The UK’s energy and utilities sector sits at the intersection of national resilience, digital transformation, and physical infrastructure. As cyber threats increasingly target operational technology, supply chains, and customer-facing platforms, security leadership in this space demands more than technical depth. It requires credibility with boards, fluency in regulation, and the ability to align cyber strategy with long-term infrastructure and sustainability goals.
The leaders below represent the next generation of influence. Some hold the CISO title outright, while others operate in adjacent senior security roles, but all are shaping how cybersecurity is executed across one of the UK’s most critical industries.
Reena Pathak — Director, Cyber Security, Centrica
Reena Pathak brings a delivery-focused, highly strategic approach to cyber leadership at Centrica, one of the UK’s most prominent energy companies. Known for translating complex technical risk into business-relevant language, she operates comfortably at the board and executive committee level. Her leadership style blends creativity with discipline, driving efficiency while maintaining rigorous security outcomes. Pathak’s ability to align cyber resilience with business priorities makes her an influential force in how large energy organisations operationalise security at scale.
Christine Maxwell — Group Chief Information Security Officer, SSE plc
Christine Maxwell leads cybersecurity for SSE plc, overseeing security strategy across one of the UK’s largest energy infrastructure groups. Her background spans energy, defence, financial services, and professional services, including a five-year tenure as Director of Cyber Defence and CISO at the UK Ministry of Defence. That combination of national-level defence experience and commercial energy leadership positions Maxwell as one of the most consequential security voices in the sector today, particularly as geopolitical risk increasingly intersects with energy security.
Liz Banbury — Chief Information Security Officer, Thames Water
Liz Banbury is a strategy-driven CISO with a reputation for pragmatism and execution in complex environments. At Thames Water, she leads a multi-year information security strategy focused on enabling the business to grow securely while strengthening core controls. Her career spans global financial institutions, including Standard Chartered, JPMorgan Chase, and ANZ, giving her deep experience in policy, governance, and technology risk. Beyond her corporate role, Banbury also leads the (ISC)² London Chapter, helping shape a more inclusive and collaborative cyber community across the UK.
Simon Goldsmith — Chief Information Security Officer, OVO
Simon Goldsmith leads information security at OVO, the UK’s largest independent energy retailer, where he is responsible for embedding security across products, platforms, and enterprise risk management. With more than two decades of experience across government, finance, retail, and energy, Goldsmith specialises in security transformation for both digital-native companies and large enterprises. His rare combination of cloud security expertise and hands-on operational technology experience, alongside his role as co-author of an international DevOps security standard, makes him a standout leader in the modern energy landscape.
Richard V. — Head of Information Security & Deputy CISO, SGN
As Head of Information Security and Deputy CISO at SGN, Richard V. plays a central role in securing gas distribution infrastructure across Scotland and the South East of England. Previously CISO for National Grid Electricity Distribution, he built a full cyber function from the ground up, including SOC, incident response, OT security, and forensics. With deep technical credentials and extensive experience reporting NIS-D compliance to executives and boards, Richard exemplifies the impact senior security leaders can have even without holding the top title.
Lynda M. — Chief Information Security Officer, ScottishPower
Lynda M. brings more than 20 years of information security experience to her role as CISO at ScottishPower. Her background in financial services informs a strong focus on governance, identity and access management, third-party risk, and executive-level risk communication. At ScottishPower, she leads both strategic and operational security initiatives, helping align cyber resilience with the demands of a modern, distributed energy organisation.
James Costello — Chief Information Security Officer, Sizewell C
As CISO for Sizewell C, one of the UK’s most high-profile nuclear infrastructure projects, James Costello operates in a uniquely sensitive and high-stakes environment. His role spans regulatory compliance, national infrastructure protection, and long-term cyber resilience for a project that will shape the UK’s energy future for decades. Costello’s work highlights how cybersecurity leadership is becoming foundational to large-scale energy and utilities programmes from day one.
Why These Leaders Matter Now
Cybersecurity in energy and utilities is no longer a supporting function; it is a core pillar of operational resilience and public trust. Whether serving as a CISO or leading from adjacent senior roles, the individuals on this list are shaping how security is designed, communicated, and embedded across critical UK infrastructure. As the sector continues to modernise under regulatory pressure and rising threat levels, these leaders are setting the tone for what effective cyber leadership really looks like.