Postgraduate study
Edinburgh: Extraordinary futures await.

Cyber Security, Privacy and Trust PhD

Awards: PhD

Study modes: Full-time

Funding opportunities


The increasing reliance of systems and services on information technology in the public, private and third sector has significantly raised the impact of cyber attacks in the last two decades.

This PhD programme in Cyber Security, Privacy and Trust is a response to the growing need for highly specialized research and training in these topics. Cyber security and resiliency is a complex problem that requires designing and understanding underlying technologies but also how business processes, cost, usability, trust and the law play a role for effective technology deployment.

The aim of this PhD programme is to provide students with research training in specialised topics of security, privacy and trust, helping produce the next generation of world-leading experts of the field.

The PhD in Cyber Security, Privacy and Trust trains you as a researcher and allows you to develop advanced techniques and in-depth knowledge in a specialist area. You will develop an all-round knowledge of your discipline, and a broad range of transferable skills.

You will carry out independent research, resulting in an original contribution to knowledge in your chosen area, working under the guidance of your supervisors.

The prescribed period of study is 36 months if studying full-time, or between 48 and 72 months if studying part-time.

Year 1 of PhD studies is probationary. Your supervisor will identify your training needs, if any, and invite you to attend lectures relevant to your research topic. These lectures may be selected from those offered to MSc students or may be specialist courses and seminars organised by the School's various research groupings.

Towards the end of Year 1, you will be expected to submit a thesis proposal which identifies a specific research topic, reviews the relevant literature, outlines a plan of research to address the topic, and describes progress made so far.

Progress during your PhD is assessed by annual reviews, which formally determine whether you can progress with your PhD. You will be required to complete and pass a PhD annual review at the end of each year of study and thesis is expected to be submitted at the end of Year 3. Following thesis submission, you will be required to attend an oral examination (or viva) which will be conducted by an external and internal examiner.

Find out more about compulsory and optional courses

We link to the latest information available. Please note that this may be for a previous academic year and should be considered indicative.

AwardTitleDurationStudy mode
PhDCyber Security, Privacy and Trust3 YearsFull-timeProgramme structure 2024/25

Many postgraduate research students in the School of Informatics undertake at least one optional internship during their PhD, gaining important transferable skills whilst working with companies, public or third sector organisations.

The School of Informatics maintains a range of connections to potential employers in the cyber security and other sectors. Work placements or internships are considered a valuable aspect of research training as they expose students to an applied research culture, and can provide valuable contacts for future job searches.

As a research student in the School of Informatics, you will have access to a highly respected academic staff community, including staff who have won prizes for their research and who are Fellows of learned societies.

The University of Edinburgh has been recognised as a UK Academic Centre of Excellence in Cyber Security Research. This is based on the amount and quality of its research output, as well as its level of PhD training.

Within the School of Informatics, the Security, Privacy and Trust Group includes academic staff who lead research in a range of technical and socio-technical areas of cyber security. Staff also supervise PhD students on this programme.

You will carry out your research under the guidance of a primary supervisor and at least one other secondary or co-supervisor. You will be expected to attend seminars and meetings of relevant research groups and may also attend lectures that are relevant to your research topic. Periodic reviews of your progress will be conducted to assist with research planning.

A programme of transferable skills courses will be offered, which facilitates broader professional development in a wide range of topics, from writing and presentation skills to entrepreneurship and career strategies.

The award-winning Informatics Forum is an international research facility for computing and related areas. It houses more than 400 research staff and students, providing office, meeting and social spaces.

The Forum also contains several robotics labs, an instrumented multimedia room, eye-tracking and motion capture systems, and a full recording studio amongst other research facilities. Its spectacular atrium plays host to many events, from industry showcases and student hackathons to major research conferences.

Nearby teaching facilities include computer and teaching labs with more than 250 machines, 24-hour access to IT facilities for students, and comprehensive support provided by dedicated computing staff.

There are further specific facilities to support aspects of cyber security research, including an Internet of Things Lab and a Network Security Lab. The Blockchain Technology Lab is a research lab supporting investigations into distributed ledger technology.

Among our wider entrepreneurial initiatives is Informatics Ventures, set up to support globally ambitious software companies in Scotland and nurture a technology cluster to rival Boston, Pittsburgh, Kyoto and Silicon Valley.

There is high demand for security and privacy experts in industry, academia, and the public sector. Commercially, there is also a large variety of opportunities in both small and large companies.

