IAUK - The Government's Information Assurance Exchange

Andrew Bull

Head of Infrastructure & IT Security Strategy & Architecture, H.M. Revenue and Customs

Andrew joined HM Revenue and Customs in 2005 soon after the merger of the Inland Revenue and HM Customs & Excise. Having rapidly established a clear vision for Infrastructure Services in the newly merged organisation, substantial investment was secured from the departments transformation programme to move to a more agile, cost effective and utility like infrastructure. This programme is rationalising and improving the Data Centre estate and transforming the working environment through the introduction of IP Telephony and collaborative working capabilities. In 2006 Andrew formed the cross Government Public Sector Infrastructure Team – a customer side network of individuals with a professional interest in the development of Public Sector Infrastructure.

John Suffolk

Her Majesty’s Government Chief Information Officer, Transformational Government, Cabinet Office

John was appointed Her Majesty’s Government Chief Information Office on the 5th June 2006. Prior to this he was the Director General of Criminal Justice IT (CJIT) from February 2004.

Roger Styles

Deputy Director, Central Sponsor for Information Assurance, Cabinet Office

Roger Styles is the Central Sponsor for Information Assurance (CSIA) and has been a member of staff of the Cabinet Office since January 2006. He is also the Programme Director of the IA Technical Programme. Roger completed a 5 year engagement with GCHQ in Cheltenham, having been heavily involved with their New Accommodation Programme and subsequently set up the operational phase of their PFI services contract. This work built upon a long period in HM Forces and in particular within the Ministry of Defence in leading the delivery of operational capability through the Army’s equipment programme. Roger lives near Tenterden in Kent.

Facilitators/Panelists

Kevin Murphy, Head of IT Security, Department for Work and Pensions
Richard Earland, Chief Information Officer, National Policing Improvement Agency

David Smith

Deputy Comissioner Information Commissioner’s Office

David Smith is the Deputy Commissioner with responsibility for the Data Protection supervisory functions of the Information Commissioner’s Office based in Wilmslow, Cheshire. As well as providing Data Protection leadership across the Information Commissioner’s Office, David has direct responsibility for oversight of its Data Protection Practice and Development Divisions, its Regulatory Action Division, and the Scotland Office based in Edinburgh. He is a member of both the Commissioner’s Management Board and of the Executive Team.

Sarah Garrett

Senior Manager, Information Security, Policy & Comms, Nationwide

Sarah is the Senior Manager, Policy and Communications in Nationwide’s Information Security Department. She has held this position since October 2007 following her role in managing the Society’s Information Security Improvement Programme. Prior to this she worked as a Project Manager, managing various activities across the Society, largely in the Banking and Savings world. She spent a year on an external secondment to the Building Societies Association working as Policy Advisor looking after Fraud, Financial Crime and the Banking Code across the Building Society sector. Before joining Nationwide, Sarah worked for the John Lewis Partnership in a variety of training and management roles.

Steve Nowell

Director Business Protection, Nationwide

Steve is Director for Business Protection within Nationwide with responsibility for the Special Investigations, Information Security and Business Continuity departments. Steve's main goal is to assess, control and manage the fraud, IS and BC risks that threaten the ongoing survival of the business and protect both Nationwide and their customers' assets.

Facilitators/Panelists

Lord Toby Harris, House of Lords

David Stemp

Head of Security & Assurance Services, Department of Health

David has been in this post since 2004, and in the Department of Health (DH) since 2002. Before that he worked in the Department for Education & Skills and the DSS / DHSS as was. David is an Internal Auditor by profession.David is directly responsible, with a colleague, for Information Assurance in the Department including the implementation of the requirements of the Data Handling Review. His team are also responsible for the continuing compliance of DH with ISO 27001.

Mike Payne FCMI

Director of Architecture, Strategy and Compliance & CTO, Ministry of Justice

Mike is an IT professional of over 20 years working in commercial as well as the public sector. Mike leads the Strategy, Architecture and Compliance branch responsible for delivering the MoJ wide ISO27001 programme and Cabinet Office/Hannigan deliverables. The team deal with IA Policy, Strategy and Operations across a complex IT landscape providing services to HMG, citizens and suppliers.

