Robin Smith, CISO at Great British Energy – Nuclear

In this two-part Sage Spotlight, Robin Smith, CISO at Great British Energy – Nuclear and former CISO of Aston Martin, shares how he’s advancing cyber resilience through automation, AI integration, and intelligence-led defense. He also reveals how Sagetap helped him cut vendor outreach time by 95%, replacing long sales cycles with faster, more focused conversations that deliver real innovation.

Part 1 of Robin's Spotlight

Key Takeaways

• Building Resilience Across High-Stakes Environments: As CISO for Great British Energy – Nuclear (and formerly Aston Martin), Robin focuses on security standards, workflows, and technology that protect against disruption and strengthen organizational resilience.
• Hyperautomation as a Top Priority: Hyperautomation tops Robin’s 2025 agenda. He believes AI should enhance talent, emphasizing that “AI + brain = the future” and that digital literacy is key to maximizing automation’s impact.
• From Reactive to Predictive Defense: By combining hyperautomation with CTEM, his team can anticipate threats, prioritize real risks, and strengthen their overall security posture.

Full Transcript

Robin Smith: I'm currently Chief Information Security Officer of Great British Energy – Nuclear, which is a government-owned nuclear agency in the UK, newly established in the last couple of years. And I was formally CISO at Aston Martin, the luxury automotive brand.

In the role of CISO, I'm board advisor on all aspects of information cybersecurity risk, and the focus is on building security standards and services that can really protect the business, ensure that the brand is fully immune from disruption, but also builds resilience across technology, processes, and workflows to ensure that we have cyber resilience across the operations.

Meghan Lafferty: Going a little bit deeper, can you tell us what's most pressing for you, the projects that you work on, and how you decide on those projects?

Robin: Hyperautomation is really top of my list for priorities this year, and I really want to get to a point where I have confidence about how automation makes the tools flow and interoperate better rather than worrying about job losses or the other AI catastrophism that goes around. You still need really good quality CISOs, engineers, risk analysts, people to train and build skills. There's a formula of AI + brain = the future, and I think I can go with that. If we can really build digital literacy, that will 10X the value from AI projects.

One of the things we're trying to work out is predicated on continuous threat exposure management. If there's a nearly infinite supply of cyber crime, and it sometimes feels like that on a Monday morning, we'll be able to really focus our priorities on being intelligence led, using our resources well, and tackling what's most urgent to a business.

The way that we've tapped into that is staying abreast of what's going on in the industry, and then that drives our intelligence-led cyber strategy, and it's making big impacts. It's given us new opportunities for innovation, it's reducing the risk from cyber criminality, we're moving into a model where we can forecast or anticipate what's coming around the corner, and that's a really good position for a CISO to be in.

Meghan: Alright, the before times. Can you tell us how you used to identify the right vendors to evaluate?

Robin: It feels like the Stone Ages now that I've been working with Sagetap for a few years. Just before the pandemic, we were doing market testing whereby we would invite in 10 vendors to do the sales pitch. So it would take a lot of time, would waste a lot of your resources, and not always get to a decision point because, you know, a sales pitch is not reality. A sales pitch is what it can do, not what it will do. When we would then implement solutions, there would be a bit of a gap, and that all arose from a very poor filtering and prioritization process.

It was a painful process, really fractured, and I was very glad to find solutions to these problems.

Part 2 Coming October 21!