Jean-Baptiste Bres

Chief Information Security Officer

New role: Introducing Avenue

I am very proud to announce that I have started a new role as Chief Information Security Officer at Avenue.


Avenue is building a dedicated business bank that finds new, flexible ways to free up cash flow for its customers. Whether you want to grow your business, buy some time, or simply have some breathing space, we'll free up cash with new options that other banks don't offer.

Avenue isn't a bank (yet), but we're on our way. Find out more at

Open to new opportunities

As I mentioned in my previous post, Xinja Bank will stop operating as a bank in the next few weeks.

For me, this sadly means that my role will stop to exist at the end of January 2021, so I will be looking for a new position shortly.
Thank you in advance for any connections, advice, or opportunities you can offer.

You can contact me by email or via Linkedin.

Xinja is closing deposit accounts

Xinja Bank Account will soon be discontinued and the Xinja Stash will be discontinued from 23rd December 2020.

It is a sad time for all of us at Xinja. We have worked hard to get there. But we have a lot to be proud of. We demonstrated to all that it was possible to build a bank from scratch, based on a modern cloud-based tech stack.
Some said we were the crazy ones. Maybe we were. But we created momentum. We lead the way. Other will come and continue what we started. Creating better banking, and better tomorrows.

On a personal note, I am proud that Xinja has been rated the most secure bank in Australia for 6 out of the last 12 months (and as per how Dec. is going so far, still is πŸ˜πŸ†). Not a small achievement for the small team we were.

Thanks to all past and present #xinjasecurity team members. It would not have been possible without you.
Kudo to Aron, Priyal, Richard, Will, Nicole, Gary, Jeremy & Greg. You guys rock! 🀘

For more information about the closure of Xinja accounts, visit

In a time of change, identity has become the key to security - Webminar

I was honoured to discuss Identity and Security in the cloud with Nigel Phair and Serkan Cetin at the Quest Software webinar "In a time of change, identity has become the key to security – and business continuity" last week.

Check out the full video on GoToStage.

πŸ’‘ Defence in Depth


"Defence in depth", sometime also called “layering” is a central concept in information security. It relates to the idea that security components should be designed so they provide redundancy in the event one of them was to fail.

This article explores the concept of defence in depth, and how it applies to modern technology stacks and in the cloud.

Read More…

Xinja emails get maximum security score

Email. It is hard to imagine life without it. Although invented back in the seventies, it became mainstream in the nineties. Unlike overalls and bandanas, it remained popular until this day. So popular in fact, that spam and so called ‘spoofing’ has become a real threat on the internet. This is how Xinja keeps their emails super secure.


Incident Response and Breach Impact Minimisation Panel

I am looking forward to be part of the panel on Incident Response and Breach Impact Minimisation on Thursday October 8th 2020 (1pm - 1.50pm AEST) with Susie Costa, Alvin Rubyono and Stephen Burmester.

More than ever, Government, industry and businesses have been under increasing attacks. The Australian Cyber Security Centre (ACSC) recently published a report stating it had responded to approximately 2300 cyber security incidents between July 2019 and June 2020. But in these times with many staff working from home, if your business was to suffer from a cyber breach, would you be able to respond effectively?
We will discuss best practices in incident response and how to manage and minimise the impact of a breach on your business.

More information at

Xinja is now PCI DSS compliant certified

Xinja just got certified PCI DSS compliant! The PCI DSS compliance refers to the technical and operational standards that businesses must follow to secure and protect your credit and payment card data. These standards for compliance are developed and managed by the Payment Card Industry Security Standards Council.

It is a huge milestone for us and, if you ever got through such a certification process, you would know how challenging it is!

To mark the event, we published a short article on how we designed our environments to get compliance. So read more about it below:


Future of Security Conference

I was honoured to be part of the FST Security conference on Monday, for a fireside chat around data privacy with Mark Sheppard and a Security Leader's Panel with Larkin Ryder, Michelle Bower and Sumeet Kukar.
If you were not able to attend, you can still catch these sessions on the conference website.


Future of Security Conference

After having to cancel the event back in March due to COVID-19, the Future of Security conference is back (online this time) from the 24/08.

I am very honoured to be one of the speakers. I will be discussing the Australia Consumer Data Right (CDR), and how it can be used to champion privacy while spurring innovation.

I will also be part of a panel discussing how emerging technologies are reshaping cyber security risks and controls, strategies to infuse security culture into financial services’ enterprise DNA.

Find out more on the conference website.