Peter Davies

Technical Director, Thales

Peter Davies is Thales' leading UK expert on Cryptography and provides cryptography and information security direction and expertise for the company and our clients. Mr. Davies has worked on projects involving the development and certification of flexible security solutions for government and commerce, supporting the security of both communications and infomatics in an international multi-grade environment and advising both commercial and government agencies on strategies and concerns for the protection of shared environments. He has also written papers covering the paradigm shift in security models that must accompany more connected, less controlled environments. Mr. Davies now specialises in solving evolutionary interoperability requirements. He is a graduate of the University of Wales.

Simon Jones

Director of Business Systems & CIO, Department for International Development

Started career as research scientist doing mathematical modelling, moving into IT management. Joined CAB International as Director of Information Technology in 1994. Moved to Dialog in 1999 to rebuild CD-ROM technology team after relocation to the UK. Became Head of Technology UK after Dialog acquired by Thomson, responsible for three product lines. Joined DFID in 2004 as Head of Information Systems, became CIO in 2006. Recently taken new position as Director of Business Systems, including CIO and SIRO roles, covering Information Systems, Knowledge and Information Management, Capital Portfolio Management, and the Centre of Excellence for Project and Programme Management.

Chris Haynes

Director of EDT (Electroic Delivery Team), Cabinet Office

Chris has a long track record in both public and private sectors with Local Authorities such as Sheffield, Bolton, Blackburn and Knowsley, in Central Government with DETR, DTLR, the Office of the Deputy Prime Minister and with the Cabinet Office. He has also worked in the private sector with Land Rover, Rank Hovis and CSL. Chris is currently working, as a senior civil servant, for the Cabinet Office’s Delivery and Transformation Group as the Director of EDT.

Dave Pope

Chief Information Security Officer & Head of Accreditation DVLA

Dave is currently the Head of Information Security at DVLA and is also the Network Accreditor. He has the responsibility for the security of one of the UK’s biggest online organisations, and ensuring compliance with the recent Cabinet Office data handling guidelines. Previously Dave was the Corporate Risk Manager at DVLA and won the award given by ALARM as UK Risk Manager of the year.

David Thomas

Information Officer and Director of Technology, The National Archives

David is responsible for ICTD, Digital Preservation, Information Strategy, IT Strategy and Knowledge Management. David has spent his career with The National Archives. He is responsible for delivering Information Technology strategy and services, for ensuring the successful operation of the Knowledge Council, for the development of Information and Knowledge Management strategies and for leading digital preservation. He is leading the major cross-government project to develop a shared service for digital preservation.

Mark Hughes

BT Group Security Director, BT

Mark is the Director, BT Group Security, a position he assumed in October 2005. He is responsible to the Board for all aspects of day to day security and continuity in BT.
This involves ensuring that BT has the right policies and procedures to keep BT’s assets –whether physical, logical or information - secure from attack; to counter fraud and also to minimise disruption in the event of an incident. This includes BT's civil resilience obligations.

Mark O'Neil

CIO, DCMS

Mark O’Neil is currently CIO for the Department for Culture, Media and Sport. Mark has worked on a large number of major IS and information assurance programmes and has helped to shape domestic and European IA policy. He is currently working on a major project around secure collaborative working and is working with a range of partners on opportunities around innovation and entrepreneurship.

Prof. Brian Collins

Chief Scientist Adviser, Department for Transport and Business, Enterprise and Regulatory Reform

Chief Scientific Adviser Dept for Transport and at Business Enterprise and Regulatory Reform.

Professor Brian Collins became the Departmental Chief Scientific Adviser at DfT in October 2006 and at BERR in May 2008. He is also Professor of Information Systems at the Defence College of Management and Technology (DCMT), Cranfield University. His role as a DCSA is to ensure that the department’s technological activities are well directed and that where appropriate policy is based on good science and engineering. He advises CSIA and IPS on Security and Technology matters. He was Chief Scientist and Technical Director at GCHQ and Deputy Director at RSRE. He is a Fellow of IET, BCS, IOP and RSA.

Facilitators/Panelists

Lizzie Coles-Kemp, Lecturer, Information Security Group, Royal Holloway
Chris Ensor, Head of Profession for IA, CESG
Gerry O'Neill, CEO, Institute of Information Security Professionals (IISP)

Debi Ashenden

Senior Research Fellow, Cranfield University, Defence Academy of the UK

Debi is a Senior Research Fellow at Cranfield University within the Defence Academy of the UK. Prior to taking up this post she was Managing Consultant at QinetiQ. Specialising in information security in general, and risk assessment in particular, other specific areas of research include building trust for information sharing, and governance processes for information security. Her most recent research examines the communication of information security requirements from a socio-organisational perspective. Debi has worked extensively across defence, government and the finance sector.

