Interviews

Phil Wood at Bucks

by Mark Rowe

They say that those who can do, and those that can’t teach. That does not really apply to Phil Wood, at Bucks New University. As he told Mark Rowe at the uni’s base in High Wycombe, he teaches security, and he does it.

As you go through the door of Phillip Wood’s upstairs office at Bucks New University, on the left-hand wall is a large white-board. It was covered with writing in black pen: lists and lines, covering about the whole of security management. BYOD (bring your own device), remote and lone working, competitive intelligence. Only after he had gone through the security management and business continuity courses, did the white-board make sense; he also co-ordinates security for the uni, which has a campus in the centre of High Wycombe in Buckinghamshire and another in Uxbridge in nearby north-west London. While it is, as Phil Wood said, a small university, those two jobs mean, as he said, ‘it’s a busy life’. But of a piece with what I knew of Bucks New already. At the Security Institute annual conference in 2010 in nearby Great Missenden, Prof Chris Kemp of Bucks New spoke. I was struck by how keen he and his institution were to link their learning to the work of business. Chris Kemp has worked on the event security and crowd management side, bringing in veterans from the music and festival and other event stewarding sector such as Mick Upton and Mark Hamilton. And it was evidently not only talk; when I reported to reception and signed in, a receptionist answered the phone and told the caller: ‘I’m with a customer.’ While someone else at the reception desk was a youth asking about paying to use the swimming pool, and the receptionist did not know my business, it’s far from usual for a university – though maybe less so in these days of student fees – to see someone as a customer.

While Phil Wood has a masters degree from Leicester, it is plain that Bucks New take a different approach from criminology-based security management courses. This is not to prefer one or the other, as all universities offering security management degrees stress use of new technology, and how (to use Phil’s words) they try to make study ‘the least intimidating process it can be’. Those taking a security management or related course may well be middle-aged or at least some years into their career, or coming into security from the armed forces. Simply to regard themselves as ‘students’ may feel odd. Besides, as Phil said: “There’s a real reticence, understandably, to spend time, money and effort on something which they, or even an employer, will not see as valuable to them in the long term. So we try to keep abreast of what people want, rather than what we might think they should be having.” That includes following social media, Linkedin and other forums on the internet, where security people (and potential students) are airing concerns. For one thing, just as security management cannot stand still, nor can the academic courses. Phil gave the example of the January terrorism against the Algerian oil plant at In Amenas, which highlights something in the minds of some organisations for a long time. It became the ‘flavour of the month’; with lessons to learn for protective security and business continuity. As Phil Wood put it, the core tenet is about developing thinking professionals. “There is a tendency to rely upon checklists and processes to conduct some security and related activities and they are perfectly acceptable, in their place; however, if people rely too much upon frameworks and checklists it takes away that initiative and that added value that this brings to an organisation; about being able to think.” He added that the need is to develop thinkers, the mentally agile who can apply learning in the workplace. Rather than learning for learning’s sake, and a certificate at the end, he spoke of people being prepared to challenge, and be challenged.

As elsewhere in higher education, Bucks New has to work out how to provide ‘distance learning’ to students who may well not want to, or simply not able to, attend a campus regularly, or at all; and indeed to students who may not have the A-levels at the right grades that 18-year-old undergraduates have, but do have years of work experience. I asked about the MSc in business continuity, security and emergency management; could you have a different mix, depending on how much you wanted to learn of the three? Phil replied: “What we try to do; if you have a particular interest, you can follow that and develop it right through the course. If it’s related to your workplace and you have a particular interest in maintaining the organisation’s resilience, but at the back of your mind you are thinking you want to develop a security function, you can follow that right the way through the course. Your focus is your choice.” As an example he walked over to shelves and pulled out three student bound dissertations, covering music festival security management; Islamic groups and terrorism; and counter-insurgency. The dissertation, as at other universities and indeed in non-security courses, is a peak of the course – 20,000 words for the Bucks New MSc. (In number of words, that’s the equivalent perhaps a third or half of a book, or several very, very long magazine articles.)

