Jean-Baptiste Bres

Chief Information Security Officer

Xinja first bank in Australia to make it onto the HSTS preload list

Xinja is the first bank in Australia to make it onto the HSTS preload list!


Understanding the Payload-Less Email Attacks Evading Your Security Team

Picture 1

Read about Xinja's Journey to the Cloud


How to become a Fierce Female Leader in Cybersecurity Meetup

I am very excited to participate with Joss Howard at the very first Women in CyberSecurity Meetup next week! Hopefully I will be able to provide some insightful perspective to all!


Watch outs for Working From Home

Screen Shot 2020-04-14 at 10.02.24

Security GRC Manager role @ Xinja

We’re on the hunt for a killer Security GRC Manager πŸ”’ Must be highly skilled with excellent credentials. Ready to come help us build Australia's first (and best πŸ˜‰) neobank? Apply at

Screen Shot 2019-08-05 at 10.15.51

Future of Security Conference, Sydney

Unfortunately this event has been cancelled due to the COVID-19 outbreak, but it will be rescheduled for later on this year. Stay safe and see you all in a few month!

I am very honoured to be one of the speakers at the next Future of Security conference in Melbourne on 24/03 and in Sydney on 26/03. I will be discussing the Australia Consumer Data Right (CDR), and how it can be used to champion privacy while spurring innovation.

On the 26/03 (Sydney), I will also be part of a panel discussing how emerging technologies are reshaping cyber security risks and controls, strategies to infuse security culture into financial services’ enterprise DNA with Wayne Bozza, Sarah O'Brien and Sumeet Kukar and Larkin Ryder.

Future of Security

CPS 234 NSW Morning Briefing

Thanks all for coming to our panel on strategies to prevent data breaches & improve incident response yesterday at the CPS 234 NSW morning briefing.
Thank you to Jason Anderson and Wayne Bozza for their insightfull perspectives. And thanks to Paul Schofield for his fantastic facilitation and direction.


πŸ’‘ Digital Identity and Authentication


Time to go through the concepts of Digital Identity and Authentication, and how they are generally implemented in IT environments to automate access to websites, services and applications.

While this article does not require any specific technical knowledge, it is not a trivial topic, and I have purposely tried to not oversimplify some of the concepts. I have done my best to keep it easy to read, but feel free to send some feedback if some parts are too complex and you would like further clarifications.

Read More…

CPS 234 NSW Morning Briefing

I am looking forward to be one of the speakers at the CPS 234 NSW Morning Briefing in Sydney on 20/02/2020 with 3 great experts: Neil Hopkins, Susie Costa and Wayne Bozza.

With the passing of the July 1st deadline, ARPA regulated entities must meet the mandatory Prudential Standard CPS 234. The Standards have been created to improve resilience against information security threats, and those entities need to put the correct implementation strategy in place to safeguard themselves in the information age.

A key objective is to minimise the likelihood and impact of information security incidents on the confidentiality, integrity or availability of information assets, including information assets managed by related parties or third parties.

Ditch Dad Banking

We are launching today our “Ditch Dad Banking” campaign and our stashes (saving accounts) with great interest rates and no fees or hidden rules! Awesome work all! Never been a best time to ditch your old bank πŸ˜„