OU blog

Personal Blogs

Christopher Douce

Upskilling for cybersecurity

Visible to anyone in the world

During the 4th School of Computing and Communications AL Professional Development Conference  (OU blog post) I facilitated a session about continuing professional development. In that session, some of the tutors shared experiences of what they had done before.

As mentioned in one of the keynote introductions, one area of growth within the school is cybersecurity. What follows is a summary of resources and materials that may be useful for any tutor (or student) who might be looking to move into the area. 

This blog, which is intended for existing OU tutors emphasises OU resources that are available, but useful external resources are highlighted too. Since cybersecurity is a fast moving area, the links and resources highlighted on this page are likely to age relatively quickly.

CyBok

A good place to start is something called the Cyber Security Body Of Knowledge. A recommended area to look at is the CyBok Knowledgebase

The aim of the CyBok is to provide a summary of the topics and subjects that make up cybersecurity. It presents a lot of materials and concepts. Since some of these pages can be (sometimes) quite heavy going, it might be a good idea to look to other resources to get an introduction to some of the areas. 

OpenLearn

The OUs OpenLearn platform has a wealth of useful resources, which are presented in the form of bite sized short courses. OpenLearn has a whole section dedicated to cybersecurity.

This takes us to the following courses:

OpenLearn courses can offer a helpful introduction. When you have finished working through one of these short modules, learners can gain a digital badge (if these things are of interest). You can, of course, reference completing an OpenLearn module on a CV or application form.

OU modules

One of the best ways to upskill and to gain familiarity with a subject is to study an OU module using a tutor fee waiver. Depending on your interests, you can either study undergraduate or postgraduate modules. The undergraduate named degree has the title BSc (Honours) Cyber Security.

Notable modules which could be studied on a fee waiver include:

The school offers a Postgraduate Diploma in Cyber Security which contains four modules:

Postgraduate modules do differ from undergraduate modules in the extent to which students are required to carry out their own research. Students are also required to demonstrate advanced critical thinking skills. Also, since the postgraduate qualifications have an industrial focus, students are often required to relate their work based activity to their studies.

Before studying a postgraduate module, I would recommend any potential student to work through the following Open Learn module: Success in postgraduate study.

Cisco resources

Cyber security is a dynamic subject; computing technologies are continually changing and adapting, often driven by the needs of industry. Industrial providers and businesses need people to know how to use their tools of services. This means there are a lot industry led certifications which are designed to help IT practioners to understand and master their technologies.

One of the world’s leading suppliers of networking systems and technologies is Cisco. To help the users of its systems, it has devised a set of certifications and a learning platform called NetAcad.

Through NetAcad, OU tutors can study a number of short courses that relate to networking and cyber security, gaining digital badges. These badges that can be mentioned to on a CV (and, theoretically, mentioned during an OU skills audit with a friendly staff tutor). What follows is a short summary of free online self-paced study courses that can be accessed through Cisco NetAcad. 

Introduction to CybersecurityTwo key objectives are: “Learn what cybersecurity is and its potential impact to you. Understand the most common threats, attacks and vulnerabilities.” 15 hours.

Networking EssentialsThis introductory level module is described as being able to “Develop critical thinking and problem-solving skills using Cisco Packet Tracer”. 70 hours.

Cybersecurity EssentialsTwo key objectives are: “Understand security controls for networks, servers and applications. Learn valuable security principals and how to develop compliant policies.” 30 hours. 

Introduction to IoTIoT is an abbreviation for the Internet of Things. This course is said to help learners to “understand how the IoT is bridging the gap between operational and information technology systems”. 20 hours.

NDG Linux UnhatchedThe “Start From Scratch” Linux Course, which is described as learning basic installation and configuration of Linux software and get introduced to the Linux command line. 8 hours.

PCAP: Programming Essentials in Python“Learn programming from scratch and master Python”. 75 hours.

OU development events

A final category that is worth mentioning is the continuing professional development events that are organised by the OU. In addition to regular compulsory training that all tutors must go through, there are two broad categories of events that tutors can go to: general AL development events, and school specific events. 

A personal recommendation is that you find the time to attend at least one CPD events a year, just to keep up to date with what is happening across the university. If you’re able to attend more, then so much the better.

