OU blog

Personal Blogs

Christopher Douce

Upskilling for cybersecurity

Visible to anyone in the world

During the 4th School of Computing and Communications AL Professional Development Conference  (OU blog post) I facilitated a session about continuing professional development. In that session, some of the tutors shared experiences of what they had done before.

As mentioned in one of the keynote introductions, one area of growth within the school is cybersecurity. What follows is a summary of resources and materials that may be useful for any tutor (or student) who might be looking to move into the area. 

This blog, which is intended for existing OU tutors emphasises OU resources that are available, but useful external resources are highlighted too. Since cybersecurity is a fast moving area, the links and resources highlighted on this page are likely to age relatively quickly.

CyBok

A good place to start is something called the Cyber Security Body Of Knowledge. A recommended area to look at is the CyBok Knowledgebase

The aim of the CyBok is to provide a summary of the topics and subjects that make up cybersecurity. It presents a lot of materials and concepts. Since some of these pages can be (sometimes) quite heavy going, it might be a good idea to look to other resources to get an introduction to some of the areas. 

OpenLearn

The OUs OpenLearn platform has a wealth of useful resources, which are presented in the form of bite sized short courses. OpenLearn has a whole section dedicated to cybersecurity.

This takes us to the following courses:

OpenLearn courses can offer a helpful introduction. When you have finished working through one of these short modules, learners can gain a digital badge (if these things are of interest). You can, of course, reference completing an OpenLearn module on a CV or application form.

OU modules

One of the best ways to upskill and to gain familiarity with a subject is to study an OU module using a tutor fee waiver. Depending on your interests, you can either study undergraduate or postgraduate modules. The undergraduate named degree has the title BSc (Honours) Cyber Security.

Notable modules which could be studied on a fee waiver include:

The school offers a Postgraduate Diploma in Cyber Security which contains four modules:

Postgraduate modules do differ from undergraduate modules in the extent to which students are required to carry out their own research. Students are also required to demonstrate advanced critical thinking skills. Also, since the postgraduate qualifications have an industrial focus, students are often required to relate their work based activity to their studies.

Before studying a postgraduate module, I would recommend any potential student to work through the following Open Learn module: Success in postgraduate study.

Cisco resources

Cyber security is a dynamic subject; computing technologies are continually changing and adapting, often driven by the needs of industry. Industrial providers and businesses need people to know how to use their tools of services. This means there are a lot industry led certifications which are designed to help IT practioners to understand and master their technologies.

One of the world’s leading suppliers of networking systems and technologies is Cisco. To help the users of its systems, it has devised a set of certifications and a learning platform called NetAcad.

Through NetAcad, OU tutors can study a number of short courses that relate to networking and cyber security, gaining digital badges. These badges that can be mentioned to on a CV (and, theoretically, mentioned during an OU skills audit with a friendly staff tutor). What follows is a short summary of free online self-paced study courses that can be accessed through Cisco NetAcad. 

Introduction to CybersecurityTwo key objectives are: “Learn what cybersecurity is and its potential impact to you. Understand the most common threats, attacks and vulnerabilities.” 15 hours.

Networking EssentialsThis introductory level module is described as being able to “Develop critical thinking and problem-solving skills using Cisco Packet Tracer”. 70 hours.

Cybersecurity EssentialsTwo key objectives are: “Understand security controls for networks, servers and applications. Learn valuable security principals and how to develop compliant policies.” 30 hours. 

Introduction to IoTIoT is an abbreviation for the Internet of Things. This course is said to help learners to “understand how the IoT is bridging the gap between operational and information technology systems”. 20 hours.

NDG Linux UnhatchedThe “Start From Scratch” Linux Course, which is described as learning basic installation and configuration of Linux software and get introduced to the Linux command line. 8 hours.

PCAP: Programming Essentials in Python“Learn programming from scratch and master Python”. 75 hours.

OU development events

A final category that is worth mentioning is the continuing professional development events that are organised by the OU. In addition to regular compulsory training that all tutors must go through, there are two broad categories of events that tutors can go to: general AL development events, and school specific events. 

A personal recommendation is that you find the time to attend at least one CPD events a year, just to keep up to date with what is happening across the university. If you’re able to attend more, then so much the better.

Reflections

If you are tutor and you’re thinking about teaching cyber security, some of these suggestions might be more useful than others. One of the best things that you could do is to study a module that you might be interested in teaching, perhaps in combination with some of the other options and materials that have been highlighted.

