Dr Phil Legg

I am an Associate Professor in Cyber Security at the University of the West of England (UWE Bristol), UK. I am also Co-Director of the UWEcyber Academic Centre of Excellence in Cyber Security Education (ACE-CSE), as recognised by the National Cyber Security Centre (NCSC), and I am also Programme Leader for the NCSC-certified MSc Cyber Security.

My research interests address the intersections of cyber security, machine learning, visual analytics, and human-computer interaction, including improving interpretability and understanding of risk, and improving robustness and trust of modern security technologies. Previous research has addressed insider threat detection and cyber situational awareness, through to human-machine teaming for assessing confidence and trust of multiple agents, and active adversarial machine-learning for identifying security vulnerabilities in dynamic learning systems. 

I have led externally-funded research projects, supported by DSTL, NCSC, InnovateUK, CCAV, and also by industry. Example projects include "HASTE: Human-centric active learning for decision support in threat exploration" and "RicherPicture: Automated network defence through business and threat led machine learning". Other research activities include detecting IoT security threats (supported by the National Cyber Security Centre). I also work closely with industry partners on PhD research studentships in the areas of cyber, defence and national security, and I have worked on industrial consultancy projects, including penetration testing of commercial systems, and developing bespoke clinical systems for the NHS. I am fortunate to currently supervise 4 PhD students: Andrew McCarthy, Gwyn Wilkinson, Yawei Yui, and Sinclair-Emmanuel Smith.

I teach Information Risk Management on MSc Cyber Security, and Security Data Analytics and Visualisation on BSc Cyber Security and Digital Forensics programme, whilst also supporting other teaching activities, and supervising undergraduate and postgraduate projects each year. 

I am also a co-founder of the Colloquium for Information Systems Security Education UK (CISSEUK), supported by the NCSC, that aims to promote sharing and collaboration to improve cyber security education across the UK. As part of this, I work to deliver outreach and external engagement to promote cyber security, working with schools and adult learners. Recently, I have been involved with the NCSC Cyber Schools Hub and the EmPowerCyber workshop, as well as the Unlock Cyber project, and the Bristol Festival of Learning.

I originally studied at Cardiff University for both my BSc Computer Science and my PhD Computer Science. After completing my PhD in 2010, I went on to post-doctoral research and teaching roles at Swansea University (2010-2013) and the University of Oxford (2013-2015), working with a variety of stakeholders in industry and government. I joined UWE Bristol in 2015. I hold a Postgraduate Certificate in Teaching and Learning for Higher Education (Distinction), and I am a Fellow of the Higher Education Academy. I am a professional member of the IEEE and ACM, and hold professional certifications for CompTIA Security+, Palo Alto Networks, and Microsoft Azure.