Jean-Baptiste Bres

Chief Information Security Officer

Up to 1,500 businesses infected in one of the worst ransomware attacks ever

Interested in understanding how a large scale ransomware attack is performed? Here is a very good article from Ars Technica. A bit technical, definitively scary... so a good read.


Critical CISO Initiatives for the Second Half of 2021


New role: HSBC

I am very proud to announce that I have started a new role as Chief Information Security Officer, Australia and New-Zealand at HSBC.


The Lazarus Heist 🎧 Podcast

If you are into podcasts, BBC World is producing a very good series on the hacking group Lazarus and its ties to North Korea. The first episode goes in details through the Sony hack in 2014 as the movie "The Interview" was about to be released. It then moves onto how North Korea uses hacking to finance itself. Very interesting so far.

Pasted Graphic

Stop using your work laptop or phone for personal stuff, because I know you are


New role: Introducing Avenue

I am very proud to announce that I have started a new role as Chief Information Security Officer at Avenue.


Avenue is building a dedicated business bank that finds new, flexible ways to free up cash flow for its customers. Whether you want to grow your business, buy some time, or simply have some breathing space, we'll free up cash with new options that other banks don't offer.

Avenue isn't a bank (yet), but we're on our way. Find out more at

Open to new opportunities

As I mentioned in my previous post, Xinja Bank will stop operating as a bank in the next few weeks.

For me, this sadly means that my role will stop to exist at the end of January 2021, so I will be looking for a new position shortly.
Thank you in advance for any connections, advice, or opportunities you can offer.

You can contact me by email or via Linkedin.

Xinja is closing deposit accounts

Xinja Bank Account will soon be discontinued and the Xinja Stash will be discontinued from 23rd December 2020.

It is a sad time for all of us at Xinja. We have worked hard to get there. But we have a lot to be proud of. We demonstrated to all that it was possible to build a bank from scratch, based on a modern cloud-based tech stack.
Some said we were the crazy ones. Maybe we were. But we created momentum. We lead the way. Other will come and continue what we started. Creating better banking, and better tomorrows.

On a personal note, I am proud that Xinja has been rated the most secure bank in Australia for 6 out of the last 12 months (and as per how Dec. is going so far, still is πŸ˜πŸ†). Not a small achievement for the small team we were.

Thanks to all past and present #xinjasecurity team members. It would not have been possible without you.
Kudo to Aron, Priyal, Richard, Will, Nicole, Gary, Jeremy & Greg. You guys rock! 🀘

For more information about the closure of Xinja accounts, visit

In a time of change, identity has become the key to security - Webminar

I was honoured to discuss Identity and Security in the cloud with Nigel Phair and Serkan Cetin at the Quest Software webinar "In a time of change, identity has become the key to security – and business continuity" last week.

Check out the full video on GoToStage.

πŸ’‘ Defence in Depth


"Defence in depth", sometime also called “layering” is a central concept in information security. It relates to the idea that security components should be designed so they provide redundancy in the event one of them was to fail.

This article explores the concept of defence in depth, and how it applies to modern technology stacks and in the cloud.

Read More…