Royal Holloway is building the cybersecurity experts of tomorrow

Submitted by ashton.wenborn on Fri, 04/28/2023 - 16:25

According to research from the Department for Digital, Culture, Media and Sport, almost 700,000 businesses in the UK have a basic skills gap when it comes to cybersecurity. This means that more than half of businesses surveyed by the government lack staff with the technical skills, ability to respond to a breach or incident, or the governance skills to manage how they protect their information security.

The master’s in information security at Royal Holloway, University of London, is one of the longest-running master’s degrees in this specialism in the world and aims to bridge that skills gap. 

The course is accredited by the National Cyber Security Centre, meaning the qualification is recognised by employers, and students have several options for study: it is taught on campus, in person over 12 months; it can be studied part-time; it can include a nine to 12-month placement; or a parallel master's course; or it can be studied via distance learning.

The course is structured so that students cover the foundations of cybersecurity in the first term, and can then combine different modules depending on where their interests lie. “Some of these options are quite technical and require a computer science background; others look at security and society, cybercrime and the like,” explains Chris Mitchell, professor of computer science and head of the Department of Information Security at Royal Holloway.

This reflects how the world of cybersecurity – and the careers available in it – has changed since the course began in 1992. “We can connect every device imaginable to the internet today, which makes security difficult to manage,” Mitchell said. “And while we’re moving to tighter legislation on internet-connected devices, and companies spend lots of money on risk analysis and awareness, at the same time the cybercriminals have been upping their game.”

Students without a technology background must spend time to understand the basics, but they come out equipped with the skills to work in the industry. While there are many roles available in technical areas such as penetration detection or building security defences, companies also need individuals who can manage security awareness through staff training, who understand the psychology behind cybercrime and who can manage teams of cybersecurity experts. 

Links to industry mean course alumni are well placed to find a role after completing the degree. As well as the option to do an industry placement, seminars often feature leading industry figures such as heads of risk or chief security officers at major employers. “This works really well as students can see someone real who is working in the field,” Mitchell says.

Employers regularly present industry seminars that are not part of students’ assessment but increase their understanding of the threats and challenges organisations are dealing with. “We stay rooted in the needs of business,” Mitchell says. “We also do a lot of collaborative research with industry and work with panels of industry experts whenever we review our programme. Our aim is to equip people to go out and work in the security industry, rather than working towards a specialist PhD.” 

Find out more about the Department of Information Security at Royal Holloway, University of London.


The world of cybersecurity is evolving rapidly, but many businesses lack the skills to manage and deal with the threats they face. A master’s in cybersecurity at Royal Holloway is equipping a new generation of cyber specialists with these vital skills

Display TAP Popcard?
Article type
Created date