In a recent interview, Jean-Baptiste Bres, the Australian CISO of HSBC, discussed the challenges of implementing a zero-trust model and the importance of observability and supply chain security.

Bres highlighted that while zero-trust is great in theory, it is difficult to implement in large organisations with complex environments that have been in place for years. Bres also emphasised that observability is critical and that supply chain security is a key threat today.

The challenge is that it takes a lot of time and effort to cover this area, particularly in organisations with hundreds and thousands of software solutions from different suppliers. Bres hopes that solutions will come soon to help organisations analyse all these sources and identify weak points.

Bres also discussed the role of role definitions and access rights in implementing zero-trust. While having well-defined business profiles is not new, zero-trust is not just about access rights; it is also about how systems communicate with each other.

Bres suggests that the best approach is to apply zero-trust to everything new, while the challenge is to migrate the systems that have been running for ten to fifteen years. Bres also highlighted that organisations will continue to live in a hybrid mode for quite some time.

Jean-Baptiste Bres provides valuable insights into the challenges of implementing zero-trust and the importance of observability and supply chain security.

The interview underscores the need for organisations to take a risk-based approach and to invest time and effort in migrating to zero-trust while continuing to focus on security best practices.

Jean-Baptise Bres will join Security Edge to debate best practices for Crisis Preparation and a Resilient Risk Culture with 120 top Chief Security Officers.

Contributors
Peter Hind Principal Research Analyst at ADAPT
One of the ICT industry’s foremost analysts and commentators, Peter Hind has spent over 25 years advising and talking on topics across... More

One of the ICT industry’s foremost analysts and commentators, Peter Hind has spent over 25 years advising and talking on topics across the technology industry. His primary areas of interest are the potential of technology to transform the way organisations operate, the change management obstacles executives encounter in realising this potential, as well as the tactics and techniques leaders have deployed to overcome these difficulties.​

With roles across IDC, Unisys, NCR, Sigma Data, and others, Peter now takes on multiple roles within ADAPT including the moderation of private events and roundtables, interviewing business executives about the strategies they are pursuing and assisting with the structuring of delegate surveys.​

Less
Jean-Baptiste Bres Chief Information Security Officer (CISO) at HSBC
Jean-Baptiste (“JB”) is an experienced Chief Information Security Officer (CISO) with a successful 20-year track record in Information Security, Risk Management and... More

Jean-Baptiste (“JB”) is an experienced Chief Information Security Officer (CISO) with a successful 20-year track record in Information Security, Risk Management and Project Management.

JB especially has a strong experience in implementing or reinforcing Information Security strategy and frameworks in heavily regulated environments in Australia and Europe.

Less
Security