The first module, of six months, takes in three workshops with guest speakers, besides self-study. Your tasks: to do research, and to get used to reading – beyond online news websites. In the jargon, ‘self-directed study’. The main assessed parts of the first module are three, 2000-word case studies of your choice, where you’re encouraged to form opinions; make links; see similarities. This third of the course ends with an exam, done electronically, based on the case studies. The second module, is about applying thought: “We give them a notional company scenario, and we run a desk-top exercise with them.” The scenario may set out where the company operates, its sites and people, and gives threats to analyse and respond to. Then students have to give a presentation; and argue their case. He stressed that the students’ response has to be more than some bullet-points on Powerpoint. Students then write a report, which further analyses their response to a situation, ‘and allows them to make a judgement about whether they got it right or wrong, and recommend what to do next time’. The learning is rooted in as much reality as the Bucks New tutors can make. Third and final: the dissertation.

What you learn, and the piece of paper at the end, Phil agreed, is only part of the point of a university course; for students, including himself, higher education is about gaining confidence in your abilities. He spoke of the workshops, steered by the tutors, a cross between a conference and networking event, when the learning of students from each other is almost physically visible. Phil was an officer in the Royal Air Force Regiment; he recalled that he left seven years ago without a degree and not really equipped to do anything, except general management. “I have been in literally the same situation as everyone who is ex-military. And it’s a point that I make often: being in the military and being in the police, doesn’t make you a security specialist; it makes you good at a lot of things; but it doesn’t make you a security specialist, and even in the specialised areas where you might be, in military policing or intelligence, it’s only one area of a security profession.” He joined the training company ARC Training International, run by David Cresswell, ‘who was a fantastic mentor, I have to say’ and went through the ASIS International security management qualifications. “I learned a massive amount about the industry and people who were in it and about my limitations and their limitations.” Whether the ASIS CPP or something else, general or specialist, it give tools to do the job and then backs it up with an academic qualification: “It worked for me. I am a strong believer in accredited learning and academic development.”

Bluntly, he said he’s not interested in criminology – what motivates the criminals to do it. (Bucks New does offer criminology, but it’s quite separate.) Rather, he’s interested in protection; absorbing impact; responding and recovery; and sensible risk analysis and management. While universities (and training companies) offer different courses, they (like everyone else) have grabbed, or had to adapt to, the changes in technology. If you are working on a contract in Afghanistan, or on a cargo ship in the Indian Ocean, between shifts you have time on your hands. Why not study? Once, distance learning meant by correspondence; the uni posted the question and the reading material; you wrote your essay, and posted it. Come computers, the reading material could be on a disc. Now thanks to Voice over Internet Protocol, a tutor can hold a seminar with a student in a room, and other students can take part in Kabul. Granted, outside Kabul you cannot very well access the internet, or only for a set time. A student may well be having a stressful time away from home, before having a query about the new module and wanting to ask a tutor for help. As Phil said, he knows what it’s like, sitting in a room thousands of miles from the UK, needing an answer from a tutor before you can continue your studies. It can indeed be hard for that student to ask an academic for help, without feeling stupid, and Phil said tutor feed-back tries to be as quick and full as possible, rather than a one-word answer. The student at sea can have their reading materials on a CD-Rom or a USB stick, or in ‘the Cloud’ that they can download before they sail.

Phil Wood took me through the password-protected mybucks.ac.uk portal to Blackboard, the ‘virtual learning environment’. There are pdfs to read, ‘static reading’ in the jargon, and video of Phil at his desk suggesting what to study next, and a discussions board. Students have to send their essays and such work electronically. Apart from the ease and speed compared with posting papers, it allows the uni to set deadlines (no more excuses of ‘I’ve put the essay in the post!?’) and to check work for originality, whether sources are cited properly or someone cuts and pastes someone else’s work in blatant cheating.

