Jean-Baptiste Bres

Chief Information Security Officer

Conference Transcript: Building an Information Security Policy Framework

Following my presentation on Building an Information Security Policy Framework at the "Implementing CPS 234" conference held in Sydney in May 2019, I received many requests to publish a transcript. Thank you all for your interest and for the large amount of feedback you shared with me. As promised, here is an augmented transcript of my presentation.

It covers an overview of what a Policy Framework is, and why it is an essential part of any Information Security program; the various existing frameworks used across the industry, their strengths and limitations; a methodology to create a flexible framework, supported by a risk assessment and a strong understanding of the assets owned by the institution and the threats they are exposed to; and an approach to define an adequate control set and how to prioritise its implementation. Read Moreā€¦

"Implementing CPS 234" conference

I am very proud and excited to be one of the key speakers at the "Implementing CPS 234" conference on 3rd May in Sydney.

I will be talking on how to build an information security policy framework that is agile to changing threats.