Secretary, Digital Government Security Forum (DGSF)
John Thornton is the Secretary to the Digital Government Security Forum (DGSF). He is also the Lead Researcher and Author of the latest DGSF report entitled the Future of Information Security. The aim of the DGSF is to raise awareness of information security issues and to help spread good practice. It is helping to bring together senior individuals from local government, police, fire & rescue and central government to share concerns, advice and expertise. The DGSF is an independent, not-for-profit Forum that is not endorsed or funded by the UK Government.
John is an Independent Adviser and Writer on business transformation and innovation. He is also an Executive Director of e-essential Resources, which provides advice, consultancy and support to public and private sector bodies. He has over 30 years’ of experience leading and working on technology-related programmes and projects, in both the public and private sectors, including key roles as the Local Government e-envoy and Director of e-Government for the Improvement and Development Agency (IDeA), the Technology and e-Government Adviser to the Local Government Association and Managing Director of the Institute of Public Finance (IPF). John is an Accountant by training, holds an MBA and is a Fellow of the Institute of Directors. He is a former Regional President of CIPFA, a member of the AAT Council and has been involved in numerous high profile working groups.
Detective Chief Inspector Vanessa Smith
Yorkshire and Humber Regional Cyber Crime Unit
DCI Vanessa Smith is head of the Yorkshire and Humber Regional Cyber Crime Unit. She has served in West Yorkshire Police for 22 years, developing the force’s first cybercrime unit and cyber response strategy. During her career, she has also investigated historical child sex abuse allegations, managed Registered Sex Offenders and managed teams tackling serious organised crime.
Product Manager – Technology and Data, NHS Improvement
Marc has a B.S from the American University of Beirut and an M.Sc. from the University of Geneva. After a career between private and public sectors in Switzerland, he pursued professional development at the INSEAD in Paris, Harvard University, University of Cambridge, University of Oxford and more recently at the International House – London.
His professional experience in Project Management goes back to 1998 in Lausanne, Switzerland and extends to his current role at the National Health Service. Marc is a PMP since 2012, proudly with the credential valid through 2021. He is equally Certified Project Director, Six Sigma Black Belt Professional, Projects In Controlled Environments (PRINCE2) – Practitioner, Professional Scrum Master, Information Technology Infrastructure Library (ITIL) and Microsoft Certified IT Professional – Enterprise.
Marc has moved through various roles with ownership and responsibilities of all sorts of IT projects of significant budgets. He has led on Change Management, Risk Management, and various other important projects using PMI, Prince2 and Agile Scrum methodologies. In 2013, Marc joined the United Nations in Geneva and in 2015, he teamed up with Agilisys Digital then Smart Focus and the Cystic Fibrosis Trust in London before settling recently in the role of Product Manager – Development at the NHS Improvement London. In this role, Marc provides cross-team leadership with a balanced mix of technical, leadership and project and product management skills.
For Marc, on every project, your best friend should be ‘the customer’, and your worst enemy ‘scope creep’.
Head of Information Governance, South London and Maudsley NHS Foundation Trust
Dr Murat Soncul completed clinical training in dentistry and worked as an oral surgeon before completing his PhD in 2002 at University College London researching the reliability of healthcare technology to support oral and maxillofacial surgical planning. He joined South London and Maudsley NHS Foundation Trust in 2003 to co-ordinate the e-Health Programme. He currently works as the Head of Information Governance in the same Trust and is a member and alternate vice Chair of the Confidentiality Advisory Group at the Health Research Authority. In the past, he served as the Company Secretary and the Chair of the Board of Trustees at the Metro Centre, which is a London-based charity that promotes the health and well-being of all people experiencing issues related to sexuality, identity or gender. Murat’s professional interests include innovative uses of information technology to improve healthcare service delivery and patient experience, fair and lawful use of patient information, privacy and confidentiality, capacity and consent, cyber security and risk management.