Reflections

If you are tutor and you’re thinking about teaching cyber security, some of these suggestions might be more useful than others. One of the best things that you could do is to study a module that you might be interested in teaching, perhaps in combination with some of the other options and materials that have been highlighted.

As well as an OU fee waiver, another source of funding is the AL development fund. This is a small pot of money that can be used for on going professional development that relates to your discipline, which isn’t immediate or directly provided by the university. The fund could be used for attending conferences, or completing short courses.

When upskilling, I find it is important to bear in mind the distinction between cyber security education and training. Whilst industrial certifications have their place, they often emphasise training. Training is about how to solve certain problems. Education is (of course) about how best apply training given a set of circumstances, and to have the ability to quickly gain new knowledge after having acquired and understood some fundamental concepts. I guess my point here is: the fundamental concepts are important.

From a personal perspective, I’ve used the fee waiver to study at least three different OU computing modules. Although I’ve always found studying quite a bit of work, it has always been rewarding. It has enabled me to not only learn about a new subject, but also to learn more about the experience of a student. I’ve also registered for Cisco NetAcad, but I haven’t made much progress. Doing more Cisco self-study is something I need to do.

If you would like to upskill, a final recommendation is to have a chat with your friendly staff tutor, particularly during your CDSA or skills audit conversation. They will have some practical advice about what you can do to ensure that you’re best placed to help students to study a particular subject.

Permalink Add your comment
Share post
Christopher Douce

Course for External Examiners

Visible to anyone in the world

On 9 November 2018 I attended a continuing professional development (CPD) course for external examiners run by the Higher Education Academy (or, AdvanceHE, as it is otherwise known). The course was facilitated by two OU colleagues: Professor Mark Brandon from the STEM faculty, and Naomi Watson from the WELLS Faculty. What follows are a set of notes that I made before and during the course. A week after the course, I edited everything together so I would have a rough sketch of what happened during the event. 

The aim of the course was to further understand the role of an external examiner, develop a deeper understanding of the nature of academic standards, and to ‘use evidence-informed approaches’ to inform judgements about ‘academic standards and the enhancement of student learning’.

The course was split up into two parts an online component (part 1) and a face to face component (part 2); participants had to complete both of these parts to complete the CPD. An interesting point was that completion was also recorded by the HEA. 

During the event, delegates were given a nicely printed A4 sized book, which had the catchy title: professional development course for external examiners. During the course we dipped into the book and completed a number of activities, writing down some personal reflections and thoughts. From time to time, I’ll refer to the book, the activities, or both. 

Preparing for the face to face session

To prepare, we all had to login to a virtual learning environment and complete a couple of activities (which I summarise below). The introductory information was useful; we were referred to the Higher Education Academy's A handbook for external examiners (PDF).

I also noted down the words: “external examiners gain oversight of assessment process, provide comment about the assessment process to say whether student learning outcomes are met and to offer informative comment on good practice”.

Activity 1: External examining of student work

We were asked to read an assessment briefing paper that described principles of feedback. The briefing paper contained information about learning outcomes, the level of study, information about the task that students had to complete, and provided a marking scheme. There were three learning outcomes: one about understanding, another about designing and a final one about taking account evidence into. Students were required to write a critical review of their own assessment practice.

We had to review three assignments and judge whether the work has been given the correct marks in coordination with the scheme and write a paragraph to give feedback regarding the academic standards of the module based on the assignments.

Activity 2: The external examiner role

This second activity emphasises that external examiners have a duty to help to maintain academic standards, ensure that institution policies and regulations are followed, that standards are comparable with those in other institutions, and to share good practice, and to be a critical friend. 

We were asked to comment on a short series of scenarios: a situation where a course leader asks for help, a situation where we had to deal with differences of opinion between examiners, and to consider a situation where there was low quality student work despite institutional staff working very hard to maintain standards.

During the face-to-face session

The face-to-face session was split into 7 short components (excluding a concluding section). These components had a mixture of listening, group work, followed by individual reflection activities. What follows is a very short summary of notes from these different sections. 

Session 1: Introduction

The first session was an introduction which referred to the QAA’s UK quality code for Higher Education, Chapter B7: External Examining (pdf) Echoing the introduction to this blog, externals are required to ensure threshold standards (QAA quality code, chapter B7, p. 4), ensure that processes are followed, and also ensure that academic standards are comparable between institutions.

