Steering Committee
The terms of reference guide for Steering Committee members is available to download here (pdf).
The current members of the Cyber Security programme Steering Committee are as follows.
Industrial members
Kenny Boyce - National Australia Group Ltd
Kenny was formerly an Information Security Manager at WM Morrisons and was responsible for the overall security function within the organization. He previously held a similar position at another large retailer.
Before moving into the retail sector Kenny has worked with a number of consultancy firms, advising clients on Information Security best practices. These clients belonged to a variety of different sectors such as defence, finance and education.
Stuart Brocklehurst - VISA
Stuart is an adviser to Visa International and Kroll Security International, a partner in Carbon Search and a director of Darwin Consulting. He was previously Senior Vice President of Digital Commerce at Visa International and before that with Barclays Bank PLC. He studied theology at St John's College Oxford and is a Fellow of the British Computer Society.
Prof. Sadie Creese - Warwick University Digital Laboratory
Prof. Sadie Creese is Director of e-Security at the new Warwick University Digital Laboratory where she is forming a new e-Security group. She previously held the position of Strategy Manager for QinetiQ Trusted Information Management division where she took responsibility for ensuring strategic alignment of the businesses offerings and research groups. She is an experienced consultant and researcher in the area of cyber security. Sadie has technically led multiple military, Technology Strategy Board, European and Industrial research programmes in this domain and is an expert reviewer on behalf on the EPSRC and an independent technical consultant in the areas of security, trust and dependability for the European Commission Future Emerging Technologies programme. Sadie has a doctorate and MSc in Computer Science from Oxford University.
Dr Paul Dorey - BP
Paul Dorey is Vice President of Digital Security and Chief Information Security Officer (CISO) for BP plc where he is the functional leader for IT Security, process system digital security, privacy and BCP globally across the corporation. He has extensive experience of risk management approaches having worked as a financial service executive as well as a consultant to several governments.
He currently sits on the Permanent Stakeholder Group of the European Network Information Security Agency (ENISA), is a founder of the Jericho Forum and is Chairman of the Institute of Information Security Professionals (IISP).
Dr Robert Ghanea-Hercock - BT
Robert Ghanea-Hercock is a Principal Research Engineer at BT Laboratories and a Chartered Member of the British Computer Society. He is an experienced researcher and lecturer in a wide range of AI systems, including Software Agents, Security Systems and Autonomous Robots. He has several years industrial experience in Intelligent Software Agents at BT. Prior to this position he was a lecturer at Salford University, teaching courses in AI, Robotics, and Knowledge Based systems.
Ed Gibson - Microsoft
Ed Gibson is the Chief Security Advisor for Microsoft Ltd, in the UK. His primary role is to serve as an advisor to Microsoft's customers, and the public, on the work Microsoft is doing to improve the security of its products. This role comes on the heels of his retirement from a 20 year career as a Supervisory Special Agent with the Federal Bureau of Investigation (FBI). During this period, Ed Gibson was a recognized expert in investigating complex, international money laundering schemes, asset identification and confiscation, and intellectual property theft. While assigned to FBI Headquarters, Washington, DC, Ed Gibson developed and managed an operational training program for all Special Agents and executive management, in money laundering and asset confiscation investigations.
From early 2000 to mid 2005, Ed Gibson was assigned to the FBI's Legal Attache office, US Embassy London, as an Assistant Legal Attaché. There, he was responsible for all FBI cyber, hi-tech, cyber-terrorism, and infrastructure investigations in the UK. His leadership resulted in the creation of a model cyber program adopted by all Legal Attache offices around the world. Mr. Gibson was a corporate lawyer for a US based multinational corporation for five years prior to the FBI. While assigned to the US Embassy, he qualified as a Solicitor in England and Wales, and completed a two?year computing program at Oxford University. He is a Member of the Board of the John Grieve Centre for Policing and Community Safety, in England.
Mike Grenham - British Airways
Mike has worked in IT for British Airways since 1983, including stints in Saudi Arabia, South Korea and Canada implementing major airline reservations, ticketing and check-in systems. He worked on the for data security of the first airline booking system taking payment over the Internet. For the last ten years Mike has worked in the Information Security area. Currently Information Security manager responsible for security governance, risk management, policies and standards as well as specific technical projects such as vulnerability management and intrusion prevention. Key also is working with IT infrastructure teams to provide a robust security architecture in line with the security strategy. Mike has spoken at security conferences and has been involved with the BCS/ISEB security certification board.