Deputy Chief Information Security Officer, Transport for London
Transport for London is a dynamic and challenging retail and transportation organisation with annual revenue of £4Bn. In Richard’s current position, his first step was to risk assess the current state of information security at TfL. From that risk assessment he then developed and led the implementation of an effective tactical and strategic cyber response programme to ensure cyber security resilience. Richard has been with TfL since 2004, during which has had responsibility for providing security assurance against some of the most significant risks TfL faced. He is advocator in the harnessing of social media and big data analytics. He has served as a Director for The Security Institute and featured within the IFSEC Global Top 40 of influencers in security 2014 and 2015.
Head of IT Security, IT Audit and Compliance, London School of Hygiene and Tropical Medicine
Marion Rosenberg is the Head of IT Security, IT Audit and Compliance at the London School of Hygiene and Tropical Medicine.
As part of her responsibilities, she has been involved in the successful process to achieve IG Toolkit approval from NHS Digital for the School. She is responsible for information security policies and incident response and everything in between.
Marion started work as a systems programmer involved in low-level network development, moved into systems management before moving back into networks, albeit in an operational role. With an interest in security throughout her career, Marion made the formal move into information security almost 18 years ago when it became recognised in universities as an area in its own right.
Since then, she has achieved an M.Sc. in Information Security, a Graduate Diploma in Law and an LLM in Computer and Communications Law. Her dissertation on electronic identities was published in the Computer and Telecommunications Law Review. She has worked in several HE institutions finding them both challenging and rewarding.
Head of CivTech ® at the Scottish Government
Alexander has worked in the Digital Directorate of the Scottish Government for the past three years. His current role is as architect and Head of CivTech® – a ground-breaking programme whose mission is to drive daring, ingenuity and innovation within the public sector, delivering better public services, and providing economic development opportunities. Previous roles included running number of government tech procurements. Before moving back up to Edinburgh he spent eight years in London, six of which were spent growing his own digital creative agency delivering ‘super shiny’ web apps for Google, PayPal, Sony Ericsson, McDonald’s, Adobe and other leading brands. He is massively passionate about the benefits of digital transformation in the public sector which leads to better value services that make our lives better.
Information Governance Manager, London Borough of Redbridge
Lesley Holmes is a Senior Information Manager/ Consultant with vast experience and a sustained record of success of delivering front line services in the Public sector. She has an extensive background in diverse service organisations and is a pragmatic leader and trusted team player who creates robust strategies to translate vision into reality.
Improvement Programme Manager, Her Majesty's Inspectorate of Constabulary
Joan Ogbebor is an Improvement Programme Manager with Her Majesty’s Inspectorate of Constabulary (HMIC) with over 20 years’ experience in the public and private sectors. Joan has been in HMIC since 2010 where she has utilised her policy delivery, programme, project and business and programme planning expertise including her detailed knowledge of the complex, dynamic and challenging policing landscape to help drive the strategic and operational performance of police forces across England and Wales.
Joan has degrees in law (LL.B), Management Studies (PGDip) and Education (B.Ed) with several leadership and professional training and certification.
Joan has a passionate interest in ICT, data science and digital innovation.
Assurance and Information Management Consultant, National Archives
As part of the Information Management Department at The National Archives; Martin Fletcher has provided Cyber Security training to 2,700 staff from over 150 organisations across the public sector. In this role, he has also developed an Information Security ‘train the trainer’ course which is now used by organisations including The Scottish Government, HMRC and Ministry of Justice. He is also responsible for the Archives’ well established programme of Management Board briefings. Martin believes that the core to ensuring a secure culture is to engage the senior management and encourage them to see cyber security as being more than just an “IT problem.”
Head of IS Assurance, HM Land Registry
As Land Registry’s Head of IS Assurance Neil is responsible for maintaining its status as a member of the Critical National Infrastructure – underpinning property ownership worth over £4 trillion across England and Wales including over £1 trillion of mortgages. Trained originally at BT as a Communications Engineer he has a unique 30 year background in a diverse range of technology fields. During an overseas role in the Caribbean, he helped the Cayman Islands Monetary Authority through the Y2K period co-ordinating the health of over 8000 financial institutions from 26 countries while introducing the concept of electronic filings using the internet into the newly formed agency. For the past 12 years he has helped HM Land Registry more recently embrace government’s refreshed ICT strategy, delivering on the Digital Agenda. Taking the role of security from the stereotyped blocker to the true position of enabler of change.
