Chair and (Acting) Webmaster
Durgesh GaitondeDurgesh Gaitonde


Email address: |

Well-regarded expert and leader in the field of IT, Cyber Security & Information Risk management and Assurance with over 15 years of industry experience working with prestigious clients in various industry sectors including, but not limited to Technology, Financial Institutions, Aviation, Construction, Engineering, Energy, Sports sectors providing specialist services in Security, Risk, Governance, Privacy and Assurance.

Recently, he has been through the independent assessment and verification process for the UK governments approved standard of competence against the new Certified Cyber Professional (CCP) specialism scheme and qualified as a C-CCP within the Risk Management specialism via the UK NCSC. Furthermore, he is now on the elite panel as a Lead Assessor on the scheme to attest quality cyber professionals.

He was one of the privileged members of one of the alliance partners on the formation project that developed and delivered the UK Cyber Security Council (UK CSC).

He has also been independently assessed for attested as a Chartered Engineer (CEng) demonstrating leadership along with optimisation of existing & emerging technology by the Engineering Council, UK.

Durgesh is also the on elite international panel for ISO/IEC JTC 1/SC 27/WG 1 as a UK Expert, the ISACA International’s CRISC Exam Item Development group and a critical reviewer for study resources & journal articles. He also represents the National body with the BSI as a committee member of the IST / 33 group for ISMS.

Holding a Bachelor’s degree in Electronics Engineering followed by a Masters in Information Security Management, Durgesh is also a Certified Information Security Manager (CISM), Certified in Risk and Information Systems (CRISC), Certified Data Privacy Solutions Engineer(CDPSE), Certified Information Privacy Manager (CIPM) and is an active member of various specialist groups like the CiSP, ISACA, BCS, CIISec, etc., he has extensive experience developing strategies for IT security, governance, risk and compliance engagement and acts as a subject matter expert to provide security advice to internal and external stakeholders.

His skills and know-how incorporate information security strategy, governance, risk management, compliance, business continuity, application security, computer forensics, vulnerability assessments & penetration testing, vendor neutral security solution architecture, service delivery, project management. He is well-versed with international standards such as COBIT 5, ISO 27000 series. He has extensive experience developing strategies for IT risk and compliance engagement and acts as a subject matter expert to provide security advice to internal and external stakeholders.

Vice Chair 
Andy Moattari 


Email address:

Andy spent the 1st twelve years of his industrial career as a design & development engineer in UK Electronics and Telecommunication industries. He then moved into IT Consultancy with IBM in 1978 and continued in that capacity offering PMO services to several clients in Telecoms, finance, software house and energy industries. He has had roles and responsibilities as Analyst, Quality Manager, Change Manager, ISO Auditor, Configuration Manager & Process Improvement Manager on a number of major multi-site software development projects in Europe & USA.

Communication & Social Media Officer
Darren Roberts

Email address:

Paul SmithCllr Paul M Smith

Email address:

Cllr Paul M Smith is an experienced financial and capital markets professional, as well as being the former Sales Lead on many Commonwealth projects, (including the Commonwealth Yearbook). More recently, Paul has worked as an award-winning ICT Sales Director at Hewlett Packard, specialising once again in Africa/EMEA. He holds many senior non exec roles, including as a Committee Chair within BCS and member of many other BCS Committees. Paul also proudly serves as Vice-President, isc2 (East of England Region as well as on Chartered Insurance Institute Cambridge Committee.

He also serves as a Councillor in his home village of Sawston, Cambridgeshire. Paul is also a Certified NLP master Practitioner and hold many qualifications across NLP, financial services, ICT, project management and cyber security. Paul is passionate about Africa, American Football, ESG, CSR, Financial Services regulatory reform & GRC issues. He is devoted to his beloved wife Yari and hopes that her home country of Venezuela will soon be free one day.

John Mitchell 


Managing Director, LHS Business Control

Email address:

John is a Fellow of both the BCS and the IIA-UK and has previously been Membership Secretary, Journal Editor and Chair of IRMA. He has also served on BCS Council, the Specialist Group Management Committee and the Security Committee. He was previously a member of its Risk, Audit & Finance Committee.

His doctorate in risk analysis techniques was awarded by City University, London, England. His MBA in financial control was awarded, with distinction, by Middlesex University, England.

John has been an expert adviser in a number of UK commercial and criminal cases and has been featured in a major British computing publication as the ‘IT Detective’.

