Paul Strauss

Chief Information Risk Officer, Standard Bank



Strauss started his career in 1975 as a signaller in the South African National Defence Force where he developed his interest in technology. He progressed through the ranks to become the senior staff officer responsible for information system security in 1991.

In 1999, he joined the National Traffic Information System as information security officer and after 17 months joined ABSA as information security manager. Strauss was responsible for the drive to elevate information security from a pure technology point of view to a more strategic function. He created the Information Risk Steering Committee and trained 47 local security coordinators to extend information protection initiatives in the lines of business. After a short break as an independent consultant, between 2009 and 2010, he was approached by Standard Bank where he fulfilled the role of Head of Information Security Operations, Head of Cyber Security and Digital Forensics, Head of Group Information Risk and ultimately Chief Information Risk Officer. Strauss currently performs a second-line function, responsible for control assurance, governance, insights and analytics, research and awareness. He is also a firm believer that, no matter the technology, the focus needs to be on information as an asset and protection of the entire information lifecycle, regardless of location, whether in motion or at rest. Strauss also acted as a council representative of the South African chapter for the Information Security Forum for two years and chairperson of the cyber security steering committee at the South African Banking Risk Information Centre for three years.