Africa Summit
October 27 - 28, 2021
This virtual summit's agenda will cover Zero Trust, IAM, Ransomware, Privacy, Fraud, Payments, IoT, Cryptocurrency, End Point Protection, Cloud Security and more.
ISMG's geo-targeted, industry-specific, and topic-driven agendas provide actionable education and exclusive networking opportunities with your peers and our subject matter expert speakers.
Kris Budnik
Group CISO
First Rand Bank
Budnik is group CISO, First Rand Bank. He has 25 years of experience on IT risk management, IT governance and cybersecurity. He has significant experience, both local and global, in information security architecture, information security operations and compliance and risk...
Kerissa Varma
Old Mutual Limited
Varma is the Group CISO at the Old Mutual Limited, one of the largest financial services organizations on the African continent. She manages information security with dispersed teams across Africa. She has a demonstrated history of building and scaling security...
Andrzej Kawalec
Head of Cybersecurity
Vodafone Business
Kawalec, who has more than 20 years of experience, manages the global portfolio of security offerings for Vodafone Business. Prior to joining Vodafone, he was global CTO for security and director of security research at HP and head of strategy...
Itumeleng Makgati
Group Executive- Information Security
Standard Bank Group
Makgati is group executive - information security, for a leading bank in South Aftica. She has close to two decades of expertise gathered in service of the financial Services, metals and mining, petrochemicals and public services industries.
Harrison Nnaji
FirstBank Nigeria
Nnaji is CISO FirstBank, Nigeria. He is an accomplished data and information security strategist and practitioner with more than 15 years of solid experience in the conception, engineering, design, delivery, operation and optimization of cyber, data and information security capabilities,...
Oriyomi Fowler
Head, Information Security & Network Operations
Dangote Industries Limited
Fowler is head of information security and network operations, Dangote Industries. He is an award-winning industry-respected technology enthusiast, author, and speaker. He earned his reputation over a decade of building cybersecurity and privacy programs that drive innovation within the FMCG,...
Charles Kungwane
Group Head, ICT Security, Risk
City of Johannesburg
Professor Snail Ka Mtuze
Part- Time Member
Information Regulator South Africa
Professor Snail Ka Mtuze is the part-time member at the Information Regulator South Africa. He is also a Senior Partner at Snail Attorneys @ Law. He has been recently appointed as Adjunct Professor in the Mercantile Law Department of Nelson...
Ahmed Mokdad
Covington & Burling
Mokdad is an associate at Convington and Burling. he has a depth of experience assisting clients across various sectors navigate and mitigate a broad spectrum of regulatory and compliance risks, with a focus on data protection and information security matters.
Sithembile Songo
Head, Information Security and Risk Management
Public Investment Corporation
Songo is head, information security and risk management, Public Investment Corporation. She has more than 18 years worth of experience in the information security field and played a pivotal role leading, managing, establishing, developing and implementing various information security initiatives,...
Lerato Makgopa
Information Security and Risk Lead
Development Bank of Southern Africa
Makgopa information security and risk lead at Development Bank of Southern Africa. She has more than 10 years of experience in manufacturing, tourism, retail, and banking sector.
Ross Saunders
Ross G Saunders Consulting
Saunders is the virtual CISO for a number of technology and software development organizations. He specializes in data protection and information security, raising awareness and educating staff on what can, and does, go wrong in data protection.
View Agenda
Keynote: Cybersecurity 2022: Evolving a New Enterprise Security Strategy to Tackle the Changing Threat Landscape
Kris Budnik, Group CISO, First Rand Bank

The past two years has resulted in increased digitization across sectors, with the enterprise cybersecurity leaders suddenly finding themselves tasked with defending their largest-ever attack surface. The trend has led to data proliferation, and organizations struggle to handle the sheer volume of data in this new regime. What are the threats to watch and technologies to embrace during the pandemic and beyond, particularly when the abundance of valuable information has captured subversive elements' attention? At the same time, cybercriminals have breached networks and compromised millions of records, not only causing revenue losses but impacting brand reputation? Enterprises consider this decade as the decade of digital trust as the country's top leadership emphasizes cybersecurity to have a tremendous impact on the nation's society and economics.

This session will discuss:

  •  Key priorities for 2022—identity and access management, cloud, data protection, and regulations
  •  A collaborative approach to building skills and techniques to achieve "future-proof" enterprise security
  •  How will fraud and cybersecurity evolve in coming years?
Kris Budnik
  • 09:15 AM
  • 09:45 AM
Plenary: Insider Threat: What Can Enterprises Do to Mitigate Heightened Risk from Insider Threat
Harrison Nnaji, CISO, FirstBank Nigeria

Various reports suggests that 24% of all security breaches occur at financial institutions. And more than half the attacks on these companies come from insiders. Workers in this critical sector have access to valuable customer data. This access makes them a lucrative targets for bad actors. Some insiders are malicious. Many are just careless. And others are compromised by outside attackers who gain access to sensitive data, systems and resources. It’s no wonder that insider threats are such a challenging threat vector. What can FIs do differently to tackle the problem? 