Previous PhD graduates associated with the Security and Privacy Group have gone on to employment in industry with companies including:

  • ION Geophysical
  • Intel
  • Disney Research
  • Amazon
  • Ricoh
  • Samsung
  • NASA
  • Google
  • Microsoft
  • BBC
  • Facebook
  • 6point6
  • AimBrain
  • FiveAI
  • Deutsche Bank.

Students have also gone on to be employed within academia, at institutions, to name a few, including:

  • UCL
  • Plymouth
  • TU Delft
  • University of Oxford
  • University of Bristol
  • University of Oldenburg
  • University of Auckland
  • University of Birmingham
  • University of Surrey
  • University of Munich
  • Cambridge University
  • Queen’s University Belfast
  • Tsinghua University
  • Lancaster University

These entry requirements are for the 2024/25 academic year and requirements for future academic years may differ. Entry requirements for the 2025/26 academic year will be published on 1 Oct 2024.

A UK 2:1 honours degree, or its international equivalent, in computer science, mathematics, linguistics, or a related discipline. A Masters degree or equivalent, in information security, cyber security or a closely related discipline is recommended.

International qualifications

Check whether your international qualifications meet our general entry requirements:

English language requirements

Regardless of your nationality or country of residence, you must demonstrate a level of English language competency at a level that will enable you to succeed in your studies.

English language tests

We accept the following English language qualifications at the grades specified:

  • IELTS Academic: total 7.0 with at least 6.0 in each component. We do not accept IELTS One Skill Retake to meet our English language requirements.
  • TOEFL-iBT (including Home Edition): total 100 with at least 20 in each component. We do not accept TOEFL MyBest Score to meet our English language requirements.
  • C1 Advanced (CAE) / C2 Proficiency (CPE): total 185 with at least 169 in each component.
  • Trinity ISE: ISE III with passes in all four components.
  • PTE Academic: total 70 with at least 59 in each component.

Your English language qualification must be no more than three and a half years old from the start date of the programme you are applying to study, unless you are using IELTS, TOEFL, Trinity ISE or PTE, in which case it must be no more than two years old.

Degrees taught and assessed in English

We also accept an undergraduate or postgraduate degree that has been taught and assessed in English in a majority English speaking country, as defined by UK Visas and Immigration:

We also accept a degree that has been taught and assessed in English from a university on our list of approved universities in non-majority English speaking countries (non-MESC).

If you are not a national of a majority English speaking country, then your degree must be no more than five years old* at the beginning of your programme of study. (*Revised 05 March 2024 to extend degree validity to five years.)

Find out more about our language requirements:

Academic Technology Approval Scheme

If you are not an EU, EEA or Swiss national, you may need an Academic Technology Approval Scheme clearance certificate in order to study this programme.

AwardTitleDurationStudy mode
PhDCyber Security, Privacy and Trust3 YearsFull-timeTuition fees

Featured funding

Please note that some University and School scholarships require separate applications via the Scholarships portal.

UK government postgraduate loans

If you live in the UK, you may be able to apply for a postgraduate loan from one of the UK’s governments.

The type and amount of financial support you are eligible for will depend on:

  • your programme
  • the duration of your studies
  • your tuition fee status

Programmes studied on a part-time intermittent basis are not eligible.

Search for scholarships and funding opportunities:

  • School of Informatics Graduate School
  • Office 3.42
  • Informatics Forum
  • Central Campus
  • Edinburgh
  • EH8 9AB

Applications for 2024/25 entry are now open and can be submitted all year round.

Please submit your completed application at least three months prior to desired entry date.

If you want to be considered for School funded PhD scholarships you must apply by one of two rounds:

Round Application deadline
1 24 November 2023
2 26 February 2024 (date extended)

Please note that some University and School scholarships require separate applications via the Scholarships portal.

(Revised 25 October 2023 to update application deadlines)

(Revised 15 February 2024 to extend the round 2 application deadline)

You must submit two references with your application.

You must submit an application via the EUCLID application portal and provide the required information and documentation. This will include submission of:

  • a Curriculum Vitae (CV)
  • research proposal (2-5 pages long)
  • degree certificates and official transcripts of all completed and in-progress degrees (plus certified translations if academic documents are not issued in English)
  • two academic references

Only complete applications will progress forward to the academic selection stage.

Read through detailed guidance on how to apply for a PGR programme in the School of Informatics:

Find out more about the general application process for postgraduate programmes:

Further information

  • School of Informatics Graduate School
  • Office 3.42
  • Informatics Forum
  • Central Campus
  • Edinburgh
  • EH8 9AB