Professor Paul Dorey BSc. PhD. (Southampton) CISM F.Inst.ISP M.I.Biol has over 25 years management experience in information security gained as a senior security and risk executive at Morgan Grenfell/Deutsche Bank, Barclays Bank and BP. His work has encompassed information security management, operational risk management, business continuity planning and crisis management, privacy and the security of process control systems. Paul has consulted to several governments in protecting critical national infrastructure, was a founder of the Jericho Forum, and was the founder Chairman of the Institute of Information Security Professionals (IISP) and now carries the title Chairman Emeritus. He has sat as an independent expert on the Permanent Stakeholders Group of the European Network Information Security Agency (ENISA). His industry recognition includes being awarded Chief Security Officer of the Year (2006), IT Security Executive of the Year (2008) and his induction into the IT Security Hall of Fame (2009). His interests include the problem of establishing and communicating trust in IT systems, risk convergence (integrating IT Security with physical security and other risk disciplines) and demonstrating the value of security investment through alignment with management risk frameworks and business strategy. In addition to his academic interests, he currently runs two consultancy firms specialising in developing commercial security strategies and building programmes to improve security team capability and knowledge sharing in the industry. Details of his work and some of his publications can be found on his Royal Holloway University of London web site.