The UK construction and infrastructure sector operates at the intersection of physical delivery, digital transformation, and national economic importance. Major construction groups manage complex supply chains, large workforces, sensitive commercial data, and increasing use of cloud platforms, connected systems, and smart infrastructure. As cyber risk, regulatory pressure, and operational disruption converge, security leadership in this sector must balance resilience, compliance, and business enablement. The following security leaders play influential roles in shaping information security, cyber risk management, and security culture across leading UK construction and engineering organisations.
Danielle Hamilton — IT Security Manager, Wates Group
Danielle Hamilton is IT Security Manager at Wates Group and brings more than 20 years of experience leading information security, cyber security, and IT assurance initiatives across Europe, the Middle East, and South Africa. She has held responsibility for operational security, cyber security, and policy direction across more than 20 countries for large multinational organisations with revenues exceeding $40 billion.
Hamilton is accountable for the strategy and delivery of information and cyber security programmes aligned with business objectives and risk appetite. Her expertise spans cybersecurity, operational data security, privacy, and secure government projects, with a strong focus on protecting the confidentiality, integrity, and availability of business assets. She is also recognised for driving cultural change through effective security awareness programmes and has delivered security leadership across manufacturing, media, and construction environments.
Paul Bird — Head of Information Security, Tilbury Douglas
Paul Bird is Head of Information Security at Tilbury Douglas, where he provides governance, assurance, and compliance in a rapidly evolving environment. His remit includes information security risk management, end-to-end IT project assurance, security testing, day-to-day security operations, compliance, and security product management.
Bird leads the development and maintenance of the group information security strategy and associated frameworks, including addressing cloud security and compliance challenges. He oversees incident response planning and breach investigations, implements Microsoft 365 and Azure trust best practices, and produces security business cases supporting digital transformation initiatives. Having experienced a large-scale cyber security breach firsthand, he brings practical insight into incident impact, recovery, and the delivery of cyber uplift programmes.
Mat Burton — Information Security Leader, Morgan Sindall Group
Mat Burton is an information security leader at Morgan Sindall Group, responsible for delivering enterprise-wide security governance, risk, and compliance programmes across complex operational environments. His work includes aligning policies and controls with frameworks such as ISO 27001, NIST, NCSC CAF, DEFSTAN 05-138, UK GDPR, and Cyber Essentials, contributing to a significant reduction in organisational risk exposure.
Burton has led strategic risk management initiatives, overseen security incident response and business continuity programmes, and championed large-scale security awareness initiatives impacting thousands of employees. He has also played a central role in embedding security-by-design principles into digital transformation and cloud adoption projects, working closely with IT, legal, and compliance teams to support regulatory alignment and audit readiness.
Adam Saunders — Head of Information Security, Mace
Adam Saunders is Head of Information Security at Mace, with more than 20 years of experience delivering cyber risk reduction while supporting business growth. His work focuses on embedding appropriate levels of cyber protection into enterprise architecture, strengthening cyber operations, and ensuring security programmes align with organisational objectives.
Saunders has a proven track record of establishing and implementing information security programmes in complex and dynamic environments, including supporting cloud transformation initiatives. He is experienced in building and developing high-performing security teams that operate effectively alongside the wider business, ensuring that security management enables, rather than constrains, delivery.
Barry Smith — Group Vice President, Technology, Skanska UK
Barry Smith is Group Vice President of Technology at Skanska UK, where he is responsible for group technology strategy, execution, and delivery. His role includes management of key technology partners and service providers, as well as chairing the Skanska AI Network. While not a CISO by title, his remit encompasses cybersecurity, technology governance, cloud platforms, and enterprise technology strategy.
Previously, Smith served as Regional CIO for the UK, overseeing technology and data strategy, delivery, and governance of technology services. His leadership spans cybersecurity, technology partnerships, cloud computing, platforms, and applications, positioning him as a senior executive shaping how technology and security capabilities support Skanska’s UK operations.
Leadership Driving Cyber Resilience in UK Construction
These security and technology leaders exemplify how cyber resilience, governance, and strategic security management are shaping the UK construction and infrastructure sector. Their work ensures that organisations can protect critical data, maintain operational continuity, and embrace innovation securely, making them pivotal to the industry’s ongoing digital and physical transformation.