Blog
Introducing (ISC)² EMEA ISLA 2017 Finalist: Bridget Kenyon
This year marks the first ever (ISC)² EMEA Information Security Leadership Awards (ISLA), a chance for our community to recognise fellow information security and management professionals going the extra mile to enhance security across Europe, the Middle East and Africa.
Overall, we received a staggering number of impressive submissions, over 200, and these were shortlisted down to our finalists by our judges, members of the Europe, Middle East and Africa Advisory Council (EAC) . Winners will be announced at our Secure Summit UK on 12 December 2017. In the meantime, we will be sharing their stories on the blog. Here is the first instalment:
Bridget Kenyon, Head of Information Security at University College London (United Kingdom)
After graduating from the University of Birmingham with an MSci Physics with Astrophysics, Bridget has garnered over fifteen years of experience through IT and information security positions at a number organisations, including leading universities such as the University of Cambridge, University of Warwick and University of Birmingham; before taking up her current position of Head of Information Security at the University College London. It has been the work in her current position that has led to her successful (ISC)² EMEA ISLA nomination, which has seen her effectively implement the Information Risk Governance structure. This structure has enabled senior decision makers in the University to be aware of the context and necessary support required to make informed decisions on information risk. Prior to that, information risk had been seen as an IT activity and not as a business risk.
A key obstacle in the project, was that not all heads of departments were technologically perceptive. But Bridget led the project to ensure that all parties were given in-depth training and gained a thorough understanding of their responsibilities. She facilitated this through workshops, presentations and coffee mornings, as well as through her commended ability to explain technical details to a largely non-technical audience and using meaningful analogies to explain an idea, issue or problem.
In addition, Bridget has demonstrated outstanding leadership, ensuring her team each have a very specific role within the team, with a special focus on risk management, policy development and monitoring. She also promotes a self-advancement culture, encouraging her team to attend regular events and training sessions such as Cloud, GDPR, Agile Development, to complete their CISSP certifications as part of the annual training process and holds fortnightly 1-2-1 meetings to support her team’s progression and enabling them at being the best that they can be in their roles.
Notably, when a ransomware incident affected the university, Bridget led the multi-disciplinary teams from the front contacting users, ensuring that the infection was contained and providing guidance to the technical teams to help contain the malware. As a result of her leadership, the overall effect on UCL information was limited to the initial outbreak.
Additionally, Bridget speaks at a number of events each year and has co-authored a number of titles including the Guide to the Implementation and Auditing of ISMS Controls based on ISO/IEC 27001 .