Jean-Baptiste Bres

Chief Information Security Officer

New role: HSBC

I am very proud to announce that I have started a new role as Chief Information Security Officer, Australia and New-Zealand at HSBC.


The Lazarus Heist 🎧 Podcast

If you are into podcasts, BBC World is producing a very good series on the hacking group Lazarus and its ties to North Korea. The first episode goes in details through the Sony hack in 2014 as the movie "The Interview" was about to be released. It then moves onto how North Korea uses hacking to finance itself. Very interesting so far.

Pasted Graphic

Stop using your work laptop or phone for personal stuff, because I know you are


New role: Introducing Avenue

I am very proud to announce that I have started a new role as Chief Information Security Officer at Avenue.


Avenue is building a dedicated business bank that finds new, flexible ways to free up cash flow for its customers. Whether you want to grow your business, buy some time, or simply have some breathing space, we'll free up cash with new options that other banks don't offer.

Avenue isn't a bank (yet), but we're on our way. Find out more at

Open to new opportunities

As I mentioned in my previous post, Xinja Bank will stop operating as a bank in the next few weeks.

For me, this sadly means that my role will stop to exist at the end of January 2021, so I will be looking for a new position shortly.
Thank you in advance for any connections, advice, or opportunities you can offer.

You can contact me by email or via Linkedin.

Xinja is closing deposit accounts

Xinja Bank Account will soon be discontinued and the Xinja Stash will be discontinued from 23rd December 2020.

It is a sad time for all of us at Xinja. We have worked hard to get there. But we have a lot to be proud of. We demonstrated to all that it was possible to build a bank from scratch, based on a modern cloud-based tech stack.
Some said we were the crazy ones. Maybe we were. But we created momentum. We lead the way. Other will come and continue what we started. Creating better banking, and better tomorrows.

On a personal note, I am proud that Xinja has been rated the most secure bank in Australia for 6 out of the last 12 months (and as per how Dec. is going so far, still is πŸ˜πŸ†). Not a small achievement for the small team we were.

Thanks to all past and present #xinjasecurity team members. It would not have been possible without you.
Kudo to Aron, Priyal, Richard, Will, Nicole, Gary, Jeremy & Greg. You guys rock! 🀘

For more information about the closure of Xinja accounts, visit

In a time of change, identity has become the key to security - Webminar

I was honoured to discuss Identity and Security in the cloud with Nigel Phair and Serkan Cetin at the Quest Software webinar "In a time of change, identity has become the key to security – and business continuity" last week.

Check out the full video on GoToStage.

πŸ’‘ Defence in Depth


"Defence in depth", sometime also called “layering” is a central concept in information security. It relates to the idea that security components should be designed so they provide redundancy in the event one of them was to fail.

This article explores the concept of defence in depth, and how it applies to modern technology stacks and in the cloud.

Read More…

Xinja emails get maximum security score

Email. It is hard to imagine life without it. Although invented back in the seventies, it became mainstream in the nineties. Unlike overalls and bandanas, it remained popular until this day. So popular in fact, that spam and so called ‘spoofing’ has become a real threat on the internet. This is how Xinja keeps their emails super secure.


Incident Response and Breach Impact Minimisation Panel

I am looking forward to be part of the panel on Incident Response and Breach Impact Minimisation on Thursday October 8th 2020 (1pm - 1.50pm AEST) with Susie Costa, Alvin Rubyono and Stephen Burmester.

More than ever, Government, industry and businesses have been under increasing attacks. The Australian Cyber Security Centre (ACSC) recently published a report stating it had responded to approximately 2300 cyber security incidents between July 2019 and June 2020. But in these times with many staff working from home, if your business was to suffer from a cyber breach, would you be able to respond effectively?
We will discuss best practices in incident response and how to manage and minimise the impact of a breach on your business.

More information at