As well as an OU fee waiver, another source of funding is the AL development fund. This is a small pot of money that can be used for on going professional development that relates to your discipline, which isn’t immediate or directly provided by the university. The fund could be used for attending conferences, or completing short courses.

When upskilling, I find it is important to bear in mind the distinction between cyber security education and training. Whilst industrial certifications have their place, they often emphasise training. Training is about how to solve certain problems. Education is (of course) about how best apply training given a set of circumstances, and to have the ability to quickly gain new knowledge after having acquired and understood some fundamental concepts. I guess my point here is: the fundamental concepts are important.

From a personal perspective, I’ve used the fee waiver to study at least three different OU computing modules. Although I’ve always found studying quite a bit of work, it has always been rewarding. It has enabled me to not only learn about a new subject, but also to learn more about the experience of a student. I’ve also registered for Cisco NetAcad, but I haven’t made much progress. Doing more Cisco self-study is something I need to do.

If you would like to upskill, a final recommendation is to have a chat with your friendly staff tutor, particularly during your CDSA or skills audit conversation. They will have some practical advice about what you can do to ensure that you’re best placed to help students to study a particular subject.

Permalink Add your comment
Share post
Christopher Douce

TM112 Tutor briefing: number 2

Visible to anyone in the world
Edited by Christopher Douce, Tuesday, 2 Oct 2018, 11:46

Earlier this year I wrote a short post to summarise a TM112 tutor briefing that took place close to the Open University headquarters in Milton Keynes in March 2018. The aim of that event was to introduce the module to tutors, enable them to meet each other, and form them to ask questions.

Since TM112 Introduction to Computing and IT 2 (OU website) starts twice a year (once in April and again in October), this blog post is a summary of the second TM112 briefing.

In many respects, this briefing was really similar to the first: members of the module team introduced the different blocks of the module, I spoke about some of the ideas behind the group tuition strategy, and we looked at a marking exercise to get a feel for what kind of teaching we would be doing. 

There were three parts of the briefing that were (to me) particularly memorable. 

Python programming

The first part was a talk by Richard Walker, who is an associate lecturer and member of the module team. Richard spoke about ‘Problem Solving with Python: approaches and projects’. A point I noted down was that a common issue in the teaching of programming is a lack of emphasis on the importance of problem solving skills. Also, there is a misapprehension that programming can and should be fun, since it is an inherently creative activity. Also, importantly, students can have misleading mental models of what happens within a language. Whilst learning programming can be difficult, it is important to nurture what is known as a growth mindset; that it is possible to get better and develop through practice.

Computer Security and Privacy

The second part was presented by Mike Richards, who also gives what is called the ‘guest lecture’ on TM112. Mike introduced theme 3: information technology in the wild. He spoke about CIA: confidentiality, integrity and availability, recommended that students created what was called a diary of reading (to collect news stories about cybersecurity). He also said that the module introduces encryption, mentions the dark web and blockchain before mentioning a case study of a high profile cyber attack. He concluded by touching on wider (and important) issues of freedom of speech and the way that algorithms can potentially influence our lives and civic debates.

Tutorial planning exercise

During the briefing, we were divided up into groups, and asked to create a hypothetical plan for a tutorial that was connected to a module topic. Our group comprised of myself and two other tutors. We were given the topic of ‘location based computing’. What follows is a rough tutorial plan. If you randomly find this blog post, do feel free to borrow, modify and steal this plan!

  1. Use a poll to ask everyone their views about location based computing. Are students: happy, unhappy, worried, or don’t know.
  2. Begin a discussion to ask everyone if they have any examples of location based computing, and also to get an appreciation of what everyone understands by that term.
  3. Sharing of examples: one example that was discussed was a technology to keep track about where your child or partner is. Whilst this can help with safety, it also has privacy implications too; every technology can be used for good and bad things. Another example are the alerts on your mobile phone which appear after visiting places. Are there issues about using of social media? What is exposed when you tweet or update Facebook? There are some positive examples too, such as sharing maps of areas where you have gone running.
  4. One interesting idea is to demonstrate location based computing using some Python code. Tutors might demonstrate how pins can be added to Google maps, or there could be a service to show how far everyone is from the university head office in Milton Keynes. This could be done by screen sharing from a tutor’s computer.
  5. After a final closing discussion or a summary, the tutor could present everyone with a second (anonymous) poll to see if anyone has changed (or developed) their opinions.

