Sarah Armstrong-Smith

Early Career

Armstrong-Smith began her career in the mid-1990s, entering the security and risk space at a time when the discipline was still taking shape within British industry. In 1995 she held a position at PHH Arval as a fraud controller, marking her entry into operational risk management. She subsequently moved to Thames Water, where she worked as a business continuity analyst. During this period she was involved in preparations for the Year 2000 problem, contributing to the industry-wide effort to manage the Millennium transition.

Career

In 2001, Armstrong-Smith was appointed Disaster Recovery Manager at AXA, broadening her expertise in organizational resilience within the financial services sector. She then held the position of Manager, Technology Risk Services at Ernst & Young, where she gained experience in enterprise-level risk consulting.

Following these roles, she spent approximately eleven years at Fujitsu. She joined the company as Chief Consultant on Cyber Security and progressed through a series of increasingly senior positions, including Management Consultant in Enterprise and Cyber Security, Engineer, and ultimately Head of Continuity and Resilience within the Enterprise and Cyber Security practice. This extended tenure at Fujitsu established her as a recognized practitioner in cyber resilience and continuity planning.

In 2019, Armstrong-Smith joined the London Stock Exchange Group as Group Head of Business Resilience and Crisis Management. During the same period she also took on a non-executive directorship at Decipher Cyber.

Microsoft

In 2020, Armstrong-Smith joined Microsoft as Chief Security Advisor for EMEA. In this role she influences security practice, provides strategic guidance on cybersecurity, compliance, and organizational resilience, and partners with enterprise customers to design security strategies that address both regulatory requirements and an evolving threat landscape. Her background in crisis management and disaster recovery has informed initiatives aimed at strengthening businesses against cyber attacks and large-scale disruptions.

Notable Work

Armstrong-Smith is a published author of two books. Her first, Effective Crisis Management: A Robust A-Z Guide for Demonstrating Resilience by Utilizing Best Practices, Case Studies, and Experiences, was published in 2022. Her second book, Understand the Cyber Attacker Mindset: Build a Strategic Security Programme to Counteract Threats, followed in 2024. Both works draw on her extensive practical experience in resilience, crisis management, and cybersecurity strategy.

Recognition

Armstrong-Smith has received consistent industry recognition throughout her career. She was listed among The Most Inspirational Women in Cyber UK in 2020 and named to SC Media's Top 30 Female Cybersecurity Leaders in 2022. That same year she was included on Cyber Security Hub's inaugural Top 20 Cyber Security Movers and Shakers list. In 2023 she was featured on Computer Weekly's lists of influential women in UK technology, and in 2024 she was recognized by Women in Cybersecurity as one of the Top 25 Leaders in Cyber Security. She holds Fellowship of the British Computer Society.