Prof. Angela Sasse

University College London

M. Angela Sasse is the Professor of Human-Centred Technology at University College London. She has been researching human aspects of security, identity, privacy and trust for over a decade. She currently chairs the Cybersecurity KTN Human Vulnerabilities SIG.

Facilitators/Panelists

Prof. Angela Sasse, University College London
Robert Coles, Global Chief Information Security Officer, Merrill Lynch
Duncan Hine, Executive Director of Integrity and Passport Service

Scott Totzke

Vice President of the Global Security Group At Research In Motion

Responsible for ensuring that RIM continues to provide products and services that meet the strict security requirements demanded by government and other security conscious organizations. Prior to joining RIM in 2001, Scott held senior consulting positions with EDS specializing in network security/architecture and database design. Scott also spent more than 10 years in corporate IT positions ranging from system development to network architect. Scott is a graduate of Conestoga College.

Facilitators/Panelists

Dr Ian Levy, Technical Director, CESG

Dr. Ian Levy is a Technical Director with a wide remit and range of responsibilities at CESG, the National Technical Authority for Information Assurance and part of GCHQ.

Colin Williams

Director, SBL and Chair, IACG

Shortly after joining SBL in 1994, Colin initiated and led the creation of the specialist IT Security Group within SBL. Following a management buyout in 1999, Colin has served as an Executive Director of SBL. Currently, Colin is responsible for the SBL public sector business development strategy and is the SBL Board Contact for Defence and Central Government. Colin is the Chair of the IACG (Information Assurance Collaboration Group).

James Nunn-Price

Director of Security & Privacy for Public Sector, Deloitte

James is responsible for Deloitte’s information security consulting services to UK Government and has been involved in a number of high profile complex assignments for clients including HM Revenue & Customs, Home Office, Department for Children, Schools and Families, Ministry of Justice and Cabinet Office.

Paul Vlissidis

Technical Director, NCC Group

With over 20 years experience in IT, Paul is a recognised expert on all aspects of IT and Internet security. He heads technical research and new product development for the Ethical Security Testing division of NCC Group – the leading independent provider of IT security consultancy and testing services. He previously held senior IT security roles within the nuclear industry.

Ian Robertson

Managing Consultant, Security Architect, IBM

Ian is a managing consultant in the IBM Security and Privacy Practice specialising in security strategy and high level security architecture for the financial services and public sectors. He has worked on major systems integration projects at IBM and has led security assessment and architecture teams. Ian has specialist knowledge of security policy and compliance (including COSO and CoBIT), identity management, strong authentication (including biometrics) role based access control and Public Key Infrastructure (PKI).

Dr Richard Mapleston

CBI & Shell

Richard is an IT Strategy Consultant with a long interest in the application of internet technology, and in particular the use of Digital Signatures. Richard has been an active member of CBI’s eBusiness working group and presented at events on identity and document security. Also with BERR and UK Oil & Gas (formerly UKOA) to promote common document security practices. Richard holds a PhD in Biochemistry and a Masters in Operational Research. His career has spanned OR and IT in government, retail banking and the oil industry. He is a Fellow of the Operational Research Society.

Roger Styles

Deputy Director, Central Sponsor for Information Assurance, Cabinet Office

Roger Styles is the Central Sponsor for Information Assurance (CSIA) and has been a member of staff of the Cabinet Office since January 2006. He is also the Programme Director of the IA Technical Programme. Roger completed a 5 year engagement with GCHQ in Cheltenham, having been heavily involved with their New Accommodation Programme and subsequently set up the operational phase of their PFI services contract. This work built upon a long period in HM Forces and in particular within the Ministry of Defence in leading the delivery of operational capability through the Army’s equipment programme.

Facilitators/Panelists

John Cridland, Deputy Director General, CBI

Adrian Asher

Global Head of Information Security, Betfair Ltd

Adrian Asher is an Information Security professional whom has been working in this field for just shy of ten years. His current role sees him responsible for Information Security globally at the worlds leading online Betting exchange, Betfair. Information Security at Betfair is integral to everything they do. Considering an average month for Betfair would involve over 400 million trades this is no small task. It makes them over thirty times bigger than the number of trades the London Stock Exchange performs in a month!