Reflections

I always like tutor briefings, and I especially liked the tutorial planning activity; I can’t remember ever having been a part of this before. I also really liked the ideas that we came up with. A personal confession is that I’ve not used polls within my own online tuition practice, and that is something that I feel that I need to figure out how to do. I also need to learn how to get a more thorough understanding of how to use screen sharing too.

During my part of the briefing I said, ‘by the end of this module, tutors will be teaching in innovative ways and doing things that the module team had never dreamt of’. I firmly believe this.

Acknowledgements

Many thanks to the two fellow tutors who contributed to the discussions about the above tutorial plan. You know who you are!

Permalink Add your comment
Share post
Christopher Douce

TM112 Tutor briefing

Visible to anyone in the world
Edited by Christopher Douce, Sunday, 25 Mar 2018, 16:32

On Saturday 24 March I attended a tutor briefing for a new module TM112 Introduction to Computing and IT 2 which is going to be presented for the first time next month.

I really enjoy tutor briefings; they enable tutors to meet members of the module team, and for tutors to meet each other and their line manager (who is known as their staff tutor). They also serve another very important purpose: the briefing helps tutors to get up to speed with the concepts that tutors will be helping to teach.

I attended this briefing whilst being aware that the vice chancellor had reportedly said that: “the people who work here should be bloody well teaching”.

I have this habit of writing blog summaries of various OU events that I attend, since that way I can remember what I did during the year, and I end up with a resource that I can refer back to. This blog is no exception; what follows is a quick textual sketch of what happened during the TM112 briefing. In some respects, this blog also directly speaks to and connects with the VC’s comments; I add further comment in the reflections section that you can find towards the end. 

Introduction to TM112

Paul Piwek, module chair and Senior Lecturer in Computing and IT began with an introduction to TM112. It contains three themes: essential information technologies, problem solving with Python, and information technology in the wild. These themes are interleaved within three blocks which make up the core of the module. The module has three tutor marked assessments and a set of quizzes which feed into the assessments. Students can also use an ‘are you ready for’ quiz, and participate in a module wide ice breaker activity.

Group Tuition Policy

The next bit was mine! I worked with Paul on the Group Tuition Policy strategy for TM112. Between us we set up a design that was intended to support students at key points throughout the module. An important design objective was to create a plan that offered tutors with some constructive guidance, whilst also being adaptable. A key question that I asked Paul early on during the design process was: can we provide some tips that our tutors can use? He later directed me to some important sections that had been designed into the module materials.

An interesting part of this GTP for TM112 is that is contains two module wide events. One of these events is run by the library. The library event has the intention of helping students to become familiar with many of the resources that the university has to offer students. Being aware of the library will, of course, be invaluable when students move onto later modules.

Another module wide event is an expert lecture Q&A session. Before TM112 officially starts, a lecture that is linked to the TM112 theme of ‘information technologies in the wild’ is recorded. During the presentation of TM112 students will then be asked to watch that lecture and then attend a ‘retrospective tutorial’ where they can ask questions.

Theme 1: Essential Information Technologies

Essential Information Technologies was introduced by Lindsey Court. Lindsey told us all about materials which teach about binary and data representations, told us that the module would be teaching concepts about fundamentals of hardware and software, and then introduce important concepts of cloud computing (which can then be studied in depth in TM352 Web, mobile and cloud technologies). There were also some pointers to how ‘the cloud’ has changes (and is changing) the computing jobs market. The role of the DevOp was mentioned, along with the topic of green computing.

Other subjects in this theme included mobile phones, location based computing and a discussion about the different kinds of data help on your personal computer. An interesting note that I made was that the activities that feature within the module not only connect to the tutor marked assessments, but also to some common interview questions that are asked to candidates who are applying to work in technology jobs.

Theme 2 : Problem Solving with Python

This second theme is introduced by Paul, Robin Laney, Michel Wermelinger and Richard Walker. Paul began by telling us all that TM112 explicitly teaches programming problem solving and introduces students to a range of practice assessments before leading students towards two mini projects which are, of course, linked to the TMAs. 

An important aspect of the module design (and teaching) has been the development of animations and materials that help students to create their own mental model of what happens when a computer runs programs. To complement this, Tony Hirst, a fellow Computing lecturer, has designed a number of stretch activities to help and inspire students who may be already familiar with some of the key module concepts.

