Yves leads the Information Protection and Business Resilience team within KPMG’s IT Advisory Services. With more than 20 years of experience in consulting and banking as an information security and IT project manager, he is also the primary point of contact for all things cybersecurity in the financial sector.
Yves helps clients across all industries improve their cybersecurity readiness with a tactical and strategic approach to make sure that controls are effective and efficient. He has led many projects defining the cyber strategy and the corresponding roadmap but has also conducted gap assessments in accordance with various industry standards (NIST, ISO, Cobit, etc.) and/or regulatory requirements. With his vast background and experience in risk management, he helped clients improve their risk management process, and supported them regarding the adequate reporting of cyber risks related to technology, processes, branches or third parties. He also served as an Incident Commander, leading companies through the aftermath of a cyber incident. The scale of these incidents ranged from small to large global incidents with recovery times of several months. Some clients even had him step in and be the CISO's deputy.
He has 7 years of operational experience in Information Security/IT risk management at a large Swiss bank where he was the project manager of a BCM tool deployment, developed a comprehensive cybersecurity policy framework for both internal and third parties and implemented a control assurance based on a holistic control catalog, among other responsibilities. He also continuously improved the risk assessment process, established a centralized IT risk assessment organization for the global bank, assessed applications, infrastructure, and branches of the organization as well as third parties, reported IT risks within the organization and defined key risk indicators for senior management.