The UK media sector spans traditional broadcasting, print, and digital publishing, increasingly relying on complex technology platforms, cloud services, and subscriber data. With cyber threats evolving rapidly, the need for strong information security leadership has never been higher. These CISOs are driving cybersecurity strategy, resilience, and transformation across some of the UK’s largest media organisations.
James Freestone — CISO, Informa
James Freestone is a seasoned business information security professional with a strong track record in implementing large-scale security programs and driving positive organisational change. He brings expertise across all facets of information security and holds CISM, CISSP, SSCP, and CiISMP certifications. At Informa, James leads initiatives to strengthen security governance, operational resilience, and risk management, ensuring efficient, cost-effective solutions for the organisation.
Steve Murphy — TISO, Reach PLC
Steve Murphy leads Reach PLC’s enterprise cybersecurity and cyber risk management initiatives, bridging technology, product, and commercial teams. With over 20 years’ experience, he has transformed security frameworks, improved cloud security practices, and enabled consistent enforcement of policies across complex projects. Steve’s approach combines deep technical expertise with clear communication, ensuring stakeholders understand risks and actionable mitigation strategies.
Brian Brackenborough — CISO, Channel 4
Brian Brackenborough has over 20 years’ experience protecting iconic UK broadcasters. At Channel 4, he drives security resilience, improves maturity frameworks, and supports creative media environments. Brian has led ISO 27001 and NIST transformations, contributed to sector-wide security initiatives, and collaborated with government bodies and the NCSC. His focus is on translating complex cybersecurity challenges into practical, actionable insight for teams and senior leadership.
Pooja Bagga — Group CIO, Guardian Media Group
As Group CIO, Pooja Bagga aligns digital, data, and cybersecurity strategies across Guardian Media Group. She drives AI-led technology transformation, enterprise security governance, and platform modernisation. Known for her board-level influence and inclusive leadership, Pooja ensures security is embedded in digital transformation initiatives while balancing customer-centric innovation and organisational resilience.
Tony Jowett — Group CISO, ITV
Tony Jowett brings over 25 years of experience to ITV, managing a £5m security budget and leading a team of 26. He has enhanced cyber controls, accelerated incident response, and delivered cloud security innovations that reduced resolution time by 50%. Tony combines strategic thinking with stakeholder engagement, ensuring security initiatives support business transformation while developing talent and strengthening organisational resilience.
Jolyon Clulow — Group CISO, Sky
Jolyon Clulow is an experienced security executive with a proven record in building enterprise security functions. He has led end-to-end security for financial and media organisations, delivering people, process, and technology capabilities that manage risk effectively. At Sky, Jolyon focuses on developing teams, transforming security capabilities, and translating complex threats into practical, actionable solutions for the organisation.
Andrew Bagnall — CISO & IT Director, The Telegraph
Andrew Bagnall leads cybersecurity and IT at The Telegraph, driving strategy and transformation across technology and information security. With previous experience in operational security and IT architecture, he has overseen the development of enterprise security programs, strengthening resilience and compliance. Andrew is recognised for translating complex security concepts into pragmatic solutions aligned with organisational goals.
Cyber Leadership Driving Media Resilience
These CISOs are at the forefront of protecting some of the UK’s most influential media organisations, ensuring that critical infrastructure, subscriber data, and creative content remain secure in a rapidly evolving digital landscape. Their leadership goes beyond technology, embedding security into business strategy, enabling innovation, and fostering a culture of resilience across teams. By balancing risk management with operational efficiency, they help media organisations maintain audience trust, comply with regulatory requirements, and continue delivering high-quality content safely. As threats grow more complex, their expertise ensures the UK media sector remains robust, agile, and prepared for the challenges of tomorrow.