Jean-Baptiste Bres

Chief Information Security Officer

Global News Podcast 🎧 Afghanistan Special

A special episode from the excellent BBC Global News Podcast, providing a very good understanding of the current situation in Afghanistan. I can only recommend listening if you want to understand what is happening there (and how it came to it).

20210831-001

Google says it created a time crystal in a quantum computer

Here is something cool 😎🔬! Google says it has created a time crystal in a quantum computer (and if you do not know what a time crystal is, it is weirder than you think)


20210806-001

Up to 1,500 businesses infected in one of the worst ransomware attacks ever

Interested in understanding how a large scale ransomware attack is performed? Here is a very good article from Ars Technica. A bit technical, definitively scary... so a good read.


20210709-001

Critical CISO Initiatives for the Second Half of 2021

20210703-001

The Lazarus Heist 🎧 Podcast

If you are into podcasts, BBC World is producing a very good series on the hacking group Lazarus and its ties to North Korea. The first episode goes in details through the Sony hack in 2014 as the movie "The Interview" was about to be released. It then moves onto how North Korea uses hacking to finance itself. Very interesting so far.

Pasted Graphic

Stop using your work laptop or phone for personal stuff, because I know you are

20210427

Xinja is now PCI DSS compliant certified

Xinja just got certified PCI DSS compliant! The PCI DSS compliance refers to the technical and operational standards that businesses must follow to secure and protect your credit and payment card data. These standards for compliance are developed and managed by the Payment Card Industry Security Standards Council.

It is a huge milestone for us and, if you ever got through such a certification process, you would know how challenging it is!

To mark the event, we published a short article on how we designed our environments to get compliance. So read more about it below:

20200922-001

Understanding the Payload-Less Email Attacks Evading Your Security Team

Picture 1

Is Australia struggling from a bout of breach fatigue

Another good read this week…


Screen Shot 2019-12-03 at 09.55.39

The rise of the Neobanks: How they challenge traditional banking

Some good reading for the week on how neo banks are going to challenge traditional banking in Australia.

Screen Shot 2019-12-03 at 09.55.56

What will future jobs look like?

A very interesting talk from economist Andrew McAfee on how jobs will change in the future. Yes, droids will take our jobs -- or at least the kinds of jobs we know now. In this far-seeing talk, he thinks through what future jobs might look like, and how to educate coming generations to hold them.

Your inbox is spying on you

It seems that Technology and Privacy still have a long road to go to work hand-in-hand. Security is still - for a lot of organisations - an afterthought and not an inherent part of the design.

"When we built [our company], we focused only on the needs of our customers. We did not consider potential bad actors." 😧

Read more: https://lnkd.in/gRWsFKW

RBA details disaster recovery efforts

Disaster Recovery is a complex exercise. For the few of us who had to manage a crisis and ensure a full recovery of critical business activities, we know that despite all the planning, testing and simulation we have done, there are always elements we did not foresee.

In August 2018, the Reserve Bank of Australia faced a disruption to the power supplying the data centre at one of its site (primary and backup) due to a vendor error. Then multiple factors, from super-high security to plain bad luck, made the recovery difficult, and the bank did not manage to recover within their recovery time objective (RTO).
This article details the extent of the events. It is a very interesting story for everybody interested in continuity and disaster recovery. And also kudo to the RBA for the retrospective analysis of their own efforts, their honesty about what did not go as well as planned, and their transparency in sharing their findings with the rest of the industry.

Is your cybersecurity training reaching the right people?

People attitude toward security is probably the most important factor when it comes to ensure a good Security strategy is in place. Even with the right technical protections, if people do not act carefully, it is not going to work out! So awareness is key. And targeting the right audience is critical to ensure the right outcome. On that topic, ZDNet published an interesting article titled: Is your cybersecurity training reaching the right people?

Want to Take Better Notes? Ditch the Laptop for a Pen and Paper

An interesting read about how using pen and paper helps you to take better notes than using a computer: Want to Take Better Notes? Ditch the Laptop for a Pen and Paper, Says Science

I personally always struggled taking notes on a computer and have been a fierce user of notebooks (especially since I discovered reusable ones). Well now I will have an even better excuse to continue doing so 😄

Tapping into the power of humble narcissism

No, “humble narcissism” is not an oxymoron; it’s a combination of qualities that the best leaders and companies have. Organizational psychologist Adam Grant explains why in this interesting TED article.

How to keep human bias out of AI

As I have recently been working on a new Data Strategy, taking into consideration how Artificial Intelligence (AI) can help us to provide better insights and advises to our customers, it is also the right time to consider the risks associated to such technology. I'm not talking about 🤖 Skynet taking over the world 😉 but how, if not well use, AI can reinforce human bias instead of helping us being better advisors!

Here is a great talk from Kriti Sharma @ TED on how to keep human bias out of AI.

Microsoft is privately testing 'Bali,' a way to give users control of data collected about them

Some cool stuff coming from Microsoft... Microsoft Research is looking to provide users with access to their own 'personal data bank' via its 'Project Bali' effort.

How to break bad management habits before they reach the next generation of leaders

How to break bad management habits before they reach the next generation of leaders | a great talk by Elizabeth Lyle