Robert Hannigan

Hannigan was born in Gloucestershire and brought up in Yorkshire. He studied classics at Wadham College, Oxford,^[5] and continued his education at Heythrop College, University of London.^[6] He is married with a son and a daughter.^[7]

After an early career in the private sector, Hannigan became Deputy Director of Communications for the Northern Ireland Office in 2000, Director of Communications for the Northern Ireland Office in 2001 and Associate Political Director for the Northern Ireland Office in 2004.^[5][8] He served as the Director-General, Political at the Northern Ireland Office from 2005, taking over from Jonathan Phillips.^[9][10]

Hannigan has not spoken of his role in the Northern Ireland peace process but he is the only British civil servant involved to be singled out in Tony Blair's autobiography, where Blair describes him as "a great young official who had taken over as the main Number 10 person [on Northern Ireland]" and cites him as an example of creativity.^[11] Hannigan appears regularly in other accounts, notably by Blair's Chief of Staff Jonathan Powell, attending private crisis meetings with Irish Republican leaders, including Gerry Adams and Martin McGuinness, at Stormont Castle and Clonard Monastery.^[12][13] Powell describes his key role in brokering agreement with Ian Paisley and the Democratic Unionist Party during and after the St Andrews Agreement talks.^[12] He is described as chairing the first meeting between the DUP and Sinn Féin and designed the diamond shaped table which brought Adams and Paisley together at a public meeting on 26 March 2007, which is widely regarded as marking the end of the Northern Ireland 'Troubles'.^[13][14]

In 2007, he was appointed to a new post of Prime Minister's Security Adviser in 10 Downing St,^[15][16] as well as replacing Sir Richard Mottram as the Head of Security, Intelligence and Resilience at the Cabinet Office, responsible for co-ordinating between the intelligence services and government,^[8] and acting as Accounting Officer for the Single Intelligence Account which funds MI5, MI6 and GCHQ.^[17] During his time in office, Hannigan led the review into the loss of the nation's child benefit data, a major data breach incident; the subsequent report is informally called the "Hannigan Report".^[18]

Hannigan moved to the Foreign and Commonwealth Office as the Director-General of Defence and Intelligence with effect from 1 March 2010.^[19]

He was appointed Companion of the Order of St Michael and St George (CMG) in the 2013 New Year Honours for services to national security.^[20][21] He was made an Honorary Fellow of Wadham College, Oxford, in November 2015.^[22] He became a Fellow of the Institute of Engineering and Technology in 2017 and is one of the few non-US citizens known to have been awarded the US National Intelligence Distinguished Public Service Medal.^[23][24] He is a Senior Associate Fellow of the Royal United Services Institute^[25] and a Senior Fellow of the Belfer Center for Science and International Affairs at Harvard University.^[26]

It was announced in April 2014 that Hannigan would succeed Iain Lobban as the Director of the signals intelligence and cryptography agency the Government Communications Headquarters (GCHQ) in the autumn of the year,^[27] taking over in November 2014^[28] after revelations by the National Security Agency whistleblower Edward Snowden in 2013 exposed mass surveillance by the agency.^[29] As of 2015, Hannigan was paid a salary of between £160,000 and £164,999 by GCHQ, making him one of the 328 most highly paid people in the British public sector at that time.^[30]

On his first day in the role, Hannigan wrote an article in the Financial Times on the topic of Internet surveillance, stating that "however much [large US technology companies] may dislike it, they have become the command and control networks of choice for terrorists and criminals" and that GCHQ and its sister agencies "cannot tackle these challenges at scale without greater support from the private sector", arguing that most Internet users "would be comfortable with a better and more sustainable relationship between the [intelligence] agencies and the tech companies". Since the 2013 surveillance disclosures, large US technology companies have improved security and become less co-operative with foreign intelligence agencies, including those of the UK, generally requiring a US court order before disclosing data.^[31][32] However the head of the UK technology industry group TechUK rejected these claims, stating that they understood the issues but that disclosure obligations "must be based upon a clear and transparent legal framework and effective oversight rather than, as suggested, a deal between the industry and government".^[33]

Hannigan developed this thinking in a speech at MIT in March 2016, in which he appeared to take a more conciliatory line with the tech companies.^[34] He highlighted the importance of strong encryption and argued against 'back doors'.^[35][36] He also set out the role of James Ellis and other GCHQ mathematicians in the invention of public key cryptography and published for the first time facsimiles of Ellis' original papers on the possibility of digital and analogue secure non-secret encryption.^[37] Interviewed on BBC Radio 4's Today Programme in July 2017, Hannigan argued against further legislation on encryption and said 'back doors' would be a 'bad idea', suggesting instead that governments and companies should work together against those abusing strong encryption by targeting devices and the 'end of the network'.^[38][39]

Returning to the debate on terrorist material on the internet after the London Bridge attack in June 2017, Hannigan commented on the polarised stand-off between politicians and tech companies.^[40] He noted an improved relationship between the Silicon Valley companies and government since 2014, but called on the big companies to come together to address extremism and to preserve the freedom of the internet from state control. Interviewed alongside his former counterpart Admiral Michael Rogers, Head of the NSA and US Cyber Command, at the 2017 Aspen Security Forum, Hannigan said that since 2014 the companies had accepted responsibility for the content they carried and were making progress on extremist material, pointing to Mark Zuckerberg's comments on the subject.^[41]