Cyber Industry Deputy Head, Ministry of Defence
Daniel initially trained as a Librarian and worked in university and media libraries before joining the Ministry of Defence (MOD); roles managing MOD web services followed before moving in 2008 into the field of Information Assurance, jointly leading the MOD’s response to the Burton Report and Data Handling Review and developing a focus on incident management, industry engagement and information security policy. Two years spent working as the Chief of Staff to the MOD Chief Information Officer followed before he moved to his current role leading the MOD input to the Defence Cyber Protection Partnership – a Government / Industry initiative to improve the protection of the defence sector from the cyber threat.
Dr. Claudia Natanson
Chief Security Officer, Department for Work and Pensions
Dr Claudia Natanson is currently the CSO for the Department for Works and Pensions (DWP) responsible for its people, and information. In her role she sets the policies, standards and procedures required to support the new technological roadmap, and business stakeholders who service the Departments over 22 million customers. Prior to joining DWP Claudia has held posts with British Telecommunications as Head of Secure Business Services, and Chief Information Security Officer for Diageo. She holds a M.Sc. in Computer Science and Ph.D. in Computers and Education from the University of Birmingham. Claudia is a senior cyber and information security expert evaluator for the European Commission, a certified CISSP (Certified Information Security Professional), ISO/IEC 27001 Lead Auditor and Fellow of the British Computing Society.
Network Analyst, Cabinet Office
Mohamed is a Network Analyst at the Government Digital Service (GDS) and is part of the internal Network team. He is the lead engineer responsible for maintaining and managing security appliances and the GDS wireless Network. Mohamed has been instrumental in delivering a robust, fast and secure wireless network, meeting the growing demands of an organisation where the majority of users are tech savvy and Internet hungry. Mohamed has contributed to the implementation of security principles such as the wall gardened approach when building the GDS network, this has helped GDS achieve PSN accreditation whilst maintaining a mobile wireless workforce.
Most recently Mohamed continues to work alongside Common Technology Services (CTS) where he has been key in providing guidance on the cross government Wi-Fi blueprint with the goal of achieving a seamless multi building Wi-Fi network. Prior to joining GDS Mohamed worked in the private sector delivering bespoke network solutions to various clients.
Information Security Manager, London Borough of Camden
Michael has been working for Camden Council for over 10 years and in IT for 14 years in various different roles.
The main focus of Michael’s work in Camden is to ensure the council complies with external bodies Code of Connections.
Michael advises the council on Data Protection, Cyber Security and best practice around Data Governance.
Over the course of the past 14 years, Michael has provided consultancy in both the public and private sector and currently acts as an Independent Advisor for Hertsmere Borough Council in the same capacity as he does for Camden.
Dr Sarah Clement
Senior Policy Officer, Information Commissioner's Office
Sarah Clement is Senior Policy Officer with the Government and Society team at the Information Commissioner’s Office (ICO). She is responsible for developing and managing the ICO’s key strategic relationships with government departments, arm’s length bodies and third sector organisations.
The main focus of her work is on promoting a sensible and secure approach to justified data sharing and ensuring information rights are considered in the development of public policy initiatives. Prior to her work in information rights in the UK, she worked in the USA and Australia for 13 years as a Policy Analyst in the private sector and a researcher in academia, recently completing her PhD in Policy and Governance.
Director for Enterprise Infrastructure and Production Operations, Department for Work & Pensions
Juan Villamil is Director of Enterprise Infrastructure and Production Operations at the Department of Work and Pensions. He joined the department in May 2015.
His goal is to deliver new, effective and stable technology that meets the needs of the 22 million UK citizens who use DWP services while ensuring that current systems continue to co-exist securely and intelligently, without loss of business continuity.
Juan has a hands-on background in application development, infrastructure design and delivery. Prior to joining DWP he worked at BT where his last role was as CTO for BT Sport with responsibility for the architecture, design and delivery of the channels technology.