During this first session we reviewed the activity 2 scenarios to further understand the role of the external examiner, and to understand the tensions, and to understand how to balance the different demands of ‘the process checker’, ‘critical friend’, and the maintainer of standards.

As a brief aside, it’s important to mention that appointments to external examining posts are made by universities. Examiners are recruited either through personal recommendations (where people are encouraged to apply), or through a national mailing list, which interested academics can sign up to.

Session 2: Variability in academic standards

In the second session we looked at another scenario and were asked to think about the challenge of how we actively score assignments. During the task I asked myself about the extent to which learning outcomes can or should be linked to assessment criteria. In the context of our scenario, a question that was asked (amongst our table) was: do students have access to the marking criteria?

This session had a second task, where we were asked about what issues might lead to variability in academic standards. I made a note of differences between people, tools and the task (nature of assessment).

Session 3: People as a source of variation

An interesting point that I noted down was an assertion that standards are socially constructed. To understand more about what this meant, and the idea of variation further, we were asked to complete another exercise that began with a question: what shapes our standards? Some points that I noted down were: from our institutions, values and beliefs, but also from specialist and professional knowledge of subjects.

Another question that we were asked was: where did you get your standards from? Some answers included: 

  • Influential people and groups such as colleagues and networks
  • Experience of working with students, carrying out assessments, and working within industry 
  • Known and understood professional values and beliefs, such as the aims of higher education and values from a discipline or subject.

Sessions 4 & 5 : Tools and tasks

This activity complemented one of the online preparation activities.  We were asked to look at module specification documents and descriptions that were from different sectors, professions and institutions. We were asked to think about internal reference points, such as qualification descriptors, learning outcomes and assessment guidance and external reference points, such as subject benchmark statements. 

These discussions led to an activity: we were given a set of cards which related to different scenarios that we might observe as external examiners. We were asked to place the cards on a two dimensional grid. One axis had the title ‘internal/external’ (which related to the types of tool the care related to), and the other had the title: ‘high/low effectiveness’. After a figuring out where the cards went, we were invited to have a look at what other groups had done.

Session 6: Profession practice

This session was all about figuring out what to do in certain situations. In our groups we were given a set of different external examining scenarios, and offered 5 different choice cards. After one of the group read out the scenario, we were invited to vote on what we thought was the best course of action. After the voting, discussed why we had chosen to vote the way we did.

It was a fun exercise; there were friendly differences of opinion about what strategies to adopt. I sensed that there was no right or wrong answer, and the best course of action might depend on a combination of different factors, including the institution, subject, and the colleagues that we’re working with.

Session 7: Social moderation and collaboration of standards

The penultimate session featured a couple of videos. There was one video of exam marking of a musical performance, and another video of a project where academics from Australian universities discussed how they would mark different pieces of work. In some respects, the second video (which featured a marking exercise) very much resembled by own experience of being a project marker on a Computing and IT project module. During the co-ordination meeting different tutors would present their views and justify their marks.

There seemed to be an important point underlying this final session, which I noted down, which is: ‘you need to be talking to other people within your subject to understand what the standards are’.

Reflections

All in all, this CPD was pretty good fun! Having had some experience of being an external examiner, I found that some of the discussions directly resonated with my personal experience. 

One of the key points that I took away from the session was a differences between internal and external documents (or tools) that can help and guide the external examiners. 

Although I had an implicit awareness of the distinction, the way that it was made clear was very helpful. In my own experience, I’ve been reviewing course descriptions and marking guides (internal documents) and also having a look at different qualification outlines (external documents). I have also remembered that I have, on occasions, had a look at module descriptions from other institutions (to help me carry out a comparison of standards).

I enjoyed the interactive element and the opportunity to discuss issues with colleagues from other schools and faculties. I don’t have any suggestions about how to improve the course, since it offers a lot of tools and useful tips. The next step for me is to try my best to connect what I’ve learnt to my current external examining contract.

Permalink
Share post

This blog might contain posts that are only visible to logged-in users, or where only logged-in users can comment. If you have an account on the system, please log in for full access.

Total visits to this blog: 2335049