Colin Williams

Director, SBL and Chair, IACG

Shortly after joining SBL in 1994, Colin initiated and led the creation of the specialist IT Security Group within SBL. Following a management buyout in 1999, Colin has served as an Executive Director of SBL. Currently, Colin is responsible for the SBL public sector business development strategy and is the SBL Board Contact for Defence and Central Government. Colin is the Chair of the IACG (Information Assurance Collaboration Group).

Dr Paul Dorey

Vice President Digital Security and Chief Information Security Officer, BP

Paul has responsibility for IT Security and Information and Records Management Standards & Services globally across BP, including the digital security of process control systems. He has 20 years management experience in information security and established one of the first dedicated operational risk management functions in Europe. Prior to BP, he set up strategy, security and risk management functions at Morgan Grenfell and Barclays Bank. Paul has consulted to numerous governments, was a founder of the Jericho Forum, is the Chairman of the Institute of Information Security Professionals (IISP) and currently sits on the Permanent Stakeholders Group of the European Network Information Security Agency (ENISA).

Stephen Bonner

Head of Information List Management, Barclays

Colin Williams

Director, SBL and Chair, IACG

Shortly after joining SBL in 1994, Colin initiated and led the creation of the specialist IT Security Group within SBL. Following a management buyout in 1999, Colin has served as an Executive Director of SBL. Currently, Colin is responsible for the SBL public sector business development strategy and is the SBL Board Contact for Defence and Central Government. Colin is the Chair of the IACG (Information Assurance Collaboration Group).

Dr Robert L Nowill

Dr Robert Nowill (Bob) is the Director of Information and Network Security at BT and is the leader of BT’s End-to-End Security Professional Community. Before joining BT in 2005, Bob was the Director of Technology & Engineering and Board Member at the UK’s Government Communications Headquarters (GCHQ). His career has also included periods with MoD (Defence Procurement Agency and Research Agencies), in The Netherlands with The SHAPE Technical Centre, and research at Cambridge University Engineering Department. Bob is married to Joanna, a Psychologist, with three adult children and a rescue-Greyhound Bob is a Chartered Engineer and Chartered IT Professional, a Fellow of the IET and the BCS, and a Member of the Institute of Information Security Professionals (IISP)

Gavin Kenny

Head of Security Practice, Logica

Gavin started his career working with the Ministry of Defence within the Procurement Executive. Gavin joined Logica and worked in their Space Division on security aspects of both military and commercial systems, working on a range of projects in commercial and delivery roles. He was appointed as Head of the Logica’s Security Practice in 2005 and has driven their focus on excellence and growth to this day. Gavin’s expertise is known internationally and he has presented at several international conferences and is currently deputy chair of the security working group for an international standards body for security.

Tony Mather

CIO, FCO

Tony is the Chief Information Officer for the Foreign and Commonwealth Office, the department in the British Government representing Britain's interests overseas. He sits on the Main Board and is the Board champion for Gender Diversity. Prior to joining the Foreign and Commonwealth Office, Tony has spent over 20 years working in a number of IT roles in the private sector. He has worked in different industries including Insurance (Friends Provident), Transportation (British Airways), FMCG (Pepsi) and Retail (Safeway Stores plc). Most recently Tony was responsible for all globally delivered services for The BOC group, an industrial gases company.

Facilitators/Panelists

Michael Greatwich Director, Markets & Suppliers, Office of Government Commerce

Bill Egerton

Defence Strategy and Solutions LLP, Strategy Support to IATP and CSIA

Bill joined DS&S as an Associate Partner in 2004. He started his career in the FCO (Foreign and Commonwealth Office) and has over ten years’ consultancy experience working in three of the UK’s largest firms. He has led a number of major assignments dealing with national security, information assurance, complex organisational change and the introduction of new technologies. Bill became a partner of DS&S at the beginning of 2008 and leads the National Security and Resilience practice.

