Jon-Peter (JP) Haywood
[Heritage Bank]
As Information Security Manager of Australia's largest mutual bank JP’s passion for cyber security pays off, not only for his organisation but for thousands of our members who rely on us to keep their money and information safe.

Having spent 20 years in the banking industry in a number of roles JP understands how security decisions can impact the Bank’s staff and members. During his time at Heritage some of his achievements include setting up a new Information Security team, overseeing the establishment of the Bank’s SIEM and internal SOC as well as being a key player in their CPS 234 compliance program.

JP has contributed to the InfoSec community in a number of ways including founding the SecTalks Toowoomba chapter, speaking at CrikeyCon and being head barista at TuskCon.

Cyber Exposure & Risk Mitigation – a Regional Bank Perspective

Technical Level (3 being the highest score): 1

With a head office location in Toowoomba Queensland, one might be lead to believe that Cyber Security and Risk Management could be a lower priority than our Big brothers in the National Capital Cities. Well, you couldn’t be more wrong, the constant breadth and depth of Cyber attacks is just as prevalent in the regions, and we would argue that there is a greater need for security controls given this common mis-conception.

As a first step to ensuring the appropriate controls are in place, Heritage Bank starts with a foundation of visibility where we are constantly monitoring and mitigating vulnerabilities in Infrastructure, Operating Systems and Applications.

All teams are held to account to ensure that systems are deployed with all of the appropriate controls to manage and protect against known vulnerabilities.

In fact, recently we have commenced a program of work to make it easier for our developers to constantly monitor code releases and to ensure that new applications based on Container architectures are deployed securely. We are building Vulnerability Assessment into our CI/CD pipeline to complement our existing approach to vulnerability management and mitigation at the infrastructure level.

This session will be a discussion on how we approach Cyber Exposure at Heritage Bank sharing details on the tools we are equipped with, as well as the business processes we have adopted. We will also explore the need for stakeholder management and providing visibility to Cyber threats to all members of our technical and management team.

Secure your place now!