Wednesday 19 April 2023, 11am-12noon (BST)

Carole has had a long and distinguished career in cyber. A global IT leader with over 35 years’ experience, she was the first-ever Director of Security and CISO at John Lewis Partnership, joining the organisation in 2018. She defined the role, setting out the long-term cyber strategy for the Partnership, managing the organisation’s SOC and leading the wider IT team. Her time as CISO encompassed the extraordinary impact of the pandemic when HMG charged the John Lewis Partnership, along with other front-line suppliers, with providing support to the vulnerable – a unique challenge in managing highly sensitive information.

A graduate of the University of Hertfordshire where she read Computer Science, Carole wrote a prescient dissertation on information security, the lessons of which still resonate today. Prior to joining the John Lewis Partnerships, Carole worked for BP for 29 years, finishing as Vice President of Infrastructure and Integration Services, as well as being Head of Delivery Services across the whole group. Carole also worked closely with other major retailers and the NCSC to share information and security policy, and is an active member of the governing body of the UK-wide CISO community run by Evanta.

Carole has recently retired from full-time corporate roles but retains a link to the cyber industry through her role as a Board Advisor to Reliance Cyber.

This Chief’s Brief gave us a privileged insight into Carole’s career and experiences, and the lessons she has learnt.

This meeting was open to SASIG members only, and The Chatham House Rule applies.

Tarquin Folliss OBE (info), Vice Chairman, The SASIG in conversation with Carole Drape (info), Former Director of Security and Partnership CISO, John Lewis Partnership