Steve Wright

Data Protection & Security,

At John Lewis, I am fortunate enough to be in the unique position of reporting directly into the Group Financial Director (CFO), but answerable to the Board and Audit & Risk Committee. This empowers me to ensure that when it comes to data privacy and data security compliance, I can set the strategy, policy, direction and the tone (rate) of change necessary to take this great British icon into its optimal position of leveraging the data it collects, whilst at the same time protecting the rights of our customers and Partners, by ensuring legal and regulatory compliance, delivering and enhancing Privacy and Security capabilities – whilst ensuring Trust and Transparency remains at the heart of our fantastic Brands – Waitrose and John Lewis.

I’ve spent more than 25 years learning in IT (the last 8 in Legal and Finance), but all the time designing, developing, managing (mainly people) and delivering transformational data governance, privacy and security programmes, but in the last year, my role at John Lewis has tested me beyond my existing skills.

At John Lewis, my skills as a chief negotiator, senior motivator and leader (and only because I have an excellent team) – have led me to evolve into more of a Chief Compliance Officer and/or Chief Data Officer role. Whilst this is fine, I don’t want to dilute my skill base as a leader in security and privacy, and don’t want to loose my independence, or diminish my role as a ‘trusted Board advisor’.

I believe that data (governance) lies at the heart of our society and everything is connected to this one common denominator = data. And as we know, data security and data privacy are inextricably linked – they share common objectives, threats and therefore require comprehensive safeguards (controls), legal compliance and assurances mechanisms – both for the Board, our Partners and of course our Customers.

I am only human, and limited by human capacity, but I would hope you may share in some of my passions and philosophies.