Mike Harris - Royal Mail
Mike's current role is Head of Information Security at Royal Mail Group plc., responsible for the Information Security strategy supporting Royal Mail operations through a period of radical business transformation. His greatest challenge is to support increasing requirements for accessibility through more diverse channels without compromising security. Mike is leading a programme of work in Royal Mail designed to introduce defence in depth to the network and applications applying Identity Management, Vulnerability Mitigation, IDS and IPS services. He is responsible for the ISO17799 Programme, which aims to embed compliance into all applications and certification for all enterprise applications. In 2000 Mike graduated on the Royal Holloway MSc. Programme with a thesis on Combating Cyber Crime, a paper that was to provide the business case for setting up the Royal Mail Computer Crime Unit and Computer Security Incident Response Team.
Nigel A. Jones - QinetiQ
Since joining QinetiQ in 2004, Nigel has led a team delivering a consultancy and research business in the domains of security, resilience and intelligence. He has a special interest in understanding and analysing risk environments, the use of intelligence systems to aid decision making and in the integration of human factors into security systems. Nigel's experience is derived from a military career in Information Operations and the design and delivery of education and training prior to joining QinetiQ.
Dr David King
David has most recently been Head of Group Information Security at Aviva. He has over 20 years of experience in information security. Before joining Aviva, David was the chief security architect at JPMorgan Chase. Previously he worked for Cap Gemini and ICL. He is an active member of I4 and is the current chair of its management committee. David has a PhD in applied cryptography, an MBA from London Business School, is a chartered engineer, and holds CISSP and CISM security certifications.
Paul King - CISCO
Paul is Senior Security Advisor in Cisco's Corporate Security Programs Organisation (CSPO). He advises on security matters, from specific threats to policy issues, both internally and externally and works very closely with commercial organisations especially within the financial and government sectors. In his current capacity as Senior Security Advisor he represents Cisco in various UK government departments such as the Home Office and Law Enforcements Agencies as well as European departments such as ENISA (European Network Information Security Agency). Paul is active in supporting agencies that work in Child Protection including the children's charity Childnet, the Internet Watch Foundation (IWF) and the newly formed Child Exploitation and Online Protection Centre.
Martin Sadler - HP
Martin Sadler is Director of HP Lab's Trusted Systems Laboratory. The lab, with researchers in China, France, the US and the UK, leads HP's research on trust, security and privacy; and covers research from cryptography, through hardware and systems security to compliance and public policy issues. He was a member of the advisory board for the UK Foresight's Cyber Trust and Crime Prevention project, and sits on the advisory boards of a number of computing science departments in the UK and in the US. He is on the advisory panel of Infosecurity magazine, and a member of the board of the Institute of Information Security Professionals.
Jeremy Ward - Symantec
Jeremy joined the UK Ministry of Defence in 1982, specialising in security related matters and managing major IT and telecommunications projects. In 1999, at the UK Cabinet Office, Jeremy was involved in writing 'Encryption and Law Enforcement' and 'e-commerce@its.best.uk', which set the agenda for the development of information age policies in the UK government. Jeremy then helped set up the Office of the e-Envoy; given responsibility by the Prime Minister for driving forward those policies.
Since October 2000, Jeremy has worked for Symantec. He is responsible for the development of special projects and services for Symantec in Europe, the Middle East and Africa, for promoting Symantec as an information security risk management company and for liaison with a number of bodies on information security issues. He is also ISO 27001 internal auditor for Symantec?s Security Operating Centres worldwide.
Jeremy contributes to a number of information security expert panels for organizations such as the OECD's Business and Industry Advisory Council, The ENISA working group on risk management, the ICC, CBI and BSI panel 4.
Academic Representation
Professor Michael Fairhurst - University of Kent
Michael Fairhurst is Professor and Head of the Department of Electronics at the University of Kent. He has been very active in research in image analysis and computer vision for many years, with a particular interest in computational architectures for image analysis and the implementation of high performance classification algorithms. Applications of principal interest include handwritten text recognition and document processing, medical image analysis and, especially, security and biometrics.
Michael Fairhurst has been the Chairman of many Conferences and Specialist Workshops (including Co-Chairing the most recent International Conference on Document Analysis and Recognition), and is a member of numerous Conference Organising and Programme Committees. He has been the academic representative on Technology Strategy Board International Technology Missions on biometrics to the US and Japan, and a speaker at numerous conferences on biometrics and security. He is a member of the Institution of Electrical Engineers, the British Machine Vision Association, and the International Association for Biometrics, and serves on the Editorial Board of several international Journals in the image analysis field. In 2004 he was elected as a Fellow of the International Association for Pattern Recognition for his contribution to the field of pattern recognition. He has published extensively in the scientific literature (more than 300 papers published) and has authored an undergraduate textbook on computer vision.