Assistant Director for Cyber Security, Department for Culture, Media and Sport
Richard has spent his career in the UK’s national security community, with the last six years in cyber security. He is currently Assistant Director for Cyber Security in the UK Government’s Department for Culture, Media & Sport, where his focus is on delivering key initiatives within the UK’s Cyber Security Strategy, including the development and adoption of a range of cyber security standards, and specifically the Cyber Essentials Scheme. The aim of this activity is to bring about a step change in the UK’s ability to defend itself from cyber attacks.
Among his other achievements Richard co-architected NATO’s Infosec Framework. He was also responsible for devising and implementing the government’s cyber defence posture around the London 2012 Olympic and Paralympic Games.
Chief Information Security Officer, DVLA
Dave is the Chief Information Security Officer (CISO) for DVLA. Dave was previously their Corporate Risk Manager and has worked in many Government organisations. He is a lecturer in Enterprise Risk Management, and was awarded UK Risk Manager of the Year in 2004.
He is a Member of the Institute of Risk Managers and Member of the Chartered Institute of Internal Auditors. He also runs a sheep farm in Carmarthenshire West Wales.
Ian is the President of the Council of Registered Ethical Security Testers (CREST). CREST is a not for profit organisation. It was established to help develop professionalism within the information technology security testing community and provide a development path for individual testers. The Register is used by private sector organisations to gain a level of assurance that the security testers are competent and that the organisations they work for have appropriate processes and controls in place. The CREST qualifications have been assessed and are recognised by the UK government. The qualifications are a mandatory requirement for individuals carry out penetration testing work on government system. Ian is currently running a project to develop a set of professional network forensics qualifications with the support of the UK Centre for the Protection of National Infrastructure Industry. All the CREST qualifications have been evaluated by NBISE (National Bureau of Information Security Examiners) in the USA and a strategy for their implementation is being planned.
Ian is a Fellow of the Business Continuity Planning Institute (BCI) and was voted Business Continuity Consultant of the year in 2001 and 2003.
He is also part of the UK project team building the next land speed record car, Bloodhound SSC. The project has been designed to break the existing record and exceed 1,000 mph and provide and inspirational project to encourage youth into science maths and engineering.
Prior to this Ian was one of the founding Partners of Insight Consulting and was Managing Director of Siemens Insight Consulting.
The Earl of Erroll
Independent Crossbench Peer, House of Lords
Lord Erroll (Merlin) plays an active role in thought leadership in the ICT arena, especially around the Internet of Things, Cybersecurity, Intellectual Property, Broadband and the Internet. He worked for many years in software development, as well as serving in the Territorial Army. He chaired the Eyehub IoT Technology Strategy Board funded consortium and is currently helping with the HyperCat IoT interoperability initiative.
He is active in several Parliamentary groups, especially looking at the impact of regulation on business and the internet, and takes a particular interest in Cyber, Countryside & the Environment, the Constitution and Scottish matters. He chairs both the Digital Policy Alliance (was EURIM) and the All-Party Group on Entrepreneurship, and is a member of PICTFOR (Parliamentary ICT Forum).
He chairs the Flexeye Advisory Board and sits on several others. He was inducted into the Infosecurity Europe Hall of Fame in 2010.
Deputy Director IS, Royal Free London NHS Foundation Trust
Tosh Mondal has been acting in Senior IT Management roles in private and public organisations for over 12 years. Roles include CTO for Alliance Unichem and Reuters Healthcare as well as CTO for the National Patient Safety Agency (UK). Tosh has been instrumental in the deployment of large scale medicine management systems across 16 European countries as well the largest Healthcare safety monitoring system in the UK. Tosh is currently the Deputy Director IS (IS security and IG) at the Royal Free London and Barnet and Chase Farm Hospitals.
Head of Cyber Security and Response, Her Majesty’s Revenue & Customs (HMRC)
Ed is an innovative and highly developed security professional; fully versed in multiple disciplines across the Information Assurance arena, with extensive experience across both public and private sector organisations. Ed is widely recognised as a cyber security expert and thought leader in his field. Ed has developed and delivered tactical and strategic transformations, ensuring fundamental alignment to the organisation’s future vision. He is a firm believer that security must be driven by intelligence, not just for computer network defence, but also in truly understanding the business’ direction of travel. For security to really be the enabler it must be fully conversant with the business vision.