Bridget Kenyon (CISSP) is Head of Information Security for University College London. Her experience in information security started in 2000 with a role in network vulnerabilities at DERA, following which she has been a Qualified Security Assessor against PCI DSS, Information Security Officer for Warwick University, and has held a variety of roles in consultancy and academia. Bridget has been involved with ISO/IEC 27001 and its fellows since 2006, when she first joined BSI Panel 1, coordinating development of information security management system standards. She is editor for ISO/IEC 27013, and chairs BSI Panel 1. She also chairs the NHS-HE Forum IG Working Group, which provides HE input into the Information Governance Toolkit, and has co-authored three textbooks on information security. Bridget strongly believes that “information security is fundamental to reliable business operations, not a nice-to-have”.