Professor Fred Piper - Royal Holloway, University of London
Fred Piper was appointed as a Professor of Mathematics at the University of London in 1975 and has worked in security since 1979. He is currently Director of the Information Security Group (ISG) at Royal Holloway. Royal Holloway ISG offers MSc's in Information Security and Secure Electronic Commerce and has a PhD programme that has produced over 100 doctorates. In 1985 Fred formed a consultancy company, Codes & Ciphers Ltd, and since then he has acted as a consultant to over 100 companies in the UK, Europe, Africa, Asia, Australia, Canada and the US. The consultancy work has been varied and has included algorithm design and analysis, key management and security audits of large networks. Fred has lectured worldwide on Information Security, both academically and commercially, with recent emphasis on the use of digital signatures and the role for public key infrastructures. In 2002 Fred was awarded an IMA Gold Medal for 'Services to Mathematics'. In 2002 he was also awarded the first honorary CISSP for a European. This was for 'leadership in Information Security'. In 2003 Fred received an honorary CISM for 'globally recognised leadership' and 'contribution to the Information Security Profession'.
Professor Bill Roscoe - University of Oxford
Professor Bill Roscoe is Director of Oxford University Computng Laboratory and a Professor of Computing Science. He is also a Fellow of University College, Oxford.
Dr Gary Williams - Economic and Social Research Council
Gary Williams received his Ph.D from the University of Hull for research on US foreign policy in the Caribbean. He did postdoctoral research on Privacy Protection in the Virtual Society at the University of Edinburgh. He is currently a Senior Science Manager at the Economic and Social Research Council where he is the Case Officer for international relations and security investments such as the New Security Challenges Programme. Dr. Williams is a member of the British International Studies Association Executive Committee.
Government Representation
Bryn Hughes - MOD/Dstl
One of the senior scientific staff of the MOD's Defence Science and Technical Laboratory, (Dstl), Dr Bryn Hughes has been involved with aspects of IT security for many years. He worked with the colleagues in Whitehall on the formation of a national centre (NISCC) to address concerns over protection of the Critical National Infrastructure from electronic attack. During this time he was also a member of the Foresight Crime Prevention Panel, Chaired by Lord Sharman, and chaired the S&T task force. One of the recommendations of the task force led to a dedicated research programme being launched by the EPSRC and still running, covering many aspects of crime prevention, including cyber security. He sat on the Advisory panel of the recent Cyber trust and crime prevention project run by the Office of Science and Technology.
Chris Ketley - CESG
Chris Ketley leads the Research and Technology groups within CESG, the UK National Information Assurance Technical Authority. Chris has spent most of his career in IT and communications engineering, both in the public and private sectors and, since joining CESG, has led a number of technical product and service groups and was lead author for the UK of the Common Criteria for Security Evaluation.
Steve Marsh - Strategic Advisor, Cabinet Office
Steve is Strategic Advisor on Intelligence and Security in the Cabinet Office. He was Director of the Central Sponsor for Information Assurance from its formation in October 2002 until July 2006.
Prior to this, Steve was Director of Security Policy in the Office of the e-Envoy, responsible for establishing a common framework for the security of electronic government systems. This included the ways by which individuals and business users authenticate themselves when using electronic government services.
In April 2000 Steve joined the Central IT Unit in the Cabinet Office, which merged with the Office of the e-Envoy later that year. He has over 18 years experience in security and IT within the public sector.
Tom McCutcheon - MOD/Dstl
Tom McCutcheon is currently employed by Dstl as senior strategic advisor to MOD in ICT network theory, data security and data mining. He is responsible for creating, maintaining and providing information transfer over links with strategic partners on a technical axis. These partnerships include two Defence Technology Centres, the Network Theory International Technology Alliance with the US, IST framework 7 with the EU, an information assurance bilateral under AAMOST with DSTO Australia and several links with the defence community un the USA. In addition, he is retained to review and provide insight into a range of MOD, JGS and EPSRC programmes, including 4 of the 6 Interdisciplinary research centres. He is responsible for bridging MOD with key UK universities and industry on a longer term basis. Tom was appointed an EU registered expert in 2000 and was awarded a visiting chair from Newcastle University in January 2006.