Hannigan's major external change to the organisation during his tenure was the creation of the National Cyber Security Centre (NCSC) as an operational part of GCHQ.^[42] The NCSC's London headquarters was officially opened by Queen Elizabeth II on 14 February 2017.^[43] In a speech welcoming the Queen and Prince Philip, Hannigan described the historical line between Bletchley Park and the NCSC and set out the challenge of cyber security at a national level.^[44][45] In a final interview with Financial Times editor Lionel Barber, at CyberUK 2017, Hannigan described his thinking in creating the NCSC and his involvement in cyber security over the years, from the creation of the first UK Cyber Security Strategy for Prime Minister Gordon Brown, to framing the coalition government's ambition of making the UK "the safest place to live and do business online"; against a '"rising tide" of cyber security incidents, governments could not do this alone but only "with industry".^[46] Hannigan has made frequent interventions on cyber security issues. In a speech in November 2015, he said that the usual market mechanisms were failing on cyber security: "The normal drivers of change, from regulation and incentivisation to insurance cover and legal liability, are still immature".^[47] He also pointed to a critical cyber skills gap,^[48] and has called for a "culture shift" within Boardrooms to meet the cyber threat, with less reliance on the "well-meaning generalist".^[49] Other Financial Times articles have covered the sophistication of cyber crime groups and the threat from North Korea.^[50]

In July 2017 Hannigan blamed Russia for causing a "disproportionate amount of mayhem in cyberspace", identifying state-linked crime as a major problem: "There is an overlap of crime and state, and a deeply corrupt system that allows crime to flourish, but the Russian state could do a lot to stop that and it could certainly rein in its own state activity."^[51][52] Asked at the 2017 Aspen Security Forum what had changed in Russian cyber behaviour, Hannigan referred to the "brazen recklessness" of Russian agencies who scarcely tried to hide their activity.^[53] In December 2017 he joined General Lord Houghton in drawing attention to Russian threats to undersea internet cables, endorsing a report by Rishi Sunak MP for the Policy Exchange thinktank.^[54] Hannigan was involved in monitoring Russian interference in the 2016 United States elections, including the Democratic National Committee cyber attacks.^[55]

On 23 January 2017, Hannigan announced that he had decided to resign once a successor to his role as director had been found, explaining in a letter to the Foreign Secretary, Boris Johnson, that his resignation was for personal reasons.^[56][57] This exchange of letters between Hannigan and Johnson revealed that he had "initiated the greatest internal change within GCHQ for thirty years"; no further details were given but the letters refer to a "focus on technology and skills", to make GCHQ "fit for the digital age". He was widely credited with bringing greater transparency to GCHQ, not least through the use of cryptographic puzzles; his Christmas card puzzle in 2015 inspired some 600,000 attempts worldwide to solve it.^[58][59] This led to the publication of The GCHQ Puzzle Book in 2016, with Forewords by the Duchess of Cambridge and Hannigan. It became a Christmas best-seller,^[60] and by April 2017 had raised £240k for the Heads Together mental health charities.^[61] According to the Guardian, his resignation was sudden and prompted speculation that it might be related to "British concerns over shared intelligence with the US in the wake of Donald Trump becoming president."^[29]

In February 2017, Hannigan was appointed to the UK Government's new Defence Innovation Advisory Panel, along with McLaren Chairman Ron Dennis and astronaut Tim Peake.^[62] He has written about the shift in technological innovation from government to private sector and West to East, expressing some concern about the tone of the Brexit debate and its impact on the UK academic tech sector.^[63]

In December 2021, the Intelligence and Security Committee of Parliament (ISC) reported that it had been misled by the government over the reasons for Hannigan's sudden resignation. Hannigan had in fact resigned because he had given a character reference some years earlier while working in the Foreign & Commonwealth Office using his FCO title, for Father Edmund Higgins, who had been found guilty of possessing 174 child pornography images, but the priest later reoffended.^[64] The report said the ISC is entrusted with oversight of the intelligence community, and ensuring their probity, and must be fully informed in such circumstances, instead of discovering it much later from a Mail on Sunday report. He was also heavily criticised in the ISC report for later revealing operational information on a TV programme of how intelligence agencies had discovered the identity of Islamic State executioner Mohammed Emwazi, commonly known as Jihadi John. The successor Director of GCHQ had written to Hannigan to remind him of his ongoing responsibility to safeguard sensitive information and to seek approval in advance of discussing such matters in the media, but without any substantive sanctions which the ISC viewed as giving the wrong message to other former intelligence staff.^[2][65][66]

He has served as chairman of BlueVoyant, a US-based cyber security services company, and as an adviser to a number of governments and international companies.^[67] He has been a paid commentator on security matters in the media and a public speaker.^[66][68]

In May 2021, it was announced that Hannigan was to be the next Warden of Wadham College, Oxford, from summer 2021.^[64]

• Foresight Review on Cyber Security for the industrial Internet of things
• Organising a Government for Cyber: the Creation of the UK's National Cyber Security Centre (RUSI) Archived 17 May 2019 at the Wayback Machine
• Official website