I really couldn’t imagine doing my PhD anywhere else - Dr Joanne Woodage

Looking back at my time in the CDT, I really couldn’t imagine doing my PhD anywhere else and I feel very grateful for the many opportunities it has presented to me.

Not least that I was accepted me as a student in the first place! When I graduated from the University of Manchester with a Mathematics degree in 2013, I had no idea what I wanted to do. Having spent much of the next year failing to ‘find myself’ on a backpacking trip around Asia, I stumbled across cryptography and wondered if this might be a way that I could use the pure

mathematics I had enjoyed in my degree in an applied context. I’d never done any formal work in cryptography and my computer science skills didn’t extend far beyond a cursory grasp of Excel, so I feel very lucky that the CDT was willing to take a chance on a student with a lot of enthusiasm but very little concrete experience.

The CDT attracts students from a real mixture of backgrounds and areas of expertise, and the diverse cohort this creates is one of the group’s greatest strengths.

As a complete newcomer to cyber security, my first year in the CDT was an onslaught of new concepts and three letter acronyms, and there were definitely times when I wondered how I would ever understand anything enough to produce a thesis. Our first year training was invaluable to get up to speed on the wide range of topics that fall under the umbrella of cyber security. We were also given the freedom to explore different areas before settling on a research topic, which allowed me to completely change direction away from the mathematical cryptography that I’d assumed I’d work on to provable security, an area of cryptography which draws on techniques from theoretical computer science to construct rigorous and formal proofs that cryptographic schemes achieve certain security properties.

My PhD work focused on the application of provable security to ‘real world’ cryptographic problems, and included analysing (and finding flaws in) standardised and widely deployed pseudorandom number generators, and developing cryptographic solutions to facilitate verifiable abuse reporting in encrypted messaging applications.

On top of the opportunity to work in a world-class research environment in the Information Security Group at Royal Holloway, the CDT was brilliant for facilitating opportunities to engage with the wider research community, in particular with industry. In our first year we had regular visits to or from companies with links to the department, which undoubtedly helped steer my research away from pure theory towards real-world problems, and the travel support we were given allowed me to present my work at conferences around the world. I was very lucky to undertake two excellent internships, spending four and a half months at Cornell Tech in New York City, and three months at Microsoft Research in Redmond. The Microsoft internship, taken to fulfil the CDT’s expectation of an industry placement, was pivotal to my decision to move into industry after my PhD. I’m so glad that the CDT forced me to step outside the university environment that I’d become comfortable in and see the opportunities beyond.

Following my time in the CDT, I spent a brilliant year working at Crypto Quantique, a London-based start-up developing end-to-end security solutions for the Internet of Things. While it was nerve-wracking leaving the academic ivory tower for my first ‘proper’ job, I found myself pleasantly surprised by how well-prepared I was thanks to the CDT. The broad cyber security training in the first year has proven a solid foundation upon which to build deeper knowledge, and the strong engagement with industry meant that this new environment wasn’t entirely unfamiliar. Most importantly, the CDT shifted my mind-set to find the things I don’t know less daunting and more exciting, and has taught me that you can pick up almost anything if you stick at it long enough. In a couple of weeks, I will be joining Microsoft Research, Cambridge, and am excited for all that lies ahead.

Writing this has made me think back to the very start of my PhD and how much things have changed. Concepts that seemed utterly impenetrable at the start of my CDT studies are now things I use every day at work, and the direction my career has taken is very different to what I expected when I started, and much the better for it. The CDT has opened doors that I never knew existed and – corny as it sounds – has really changed my life. I’m very thankful to have been given the opportunity to complete my PhD studies in such a unique and special place


Comments

Post a Comment

Popular posts from this blog

Post-PhD thoughts on the Cyber Security field: Amy Ertan, 2017 CDT Cohort, now Cyber and Hybrid Policy Officer at NATO HQ in Brussels.

It has been just over a year since I successfully completed my viva – a milestone that initially felt both terrifying and insurmountable when I first joined the CDT. Now, I have the privilege of reflecting on my PhD journey and how its opportunities have shaped my present. I also wish to inspire curious students to embrace the full potential of the CDT and similar programs.   When I first came across the CDT application form, I initially envisioned transforming from a disillusioned city worker into a technical cyber security wizard, focusing on governance or incident response – as those were the only cyber security functions I was familiar with at the time. Very quickly, the CDT taught me that cyber security encompasses a vast and comprehensive range of approaches, offering me a holistic perspective on the field. Supported by the CDT, I engaged with exciting research and practitioner communities to learn about security governance, feminist and critical approaches, geography, the philos
Read more

Remote working and Cyber Security: Georgia Crossland and Amy Ertan

Image
Introducing the project The shift to remote working represents a huge shift for employees and organisations alike, introducing significant implications for cyber security. Amy Ertan and Georgia Crossland are currently working on a research project, in collaboration with the Research Institute for Sociotechnical Cyber Security (RISCS) and funded by the UK National Cyber Security Centre (NCSC), on the impact of remote working on cyber security and wellbeing. This blog post will give an overview of a section of this project, how remote working impacts cyber security. In response to COVID-19, in March 2020, organisations across the world made the rapid shift away from physical office working to remote working, wherever possible. This shift has had a significant impact across many aspects of organisations. This blog post will offer a high-level overview of how the cyber threat landscape was impacted for many organisations and may further change organisational cyber resilience. Remote workin
Read more

New Publication: Remote Working and (In)Security?: Amy Ertan

Image
A recent research report by CDT researchers Amy Ertan and Georgia Crossland has been published with the Research Institute for Sociotechnical Cyber Security (RISCS). The report examines ‘The Impact of Pandemic-Driven Remote Working on Employee Wellbeing, the Psychological Contract and Cyber Security’, with research carried out through a series of interviews with senior cyber security colleagues between January and April 2021. The full report can be found on the RISCS website: New publication: Remote Working and (In)Security | RISCS. Context In the UK and around the world, the impact of COVID-19 represented a total shift away from what was considered ‘normal living’. One aspect of this change was the rapid transition to remote working as people were encouraged to work from home and limit contact with others as far as possible through repeated lockdown conditions. Fellow CDT colleague Georgia Crossland and I were curious to explore how remote working has impacted the experiences - and se
Read more