SecurityBrief UK - Technology news for CISOs & cybersecurity decision-makers
United Kingdom
International Women’s Day
263 opinions Read now

Guides

#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware

Search

Untitled design 80
#
DevOps
#
Digital Transformation
#
Hyperscale

Horizon3.ai names Dan Bird MBE Field CTO for EMEA cyber push

Tue, 24th Feb 2026
Author image
By Sofiah Nichole Salivio, News Editor

Horizon3.ai has appointed Dan Bird MBE as Field Chief Technology Officer for EMEA, expanding senior technical leadership in a region facing heightened scrutiny over cyber resilience across government and critical sectors.

Bird will work with customers and partners across Europe, the Middle East and Africa. The role focuses on offensive security methods that test controls from an attacker's perspective, an approach that has gained prominence as attacks become faster and more automated.

The appointment comes as UK and European security teams report growing operational disruption from cyber incidents. Leaders also point to the spread of tools that reduce the effort needed to launch attacks and maintain access, increasing board-level focus on how quickly organisations can detect and contain intrusions.

Public Sector Background

Bird brings nearly three decades of experience in defence, national security and technology delivery. He spent most of his career at the UK Ministry of Defence, holding senior operational and technical roles tied to national crisis response.

In government, he led technology programmes worth several hundred million pounds and oversaw the transition of large-scale IT systems into live service. He also worked on defence innovation and international cooperation, and served as National Liaison Officer to the United States military.

After leaving the Ministry of Defence, Bird moved into the private sector. His most recent role was at SNC Mission Systems UK.

Offensive Testing

The role reflects a shift from checklist-based cyber assurance to evidence of exploitability. Offensive security programmes aim to identify real attack paths in live environments, helping organisations prioritise remediation and verify that fixes address underlying weaknesses.

Horizon3.ai sells the NodeZero offensive security platform, which automates parts of security testing that have traditionally relied on manual penetration testing and periodic assessments. Those approaches often struggle to keep pace with rapid changes in infrastructure and software.

As attackers increase their use of automation and scale, offensive testing has become more relevant. Many security teams are responding with more frequent assessments, broader asset coverage, and a greater emphasis on proof of impact rather than theoretical exposure.

Keith Poyser, Vice President EMEA at Horizon3.ai, said the hire reflects a tougher operating environment across the region.

"Dan brings a rare blend of deep defence experience, technical credibility, and operational insight," Poyser said. "Threat actors, including organised criminal groups and state-backed operators, are becoming more capable and more persistent, while many organisations still place too much trust in untested defensive controls. Resilience comes from proving defences hold up when tested, frequently, from an exploitability perspective. Dan's leadership will be instrumental in helping organisations move from assumed security to demonstrable resilience."

Policy Pressure

The appointment also comes as policymakers tighten expectations for cyber governance and reporting. In the UK, proposed changes to the Network and Information Systems regime are set to expand the scope of organisations subject to tougher standards, with closer oversight of supply-chain risk for essential services and large enterprises.

The Cyber Security and Resilience (Network and Information Systems) Bill, introduced to Parliament in late 2025, is expected to strengthen the UK's cyber framework throughout 2026. It broadens the range of organisations expected to meet higher standards, including managed service providers, data centres and critical suppliers, while tightening incident reporting timelines and expanding enforcement powers.

Bird said he sees growing alignment between geopolitics, technology shifts and cyber risk. "We're seeing offensive cyber capability become easier to operate and harder to contain, at the same time as geopolitical pressure and more organised criminal activity," he said. "That combination is no longer theoretical. It enables sustained disruption with direct economic and operational impact."

He also highlighted the UK's emerging regulatory and governance backdrop. "As the UK enters 2026, cyber resilience is firmly on the national agenda. The second reading of the Cyber Security and Resilience Bill reflects a growing recognition that cyber attacks are an operational risk, not an abstract one. Controls have to be validated under real conditions, not assumed to work on paper," Bird said.

He described the rapid adoption of new technologies by hostile actors as an immediate challenge for defenders. "Hostile actors have first mover advantage in adopting new technology like AI and machine learning. We have to enable our customers to see from an attacker's perspective to find and fix their real weaknesses before others do," he said.

Related stories
In a cost-pressured AI race, operational maturity is now the competitive advantage
UK AI budgets shift to data infrastructure & storage
AI cyber threats outpace staff readiness, report warns
Teramind launches AI governance to tackle shadow AI
Red Hat, Nvidia, Palo Alto forge AI-native telco stack

Top stories

Autonomous AI 'agentic customers' set to reshape banks
How women in cyber change the conversation at board level
The weight women carry
Preserving our voice: Why women must shape the future of AI and cybersecurity
Bridging the gap: Cybersecurity breakthroughs and imbalances