He is an international authority on corporate governance, risk management and control self-assessment and the impact of regulatory and compliance issues on the delivery of corporate services. He has presented papers on these subjects at many international conferences and holds ISACA’s prestigious John Kuyers’ award for best conference contributor, as well as the BCS’s John Ivinson medal for services to the Institute.

Reza AlaviMembership Secretary
Reza Alavi

Email address:

Reza is a Cyber Risk and Security consultant. He helps his clients to maintain a solid security governance program, dealing with complex security challenges and implementing robust control frameworks across diverse sectors in line with regulatory obligations and business objectives. In addition, he has led and governed digital transformational projects to support organisational IT governance frameworks and cyber security objectives.

Academic Relations

Andrew Richardson

Events Organiser
Andrew Richardson

Email address:

Andrew has worked in IT and then Governance and Information Security for nearly 40 years. He moved from initially designing military aircraft, to software development, then to support and a number of positions within computer operations, before moving to a career in Internal Audit and Information Security. Andrew has worked for defence contractors, a number of IT services companies, large international insurance companies and currently works for a UK Bank.

As a motivated and qualified security professional he is a member of both the British Computer Society, the Chartered Management Institute, holds four ISACA designations (CISA, CISM, CRISC, CGEIT) and is a Fellow of the Chartered Institute of Information Security (CIISec).

Andrew’s contributions to the development of the information/cyber security profession are through acting as Events Organiser for the BCS IRMA specialist group, performing a number of activities for CIISec, including interviewing CIISec candidates and recommending awards Awards Committee, leading on the production the CIISec “ABC” guides, leading Tesco Bank’s CIISec Associate Development Programme (ADP) and contributing to the CIISec Live Steering Group.

Andrew has previously been a member of the ISACA Publications Committee and at the invitation of KPMG, presented to the Institute of Operational Risk Scottish Chapter and he continues to mentor colleagues and students for ISACA Certifications, Modern Apprenticeships and for CIISec designations.

Early Careers Advocate
Lee Campbell

BSc (Hons), MSc (Oxon), PgCAP, FHEA, CEng, CITP, MBCS, CISA, CISM, CISSP-ISSAP, CEH, CE Assessor, ISO 27001 Lead Implementer, CASP+, CySA+, A+, N+, Server+, Security+, PenTest+, Cloud+, CSAE, CNIP, CCAP, CSCP, CSIE, CSAP, CNSP, CNVP, CIOS, CSIS, CCNA (Cyber Ops), MCSE.

Email address:

Lee has extensive cybersecurity experience working for multi-national organisations holding a senior systems architect role. Furthermore, Lee has worked for SMEs, start-ups and ran IT and cybersecurity consultancies. He has secured major organisational networks and systems. In addition, he was responsible for designing, implementing, and supporting the web infrastructure architecture for the first online banking and trading platform in Europe.

In 2015, he created the first online cybersecurity training material for SMEs for the UK Government. In 2014, he was the chosen technical representative for the UK SME sector to identify the UK's preferred cybersecurity standard. From this work, the Cyber Essentials standard was established. In this role, Lee represented five million SME organisations' interests on behalf of the Federation of Small Businesses (FSB).

For the last six years, Lee has worked as a cybersecurity academic. He has made significant contributions to undergraduate, postgraduate and Scottish apprenticeship scheme programmes. He has designed, created and delivered BSc and MSc cybersecurity programmes, qualifications and modules across three higher education institutions. During this time, Lee has helped many students achieve their goals and dreams of working in the cybersecurity industry.

Lee is also a practising cybersecurity consultant and researcher. He provides cybersecurity consultancy, penetration testing and training services to maintain and develop his knowledge and understanding of the subject matter and sector. He firmly believes that practising cybersecurity in the real world is vital; this provides students with meaningful and relevant teaching material to help prepare them for the cybersecurity industry.

Lee holds a Bachelor's degree in Computing and Masters in Software and Systems Security from Oxford University. In addition, he also holds twenty-eight cybersecurity certifications.

Inclusion Officer
Juliet Flavell

Juliet FlavellBefore completing an MSc in Information Security at Royal Holloway, Juliet built and led the IT function for a leading boutique London law firm. She is currently part of the Civil Aviation Authority's cyber security oversight team and works with the aviation industry to assess progress against the Cyber Assessment Framework.

Juliet is a CISM and ISO 27001 Lead Auditor, and successfully achieved the GIAC Strategic Planning, Policy and Leadership (GSTRT) certification in 2022. Beyond aviation, she also has a keen interest in the development of driverless car security, following publication of her MSc dissertation on the subject in 2019.