The session will further discuss:
How concepts of zero trust can help fight insider threat
What new technologies are FIs leveraging in other markets
How to predict insider fraud

Harrison Nnaji
  • 09:45 AM
  • 10:14 AM
Fireside Chat with Information Regulator, South Africa, on their Cybersecurity Policies
Professor Snail Ka Mtuze, Part- Time Member, Information Regulator South Africa

In this session we will chat with Prof Snail Ka Mtuze, Part-Time Member, Information Regulator, South Africa on the various initiatives taken by the body to help enterprises in the region tackle the rising cybersecurity challenges.

The session will also address:
Top cybersecurity concerns for South Africa
Cybersecurity roadmap 2022
Data protection and privacy regulations

Professor Snail Ka Mtuze
  • 10:15 AM
  • 10:29 AM
Demystifying South Africa's Protection of Personal Information Act (POPIA)
Ahmed Mokdad, Associate, Covington & Burling
Kerissa Varma, CISO, Old Mutual Limited
Ross Saunders, Director, Ross G Saunders Consulting

Cyberattacks in African countries, especially in the key financial centers of South Africa and Kenya have risen drastically this year. The Protection of Personal Information Act, or POPIA, which entered fully into force in July 2021, promotes the protection of personal information processed by public and private bodies, and introduces significant obligations regarding reporting and notification of data breach incidents. What are leading corporates doing to implement their POPIA compliance programs, and what are the priorities for South Africa's Information Regulator?

The session will discuss:

  •  Practical implementation steps that companies are taking to address POPIA compliance
  •  Priorities for South Africa's Information Regulator
  •  Best practices for data breach response
Ahmed Mokdad
Kerissa Varma
Ross Saunders
  • 10:30 AM
  • 10:59 AM
Zero Trust: Are Enterprises Prepared For It?
Oriyomi Fowler, Head, Information Security & Network Operations, Dangote Industries Limited

A holistic data-centric zero trust approach will keep your data safe, enable digital transformation and allow enterprises to be cost efficient when choosing the right zero trust platform. But how maturely are enterprises in Africa embracing the framework and moreover are they technology ready to apply the framework?

The session will also discuss:

  •  How to use zero trust to guide a hybrid workforce
  •  What one needs to do beyond ZT to actively monitor for threat activity
  •  How to begin your zero trust journey
Oriyomi Fowler
  • 11:00 AM
  • 11:29 AM
Antidotes for Ransomware attacks: Strategy for 2022
Sithembile Songo, Head, Information Security and Risk Management, Public Investment Corporation

Earlier this year, South Africa’s port and rail company was apparently targeted with a strain of ransomware that cybersecurity experts have linked to a series of high-profile data breaches. There have been multiple other cases of ransomware in the region. With ransomware gangs increasingly targeting critical infrastructure, often impacting supply of essentials, how can enterprises fight against this growing menace?

This session will also discuss:

  •  Using right technology and tools to ensure business continuity and protecting the assets
  •  Building resilience against attacks with appropriate risk management strategy
Sithembile Songo
  • 11:45 AM
  • 12:14 PM
Security in the Age of 'You Can't Trust Anything'
Andrzej Kawalec, Head of Cybersecurity, Vodafone Business

Treating security is not just about a series of technical controls, it is much more holistic. As the pandemic continues, concepts such as "Zero Trust" have now become essential. So too in this era of empty offices and working from home is working to secure the lowest common denominators - employees, laptops, home routers, mobile devices.

The session will also discuss:

  •  The importance of focusing not just on technology but also people, reputation, brand and security lowest common denominators
  •  Why organizations need to move from a reliant to a resilient mindset, and essential steps for getting there
  •  Creating norms for out-of-office security incident management and response, and risk assessment
  •  Delivering on the concept of security as a right for all
Andrzej Kawalec
  • 12:15 PM
  • 12:44 PM
CISO Panel on Outlook 2022: How to Address the Top Cyber Concerns
Charles Kungwane, Group Head, ICT Security, Risk , City of Johannesburg
Itumeleng Makgati, Group Executive- Information Security, Standard Bank Group
Lerato Makgopa, Information Security and Risk Lead, Development Bank of Southern Africa

The year saw some high profile cyberattacks. While ransomware and supply chain attacks continued to dominate the headlines, the problem of identity, cloud security as well as risk of third party vendors continue to bother security practitioners. These cybersecurity threats are amplified by phishing attacks, targeted attacks, disruption, distortion, and deterioration. As we are about to end 2021, how do security leaders plan to approach these issues:

A panel of experts discuss:

  •  Threats that concern them the most
  •  How they plan to address the threats
  •  Cybersecurity investments in 2022
Charles Kungwane
Itumeleng Makgati
Lerato Makgopa
  • 01:00 PM
  • 01:29 PM

Speaker Interviews

October 27 - 28, 2021

Africa Summit