber deterrence, communications and technology, and cyber defence exercises. Also counting various magazine articles and blogs my total publications amounted to some 23 pieces. I attended 53 conferences and spoke at 27 of these. I led the organisation of the first two inter-CDT workshops with the Oxford CDT, which is a legacy that carries on today. I spent three months in Canberra on work placement with Thales Autralia. I also participated with a CDT team in the 2017 Cyber 9/12 student policymaking competition in Geneva, on the back of which I was invited to help organise a UK version of the event, which I continue to be affiliated with today as Scenario Development Lead. In sum, I got busy, and the CDT was a wonderfully supportive environment in which to explore all the wonders that cyber security has to offer.

Amongst all these things some highlights certainly stand out as memorable. Being invited to guest lecture at the German Command and Staff College, with my game, was a an achievement dear to me because it meant both walking in the footsteps of Carl von Clausewitz – who is the doyen of War Studies – and taking my game to its spiritual home – the German military pioneered modern wargaming in the 19th century. I was also invited to write an article about my research for New

Statesman which I still roll out whenever anyone asks what I did for my PhD (it is available online for anyone interested).

After all the excitement and adventure of the PhD, gainful employment had a lot to live up to. After submitting my thesis, I spent a short stint in the insurance sector trying to bring academic research to bear on cyber and geopolitical risks. Growing frustrated with this, however, I left for what is probably my ideal role as a Cyber Security Skills Policy Lead in the Department for Digital, Culture, Media and Sport (DCMS). In essence this has taken me full circle from being a product of the National Cyber Security Strategy to helping write the next iteration of the Strategy, alongside working on related policy initiatives. Working in the Skills area is particularly gratifying as it is related to my thesis, and it lets me stay close to the academic community that has given me so much. If I can affect policies that enable the cyber security academic community to flourish it will be my way of giving something back, a small measure of thanks for four fabulous years in the CDT.


Comments

Post a Comment

Popular posts from this blog

Post-PhD thoughts on the Cyber Security field: Amy Ertan, 2017 CDT Cohort, now Cyber and Hybrid Policy Officer at NATO HQ in Brussels.

It has been just over a year since I successfully completed my viva – a milestone that initially felt both terrifying and insurmountable when I first joined the CDT. Now, I have the privilege of reflecting on my PhD journey and how its opportunities have shaped my present. I also wish to inspire curious students to embrace the full potential of the CDT and similar programs.   When I first came across the CDT application form, I initially envisioned transforming from a disillusioned city worker into a technical cyber security wizard, focusing on governance or incident response – as those were the only cyber security functions I was familiar with at the time. Very quickly, the CDT taught me that cyber security encompasses a vast and comprehensive range of approaches, offering me a holistic perspective on the field. Supported by the CDT, I engaged with exciting research and practitioner communities to learn about security governance, feminist and critical approaches, geography, the philos
Read more

Remote working and Cyber Security: Georgia Crossland and Amy Ertan

Image
Introducing the project The shift to remote working represents a huge shift for employees and organisations alike, introducing significant implications for cyber security. Amy Ertan and Georgia Crossland are currently working on a research project, in collaboration with the Research Institute for Sociotechnical Cyber Security (RISCS) and funded by the UK National Cyber Security Centre (NCSC), on the impact of remote working on cyber security and wellbeing. This blog post will give an overview of a section of this project, how remote working impacts cyber security. In response to COVID-19, in March 2020, organisations across the world made the rapid shift away from physical office working to remote working, wherever possible. This shift has had a significant impact across many aspects of organisations. This blog post will offer a high-level overview of how the cyber threat landscape was impacted for many organisations and may further change organisational cyber resilience. Remote workin
Read more

New Publication: Remote Working and (In)Security?: Amy Ertan

Image
A recent research report by CDT researchers Amy Ertan and Georgia Crossland has been published with the Research Institute for Sociotechnical Cyber Security (RISCS). The report examines ‘The Impact of Pandemic-Driven Remote Working on Employee Wellbeing, the Psychological Contract and Cyber Security’, with research carried out through a series of interviews with senior cyber security colleagues between January and April 2021. The full report can be found on the RISCS website: New publication: Remote Working and (In)Security | RISCS. Context In the UK and around the world, the impact of COVID-19 represented a total shift away from what was considered ‘normal living’. One aspect of this change was the rapid transition to remote working as people were encouraged to work from home and limit contact with others as far as possible through repeated lockdown conditions. Fellow CDT colleague Georgia Crossland and I were curious to explore how remote working has impacted the experiences - and se
Read more