-optimized.jpg){kind=avatar}
Here Dr Mike Blyth, Sigma7 Chief Resilience Officer, discusses the route to becoming a doctor in security risk management.
A word about Mike: he was among the speakers at the Security Institute‘s 25th anniversary conference in London in October 2025. He was a Royal Marines Commando Major. He has a doctorate in Security Risk Management from Portsmouth University’s School of Criminology and Criminal Justice. There is no defined or consistent pathway by which professionals can enter and advance in the security sector, he writes:
…. making each journey both unique and often unnecessarily challenging. Some of us are lucky enough to benefit from seasoned professionals who have nudged us in the right direction at critical points in our careers. For those even more fortunate, mentors may have invested even more time and effort in shaping our knowledge, acting as a sounding board and ultimately contributing to our long-term success. For many, however, this progression is an uncertain and painfully protracted process of trial and error.
For many, the attainment of technical and experiential knowledge or the pursuit of vocational or academic qualifications can be complex, challenging, or downright confusing. Professionals may transition from a primary career where some qualifications, knowledge, and experience might be transferable, but where they may lack a strong academic foundation. Others may come straight from academia but might struggle with technical and experience-based knowledge gaps. True success for the aspiring professional lays in understanding what knowledge is required โ and when โ in terms of its relevance and application. It is impossible to know everything at once, and even a wealth of knowledge and experience can quickly age or stagnate when not put into practice.
Vocational and academic learning are arguably of equal importance as individuals seek to expand their knowledge and conduct high-quality, evidence-based research. Academia provides a different way to gather, analyse, and present data and potentially overcome executive leadership access, influence, and credibility barriers. Practitioner and academic competency is complementary and strengthens a security professional in different but interconnected ways. For those who have a significant base of technical knowledge and decades of applied experience, a potential path to transformative change may be through a terminal degree. For small to medium-sized security and resilience business owners, a doctorate can also be a differentiator for business success, affording access to clients who might otherwise defer to larger and more established providers.
Professionals should not be misled into thinking that attaining a doctorate is the final answer for career advancement. Research suggests it rarely leads to a direct increase in pay or promotion, and ironically it can even be negatively perceived in a practice focused profession if it is not directly tied to a role. However, a doctorate can be a unique distinguishing factor in a profession where everyone is a self-proclaimed โ rather than externally validated โ expert. It can provide credibility with peers, elevate an individual to the position of intellectual equal with C-Suite executives, open doors, demonstrate the highest level of research and written competence, and provide a new way of thinking about and solving problems. What then stops individuals from pursuing a doctorate? Research boils the main barriers down to cost, bandwidth, and surprisingly a lack of understanding of what options exist.
There are several terminal degree (doctorate) pathways that can address different personal and professional goals. The enrolment criteria differ across countries, universities, and programmes. Some programmes require an MSc or MBA, while in rare instances a BSc and significant professional experience is the prerequisite. The MPhil can also be used as a stepping stone towards a PhD. All doctorates hold the same standing and require a 5,000 to 100,000 word thesis before the student undergoes the viva voce verbal defence.
Academic learning typically follows a structured pathway with formal prerequisites and durations; however, experience-based shortcuts can allow certain degrees to be bypassed to provide a direct route to an MSc, MPhil, or even a PhD. While these shortcuts save the professional time and money, the level of demonstrable experience required to bypass the standard process is often commensurate with the time and effort needed to attain these degrees. The option to substitute academic gates with experience is particularly useful for seasoned security professionals who have spent decades establishing a wealth of experience and knowledge, and who might struggle to assign the time and money needed to pursue a more traditional โ and lengthy โ academic career. Conversely, vocational learning pathways typically do not require mandated time, qualification, or experience levels. This removes most, if not all, external barriers for professionals seeking accelerated and timely knowledge and qualification advancement. It also allows more freedom of movement across tactical, operational, and strategic learning levels. The breadth and ease of access to vocational learning is also more diverse in the range of topics addressed and the sources of relevant knowledge available. For professionals seeking a terminal degree, the range of options is much more limited, with few universities offering purest security-focused programs; as opposed to a focus on cyber, criminology, or homeland security. In addition, the field of security is a new one for doctoral programmes and has yet to be considered a defined topic within US federal education databases. While research shows that between two to five per cent of cyber security professionals hold a terminal degree, there is no data on how many professionals hold a traditional security doctorate, making this pathway more niche and ill defined.
The opacity of doctoral options can present an unnecessary barrier to those who are not only capable of attaining a terminal degree, but who might also find significant value in such a pursuit. Aside from advancing the personal and professional goals of the individual, all sectors require seasoned practitioner representation to bridge the gap between academia and practice. Security professionals who attain a doctorate become rare hybrids, offering a critical blend of academic and practice-based competence combined with real-world experience. These โpracademicsโ are well placed to play a key role in grounding and guiding institutions of learning, defining and leading on real-world research needs, shaping sectoral standards and practice, providing invaluable contributions to the body-of-knowledge, helping to further professionalise the sector, and ultimately mentoring successive generations of security professionals.
