Professor Phil Legg

I am Professor of Cyber Security at the University of the West of England (UWE Bristol), UK, in recognition of "Advancing Teaching and Learning" (Primary domain) and for "Research with Impact" (Secondary domain). I am Co-Director of the UWEcyber Academic Centre of Excellence in Cyber Security Education (ACE-CSE), as recognised by the National Cyber Security Centre (NCSC). I served as Programme Leader for the NCSC-certified MSc Cyber Security at UWE from when it first started in 2018, eventually handing over this role in September 2024. As of Summer 2024, I have supported on the Programme Leadership team for BSc Cyber Security and Digital Forensics with a focus on industry partnership and external engagement. I have led the Cyber Security research theme of the Computer Science Research Centre (CSRC) since the centre was formed in 2019.

My research intersects across Cyber Security, looking at how machine learning, visual analytics, and human-computer interaction are adopted within cyber security, to improve interpretability and understanding of risk, and to improve robustness and trust of modern security technologies. My early research addresses the robustness of machine learning and computer vision systems, as well as how such models can be utilised for insider threat detection and cyber situational awareness. I have also worked on developing mitigations against adversarial machine learning techniques, as well as investigation container-based security vulnerabilities. More recently, I have been interested in how human-machine teaming can help to establish confidence and trust in human-machine agents, and how active learning techniques can be used to interrogate model robustness and identify security vulnerabilities such as adversarial learning cases. 

I have led externally-funded research projects, supported by DSTL, NCSC, InnovateUK, CCAV, and also by industry. Example projects include “Measuring the Suitability of Artificial Intelligence in Autonomous Resilience for Cyber Defence”, “HASTE: Human-centric active learning for decision support in threat exploration” and “RicherPicture: Automated network defence through business and threat led machine learning”. I also work closely with industry partners on PhD research studentships in the areas of cyber, defence and national security, and I have worked on industrial consultancy projects, including penetration testing of commercial systems, and developing bespoke clinical systems for the NHS. I currently supervise a number of PhD students within the CSRC, with a growing interest in cyber security across disciplines.

I currently teach Cyber Security Analytics and Cyber Security Consultancy, whilst also supporting other teaching activities, and supervising undergraduate and postgraduate projects. Previous modules include Security Data Analytics and Visualisation, Security Management in Practice, Object-Orientation Design Analysis and Programming, and Principles of Computing.

I am a co-founder and director of CSE-Connect (formerly CISSEUK), supported by the NCSC, that promotes sharing and collaboration to improve cyber security education across the UK and internationally. As part of this, I work to deliver outreach and external engagement to promote cyber security, working with schools and adult learners. I have also led external-funded teaching and learning initiatives including the CyberWEST teacher training programme, co-creation of learning resources for cyber security education, and development of resources for cyber-physical systems security. I have been involved with government outreach schemes from Cyber Schools Hub, CyberFirst, and the EmPowerCyber workshops, as well as the UWE Unlock Cyber project, and the Bristol Festival of Learning.

I originally studied at Cardiff University for both my BSc Computer Science and my PhD Computer Science. After completing my PhD in 2010, I went on to post-doctoral research and teaching roles at Swansea University (2010-2013) and the University of Oxford (2013-2015), working with a variety of stakeholders in industry and government. I joined UWE Bristol in 2015. I hold a Postgraduate Certificate in Teaching and Learning for Higher Education (Distinction), and I am a Fellow of the Higher Education Academy, a Full Member of the Chartered Institute of Information Security (CIISec), a member of the Council of Professors and Heads of Computing (CPHC), and hold professional certifications for CompTIA SecurityX (formerly CASP+), PenTest+ Security+, Palo Alto Networks, and Microsoft Azure.

For the latest details on projects, publications and resources, please see my web page: https://pa-legg.github.io