I made a couple of notes during Michel’s section, which was entitled ‘patterns, algorithms and programs’. The module guides students from problem to code. Students are encouraged to think about concepts such as allowable inputs, test data, and begin to think about things such as algorithmic templates. A key phrase I noted was: ‘practice makes problem solving perfect’.

Paul continued by talking about how the module helps students to understand the concept of functions, drawing our attention to both animations and diagrams. In the teaching of Python, there is an emphasis on experimentation; students are encouraged to interrogate the machine (drawing on the idea of a mental model) to look into the mind of the Python interpreter which runs the student’s Python programs.

Richard Walker introduced a section entitled ‘diving into data’. This part of the module offers students a taste of data analysis by using real data from the Office of National Statistics whilst making the important point: data analysis is one thing, interpretation and critical thinking is still needed. Richard said that his section also links to employability. He mentioned that he encourages students to start a programmer’s ‘lab notebook’, which is something that is very important when students get to the TM470 project module

Paul wraps up the second theme by returning to Python and mentioning an important program construct: the notion of dictionaries. I really liked the activity that he mentioned: students using the Python data structure to make a ‘flash card’ program that helps students learn key terms from the module glossary.

Theme 3 : Information technologies in the wild

This final theme was presented by Mike Richards, who also happens to be our expert lecturer. Mike co-chaired the predecessor module, along with another colleague, John Woodthorpe.

I found Mike’s presentation of theme 3 fascinating. He began by talking about the first section, which was about computer security technologies and their application; topics that have links to Cybersecurity. Mike said that the module would also be introducing students to ethical issues, such as technology and freedom of speech. I made a note that he mentioned cyberlibertarian, John Perry Barlow (Wikipedia).

The next section had the title ‘dangerous data’. One of the concepts that is featured is CIA, an abbreviation for Confidentiality, Integrity and Availability. This part of the module draws on materials from a documentary called Cybercrimes with Ben Hammersley (YouTube trailer). Mike has also interviewed people from Sophos, the antivirus protection company. Students are given a task to complete a cyber security diary, which feeds into an assessment. Mike got me thinking: how often, exactly, does my mobile telephone or laptop update with new versions of software? Also, do I really understand all the risks associated my own personal use of technology?

Confidentiality is important, and this term connects up to a section entitled ‘the secrets of keeping secrets’. Concepts such as hashes, asymmetric and symmetric key cryptography are introduced, enabling students to answer the question: ‘how can you shop securely on sites such as Amazon?’ Mike also mentioned AES encryption, Bitcoin and the Blockchain, and this leads us to an important question: ‘what does this technology do for us, or do to us?’ (I think I have noted this down correctly!) Students step towards understanding the concept of the dark web and are also introduced to key bits of legislation in computer law: the Computer Misuse Act and the Data Protection Act (as well as a new bit of EU legislation called the GDPR).

The final bits that Mike spoke to us about were connected to an important and profound question: what is technology doing to our society? There were two other follow on questions that I noted down whilst Mike talked: is there such a thing as search engine bias? And, should we allow social media organisations to dictate the content of our news?

Reflections

If I wasn’t so busy tutoring on another module, I would love to be a tutor on TM112; it seems to have a fabulous mix of practical skills development, important theoretical knowledge, and debate that encourages critical thinking. From my perspective as a staff tutor, I’m very much looking to working with the London region TM112 associate lecturers who I will be supporting. I hope they love the module, and their students love it too.

One thing that is very clear from this TM112 briefing day was that every single member of the TM112 module team did some bloody good teaching.

They did a bloody good job because it is what they do, and what they have always done. 

During my time as an associate lecturer and as a staff tutor I’ve come to realise the obvious; that teaching is about communication. Module teams are communicating all the time; they talk about their subject, and they talk endlessly about teaching and learning. Module team members teach each other and learn from each other. They go on to teach students through module materials, they learn about what works and doesn’t work, and what students like and don’t like.

Teaching isn’t just about standing up in front of a classroom; it’s also about being thoughtful, it’s about planning, it’s about writing, and it’s also about listening.


Permalink Add your comment
Share post

This blog might contain posts that are only visible to logged-in users, or where only logged-in users can comment. If you have an account on the system, please log in for full access.

Total visits to this blog: 2335233