Jacqui Chard

Head of Products and Services, CSIA

Phil Hill

Programme Manager, IATP

Facilitators/Panelists

Col John Doody (retired) Strategic Advisor to Ultra Electronics Ltd, representing the Crypto Developers' Forum (CDF) 
John Cook, Info Advisor, MoD
Phil Baker, Deputy Director for Relationship Management, CESG

Debi Ashenden

Senior Research Fellow, Cranfield University, Defence Academy of the UK

Debi is a Senior Research Fellow at Cranfield University within the Defence Academy of the UK. Prior to taking up this post she was Managing Consultant at QinetiQ. Specialising in information security in general, and risk assessment in particular, other specific areas of research include building trust for information sharing, and governance processes for information security. Her most recent research examines the communication of information security requirements from a socio-organisational perspective. Debi has worked extensively across defence, government and the finance sector. Debi has had a number of articles on information security published, presented at a range of conferences and has co-authored a book for Butterworth Heinemann ‘Risk Management for Computer Security: Protecting Your Network & Information Assets’.

Dr Hazel Lacohée

Principal Researcher, Qualitative Research, ICT Futures Centre, BT Group Chief Technology Office

Dr Hazel Lacohée joined British Telecom (UK) in 1998 and is a Principal Researcher undertaking qualitative social research for the ICT Futures Centre, BT Chief Technology Office. She is responsible for investigation of the commercial, socio-economic and customer impact of ICT applications and systems and providing thought leadership on the social and market implications of communications technology. She is currently focused on issues concerning privacy, security, trust, data collection and public surveillance and is lead author of the Trustguide report.

Alan Green

Ex-Business Change Manager , GCHQ

Alan retired in 2006 from GCHQ where he held a variety of senior roles concerned with organisational development and change delivery, building on earlier roles in Information Systems, Engineering and Human Resources. As an independent consultant, Alan has worked as a ‘Critical Friend’ with the RAF and with the CSIA on the NIAS, and is a Visiting Fellow at Cranfield University DCMT. He is accredited with the OGC as a Gateway Review Team Leader for High Risk projects and programmes.

Debi Ashenden

Senior Research Fellow, Cranfield University, Defence Academy of the UK

Debi is a Senior Research Fellow at Cranfield University within the Defence Academy of the UK. Prior to taking up this post she was Managing Consultant at QinetiQ. Specialising in information security in general, and risk assessment in particular, other specific areas of research include building trust for information sharing, and governance processes for information security. Her most recent research examines the communication of information security requirements from a socio-organisational perspective. Debi has worked extensively across defence, government and the finance sector.

Facilitators/Panelists

Nigel Jones, Diretor, Cyber-Security KTN
Dr David King , ISSA-UK and Chair of the Information Security Awareness Forum
James Humphreys, Director, Woodnewton Associates

Andy Clark

Andrew is an experienced consultant with particular expertise in Information Forensics, Cryptography, I.T Security, Systems Engineering and Security Evaluation. He has acted as an expert witness in these areas since February 1996. He is a Chartered Engineer, a fellow of The Institution of Electrical Engineers (F.I.E.E.), a Chartered IT professional and a Fellow of the British Computer Society (F.B.C.S.).

Dick Schaeffer

Assurance Director, National Security Agency

Dick Schaeffer is the Information Assurance Director at the National Security Agency (NSA). The Information Assurance Directorate (IAD) is responsible for the availability of products, services, technology and standards for protecting and defending the nation’s critical information systems from adversaries in cyber space. Prior to leading the IA Mission at NSA, Mr. Schaeffer was Chief of the National Security Operations Center (NSOC).

Joel Bagnal

Executive Vice-President, Detica

Previous to his recent appointment at Detica Joel Bagnal was the Deputy Assistant to President George W. Bush for Homeland Security. Joel chaired the Homeland Security Council Deputies Committee and co-chaired the Counterterrorism Security Group. His developed national policy in the areas of cyber security, incident management, border security, transportation security, information sharing, identity management, and preparedness.

Paul Gray

Director of Change and Corporate Services, Scottish Government

Paul Gray is the Scottish Government’s Director of Change and Corporate Services, with responsibility for senior staff development and deployment; human resources; information systems and services; accommodation and estates services; corporate learning; employee engagement; and the Scottish Government’s business improvement and change programmes Previously, he was Director of Primary and Community Care – having joined Health in October 2005.

Rt Hon. Alun, Michael

The Rt Hon Alun Michael is a former Cabinet Minister. He led UK delegation to WSIS (Tunis 2005).  He has a keen interest in Internet governance and crime reduction. He was a participant at the 2007 US Congressional Internet Caucus. Currently he chairs EURIM’s e-Crime Working Group and the UK Internet Governance Forum.