about me


I’m working in the cybersecurity field since 1998. After studying physics, I’ve been security consultant, project manager of crypto-related stuff, trainer. I set up a pentest activity, made an expedition in sea kayak through Patagonian seas (5 month, without assistance; I wrote a book about this). Then I have been the head of a security operations center (SOC) and of a “IT security Governance and Consulting” team in a large French institution.

I worked in Switzerland, within an international organization, as a cybersecurity expert | specialist.

I’m now CISO of an international group.

Translated into certifications, my double interest for technics and management look like: 2015 GIAC web Application Pentester and 2016 Security/Safety management ESCP certified.

I have been lecturer in several conferences, and teach at the University level (Université Sorbonne Paris Nord and Paris Nanterre).

I am interested in all kind of risks, not only IT risks. And I believe that we do not only have to act well and quickly, when dealing with security. We have to think security. Security isn’t good by nature; security isn’t a “right”; security is not only about reducing risks; security perception is never objective. Security is a way to *handle* risks. And we have to think how we handle things.

This website is up since early 2000.

Myself, wearing the truth about my job