Denis LASMAN
Cybersecurity Director / Cyber Governance Expert
PARIS (75012) France
Professional Status
Entrepreneur
Open to opportunities
About Me
Cybersecurity and risk management expert with over 20 years of experience helping organizations secure their information systems and master digital risks. My career combines strategic corporate responsibilities — notably as CIO and CISO in critical international environments — with institutional expertise at ANSSI on governance and security accreditation topics.
Founder of ISOTOPIC, I now work with private organizations to translate regulatory and normative requirements (ISO 27001, risk management, compliance) into pragmatic, effective, and lasting security frameworks. Certified CISSP and ISO 27001 Lead Implementer, I stand out for my field-oriented approach, combining strategic vision, methodological rigor, and operational effectiveness.
Because cybersecurity is not just a matter of technology — it is, above all, a human story.
Founder of ISOTOPIC, I now work with private organizations to translate regulatory and normative requirements (ISO 27001, risk management, compliance) into pragmatic, effective, and lasting security frameworks. Certified CISSP and ISO 27001 Lead Implementer, I stand out for my field-oriented approach, combining strategic vision, methodological rigor, and operational effectiveness.
Because cybersecurity is not just a matter of technology — it is, above all, a human story.
Company Founder & Information Security Consultant
isotopic.fr
Since August 2022
- Information security consultant specializing in risk assessments and ISO 27001, NIS2, and security accreditation.
- Interim CISO
- Supporting organizations in their cybersecurity projects.
- Trainer: cybersecurity, IT risk management, EBIOS RM, and security accreditation.
- Design and delivery of IT security awareness programs.
- Designer and facilitator of crisis simulation exercises.
Head of Cyber Risk Management Division
ANSSI
December 2022
to December 2025
- Representative of the national authority (ANSSI) in security accreditation processes. Guarantor of the risk analysis method (EBIOS RM).
- Supporting public and private stakeholders in their accreditation and risk analysis initiatives.
- Lead author of the ANSSI "The security accreditation guide for information systems" (https://messervices.cyber.gouv.fr/guides/the-security-accreditation-guide-for-information-systems)
- Contributing to the development of doctrines, frameworks, and guides on digital risk management.
- Management of the ANSSI Cyber Risk Management team.
- ANSSI liaison officer to the Ministry of the Interior during the 2024 Paris Olympic & Paralympic Games.
Teacher (ISO 27001, EBIOS RM, Security Accreditation, Cybersecurity Overview)
Master et MBA
Since 2022
- Teaching for SUPINFO, the School of Economic Warfare (EGE), the ANSSI Training Center (CFSSI), and HS2.
- Member of the EBIOS RM trainers' network. PECB-listed instructor.
IT Director / CISO
Smiths plc
June 2006
to July 2022
Full-time
Paris
France
- Internal service delivery management for 8,000+ users across the EMEA and APAC regions.
- Director of Smiths Group's network support team (400 sites worldwide); responsible for setting up and operating the NOC.
- Defined and implemented the cybersecurity strategy for the French site, achieving the first ISO 27001 certification.1.
- Oversaw global system migrations (Windows, Office upgrades, etc.) and solution deployments (hardware, mobility, printing).
- Responsible for infrastructure architecture and installation at new sites.
- Created and developed the IT competency center in India (~30 staff).
Infrastructure Manager
Groupama
June 2001
to May 2006
Full-time
Paris
France
- Management of the Systems and Network team.
- System migrations; implementation of network security platforms.
- Design and deployment of VoIP across all sites.
- Organization and setup of a call center.
- Development and deployment of business applications.
- Participation in merger studies.
Freelancer
Lasman
June 1991
to May 2001
Freelancer
Paris
France
- Design of business applications across multiple sectors: banking, insurance, industry, and services.
- Consulting in architecture, training, and organizational design.
- Website development.
- Cyber risk analysis & management (EBIOS RM)
- Security accreditation
- ISO27001
- Awareness and certification
- Budget management (multiple companies / World))
- Outsourcing (India)
- Security by design
- Secure system & network architecture
- On-site and remote team management
- French & Anglo-Saxon business environments
- France, Europe, NATO
- LLM, prompt engineering, code, design
- Microsoft server and endPoints
- Azure
- .net, HTML/CSS, php , C#
- LAN / WAN / Interconnections / Sécurité / Cisco / Firewall
- Meraki
- English - TOEIC 905 (2006) - daily professional use
International cybersecurity certification validating advanced, comprehensive competencies in information systems security.
https://www.credly.com/badges/0c911e6f-a899-4a82-902a-88616aace0dd
https://www.credly.com/badges/0c911e6f-a899-4a82-902a-88616aace0dd
Certifié ISO27001 Implementer
Since 2020
Professional certification validating the ability to implement and manage an Information Security Management System (ISMS) in accordance with ISO/IEC 27001.
https://www.credly.com/badges/84d3c406-f7f7-4b39-9497-6a6585fa982e
https://www.credly.com/badges/84d3c406-f7f7-4b39-9497-6a6585fa982e
Focused on competitive intelligence as a strategic asset — geopolitical, economic, technical, and legislative awareness to protect organizations against intrusion, acquisition, manipulation, and theft risks.
Designed to equip crisis managers with operational response frameworks for increasingly complex adverse events affecting organizations.