The new bachelor’s degree in security consultancy let me ask a question that can apply to many fields: can, or how can, a university teach something such as security consultancy that some may say is a skill you learn through experience, and you either have it or you don’t. Phil replied that the BA provides an overview of the main areas of understanding expected in an effective security consultant, and project planning, and management principles. As a trusted adviser, a consultant not only needs to understand his subject, Phil suggested, but needs to understand the client he’s working for, ‘and although you can’t teach that, and you certainly can’t teach experience, you can teach people to orient their skills towards the requirements a consultant should meet. So it’s really about applied security management and advice. And like many people I do consultancy; and people want to hear sound advice; you can only have sound advice based on knowledge, and experience. Experience alone will not do it, nor will knowledge. There’s a place for both sides of that, and I would say you dismiss one or the other at your peril, really. There are very many consultants out there perhaps who probably could do more academic study – I would say that – and rely less on their experience.” He warned against falling into the ‘experience trap’. On the other hand, as Phil added, there are students (and not only in security management!?) who ask their new tutors for a book list, as if books alone have the answers. Phil said: “I am not a big believer in asking people to buy a lot of textbooks they aren’t going to use and I am not a big believer in asking people to recycle other people’s ideas.” You carry what baggage you need and want; and no other.

As Bucks New have a course that brings together security management, business continuity and emergency management, as you might expect Phil Wood likes the umbrella word ‘resilience’. “There are far too many stovepipes,” he said. He practices what he preaches as he co-ordinates the university’s security and continuity and reports to the board. Any security manager of a campus will nod at the issues at Bucks New; it’s an open site, separated only by a road and a pedestrian underpass from High Wycombe town centre. Neighbours are a hospital, shopping centre, pubs and bars; motorways are nearby. Staff may be travelling worldwide; equally, students may come from overseas, whose needs have to be looked after. Bucks New has the same risks and potential crimes of any campus, and has to give continuity of education to students. How then to control access? What of ‘Argus issues’ as Phil termed it, meaning the Project Argus counter-terror awareness training run by police. How do you communicate security matters across a campus in an emergency, whether students live in rented rooms in the town or the uni’s accommodation – in an era when students do not look at official posters on walls (if they ever did) but do read SMS messages and social media on the phones. So while heading the academic department and ‘doing’ security might each be full-time jobs (and he’s also head of faculty enterprise and security), as Phil said, to teach the theory and do the work are complementary, ‘and I have a good team working for me on the delivery side of things’.

To run through

As Phil Wood remarked, the market in security management courses has established universities and training companies; the Bucks New department of security and resilience has been going since 2009. To run through what Bucks New offers: the Business Continuity Institute (BCI) diploma in business continuity management; a degree in protective security management, aimed at close protection people; a BA in security consultancy; and a masters in business continuity, security and emergency management. For that you would normally have to have a first degree, but Bucks New add that they will consider experience in lieu of qualifications.

If you are starting

If you are starting the MSc in Business Continuity, Security and Emergency Management, your course leader is Gavin Butler and you meet on Wednesday, April 3 at 10am at the High Wycombe campus for induction.

Workshops then run on Thursdays and Fridays – April 4 and 5; May 30 and 31; and July 4 and 5. Coursework will be due via e-submission on August 16; and the e-Based examination will run remotely via Blackboard on the weekend of September 14 and 15. The next module is similar over the six months after; then you send your dissertation project proposals; and you have about six months to write your dissertation.

Related News

  • Interviews

    Can you guess?

    by Mark Rowe

    Passwords are as predictable as ever. Password1 was found to be the most commonly used password in a study by an IT…

  • Interviews

    Cautions reviewed

    by Mark Rowe

    The Coalition Government is to review official use of cautions. The aim according to the Ministry of Justice: stopping serious and repeat…

  • Interviews

    Securing unattended automation

    by Mark Rowe

    Brandon Traffanstedt, Senior Director, Global Technology Office at CyberArk, writes of the challenges to embracing unattended bots. Robotic Process Automation (RPA) was…

Newsletter

Subscribe to our weekly newsletter to stay on top of security news and events.

© 2024 Professional Security Magazine. All rights reserved.

Website by MSEC Marketing