Robert Hannigan is a renowned cybersecurity specialist with an extensive background in public service. He currently serves as Director of BlueVoyant, and as an adviser to a number of international companies such as McKinsey & Company, Hiscox and Immersive Labs. During his 20 years of public service, Robert served as Director of the Government Communications Headquarters (GCHQ), the UK’s largest intelligence and security agency, where he led the creation of the UK’s National Cybersecurity Centre (NCSC). Prior to that, he worked as principal adviser to Prime Minister Tony Blair on the Northern Ireland peace process.
Robert has been deeply involved in shaping UK Government’s approach to national cybersecurity, from the creation of the first UK Cyber Security Strategy for Prime Minister Gordon Brown, to framing the coalition Government’s ambition of making the UK “the safest place to live and do business online” against a rising tide of cyber security incidents. He has often shared his view that governments cannot do this alone but only in partnership with industry. Having studied classics at the University of Oxford, Robert continued his education at Heythrop College, University of London. After an early career in the private sector, Robert was appointed as Deputy Director of Communications for the Northern Ireland Office in 2000, progressing to Director-General, Political, in 2005. Robert had a role in the Northern Ireland peace process and was singled out in Tony Blair’s autobiography, where he is described as “a great young official who had taken over as the main Number 10 person [on Northern Ireland]”.
In 2007, Robert was appointed as the Prime Minister’s Security Adviser, as well as the Head of Security, Intelligence and Resilience at the Cabinet Office, responsible for coordination between the intelligence services and government. Notably, Robert led the review into the loss of the nation’s child benefit data, a major data breach incident; the subsequent report is informally called the “Hannigan Report”. Robert moved to the Foreign and Commonwealth Office as the Director-General of Defence and Intelligence in 2010, where he served for four years. In 2014, Robert was appointed as the Director of the GCHQ where his major external change to the organisation during his tenure was the creation of the NCSC as an operational part of GCHQ. At the opening of NCSC’s London headquarters in 2017, Robert described the historical line between Bletchley Park and the NCSC and set out the challenge of cyber security at a national level. In February 2017, Hannigan was appointed to the UK Government’s new Defence Innovation Advisory Panel.
Following his resignation as Director of GCHQ in 2017, Robert was widely credited with bringing greater transparency to GCHQ, not least through the use of cryptographic puzzles; his Christmas card puzzle in 2015 inspired some 600,000 attempts worldwide to solve it. This led to the publication of The GCHQ Puzzle Book in 2016, which became a Christmas best-seller and raised £240k for the Heads Together mental health charities by April 2017.
Describing his move to the private sector, Robert says: “I felt it was a good time to go into cybersecurity – I spent over 20 years in government setting up the NCSC and GCHQ. I felt there was a big demand for what I could accomplish in the private sector. I want to make the UK the safest place to do business online and believe that governments cannot do it alone. The cybersecurity industry has the resources and skills and knows where attacks are happening.” Robert has previously stated that “however much [large US technology companies] may dislike it, they have become the command and control networks of choice for terrorists and criminals” and that GCHQ and its sister agencies “cannot tackle these challenges at scale without greater support from the private sector”, arguing that most Internet users “would be comfortable with a better and more sustainable relationship between the [intelligence] agencies and the tech companies”.
Over the years Robert has received numerous commendations. He was appointed Companion of the Order of St Michael and St George (CMG) in the 2013 New Year Honours for services to national security. He was made an Honorary Fellow of Wadham College, Oxford in 2015 and became a Fellow of the Institute of Engineering and Technology in 2017. Robert is also one of the few non-US citizens known to have been awarded the US National Intelligence Distinguished Public Service Medal. Currently Robert is a Distinguished Fellow of the Royal United Services Institute and a Senior Fellow of Harvard’s Belfer Center for Science and International Affairs. He also continues to serve as a Trustee at Bletchley Park Trust, home of British World War Two codebreaking, described by Robert as “the place where the digital world started from.”
Robert lives in the UK with his wife and has two children. He enjoys playing tennis and is a Chelsea F.C. supporter. With his wife being Irish, Robert also follows sports such as hurling and Irish football.
Describing his professional motives, Robert says he is “all about raising the baseline of security and helping people and companies to get better” and he is not interested in adopting “scare tactics” when speaking with journalists.
Robert has made frequent interventions on cyber security issues and can talk knowledgably about the following:
- Government cybersecurity strategy – how should a government organise itself and what is the correct intersection between government and industry?
- Geo-politics and nation state cyberthreats – including Russian, North Korea and China.
- Sophistication of cyber crime groups
- Privacy and regulation
- Mental health and neurodiversity
- The encryption debate – this is not necessarily a cybersecurity issue but relates to how law enforcement and the tech sector work together.
- Vulnerability in video conferencing apps such as Zoom – the privacy aspect of an app but not cybersecurity and public policy, i.e. what is useful and what safe.
- The cyber skills gap and the required “culture shift” within Boardrooms to meet cyber threats.