Cybersecurity Summit: Africa
Virtual Summit September 22 - 23, 2022
Rapid digitalization in African nations, including South Africa, Nigeria, and Kenya, has triggered a growth in the number of connected devices. This resulted in more people than ever connecting to the internet. According to Internet World Stats, 43% of the total African population of 1.39 billion now have access to the internet. This has opened new gateways for cyberattacks. Earlier this year, a credit reporting giant confirmed a data breach affecting its South African business. According to the African Union Mechanism for Police Cooperation, the region is witnessing a surge in cybercrime, such as ransomware, botnets, SIM swap fraud, phishing, financial cybercrime, etc. The summit will have an accomplished panel of speakers who will share lessons learned, proven strategies, and tried-and-true tactics in cybersecurity. With the experience and perspective of cybersecurity practitioners from across the region, you can expect to build a comprehensive understanding of zero trust implementation, how to prevent SIM swap fraud, the government's cybersecurity roadmap, prevention of insider threats, and much more.
ISMG's agendas provide actionable education and exclusive networking opportunities with your peers and our subject matter expert speakers.
Nastassja Finnegan
Cyber Security Officer
FNB South Africa
Albert Yirenchi Danquah
CISO
Stanbic Bank Ghana
Varsha Sewlal (Conference Chair)
Executive : Legal and Deputy Information Officer
Railway Safety Regulator
Sithembile Songo
Group Head: Information Security
ESKOM HOLDINGS
Geetha Nandikotkur
Managing Editor & Conference Chair, Asia & Middle East
ISMG
Zechariah Akinpelu
Chief Information Security Officer (CISO)
Unity Bank Plc
Julius Torach
Commissioner, Information Technology
Ministry of Information and Communications Technology
Tunde Dada
Group Head IT/BCM
inq. Digital
Dr. (h.c) Bharat Soni
CISO,DPO
GTBank Plc.
Suparna Goswami
Associate Editor
ISMG
Dr. (h.c)Fene Osakwe
Director, Group IT, GRC and Strategy
IHS Towers
Dr. Haji Amirudin Bin Abdul Wahab
CEO
CyberSecurity Malaysia
Dr Wahab is currently the chief executive officer of cybersecurity Malaysia, a strategic agency under the Ministry of Science, Technology, and Innovation (MOSTI). He has more than 20 years of ICT working experience in the telecom and IT sectors in...
Philip Aiwekhoe
Chief Information Security Officer/DPO
NPF Microfinance Bank Plc
Chinenye Chizea
Consulting Security Architect
World Bank and Federal Government of Nigeria, Digital Identification for Development (ID4D) project
Jeremy Grant
Managing Director-Technology Business Strategy
Venable LLP
Grant is a managing director at Venable, where he works with the firm's clientele to develop growth strategies, identify market solutions and advise on policy impacts across the information technology and cybersecurity and government services. In this role, Grant utilizes...
Varsha Sewlal (Conference Chair)
Executive : Legal and Deputy Information Officer
Railway Safety Regulator
Nastassja Finnegan
Cyber Security Officer
FNB South Africa
Albert Yirenchi Danquah
CISO
Stanbic Bank Ghana
Steve Uma
CIO & Head, Information Services and Technology
NSIA Insurance Limited
Kenneth Palliam
President
ISACA South Africa Chapter
View Agenda
Welcome to ISMG's Cybersecurity Summit: Africa
Suparna Goswami, Associate Editor, ISMG
Varsha Sewlal (Conference Chair), Executive : Legal and Deputy Information Officer, Railway Safety Regulator

The summit's objective is to provide education and exclusive networking opportunities for the participants with peers and subject matter experts. The program has been carefully designed with the support and guidance of the 'editorial advisory board,' including senior thought leaders from the region, to capture the regional security challenges that resonate with their current concerns. The editorial advisory board includes:

Conference Chair:  Varsha Sewlal, Executive: Legal and Deputy Information Officer, RAILWAY SAFETY REGULATOR

Advisory Board:

  • Albert Yirenchi Danquah, CISO, Stanbic Bank Ghana  
  • Nastassja Finnegan, Cyber Security Officer, FNB South Africa  
  • Sithembile (Nkosi) Songo, Group Head: Information Security, ESKOM HOLDINGS   
Suparna Goswami
Varsha  Sewlal (Conference Chair)
  • 09:00 AM
  • 09:14 AM
Keynote: An Identity Centric Approach to Cybersecurity: Building on Zero Trust
Jeremy Grant, Managing Director-Technology Business Strategy, Venable LLP

With the IAM framework growing to fame, most practitioners are toying with the idea of using IAM to address their organization’s challenges, including security, trust, risk appetite, and managing the critical business risk to drive more value. How can identity be a business enabler in the digital transformation journey? Some say implementing an IAM framework is complex, and integrating with security is a big task and expensive too.

The session will discuss:

  • Why has the strong password criteria not worked well
  • Why IAM is not about authentication
  • Framework for managing identity that supports ‘zero trust’
Jeremy  Grant
  • 09:15 AM
  • 09:44 AM
Industry 4.0: How to Protect Your Data in This Critical Era
Dr. Haji Amirudin Bin Abdul Wahab, CEO, CyberSecurity Malaysia
Steve Uma, CIO & Head, Information Services and Technology, NSIA Insurance Limited

The interconnected nature of Industry 4.0-driven operations means that cyberattacks can have far more severe impacts than ever before. As enterprises adopt Industry 4.0, they become an increasingly appealing target for attackers who can now move laterally across a network, jumping across IT and OT systems for their malicious activities. With automation accelerating the adoption of IoT devices, are enterprises ready to handle cyber risks from these devices? Do they have enough visibility? 

This session will cover:

  • How to be cyber-ready for Industry 4.0
  • Protecting your data and securing the endpoints
  • How practical is it to have security standardization for Industry 4.0 
Dr. Haji Amirudin Bin Abdul Wahab
Steve  Uma
  • 09:45 AM
  • 10:14 AM
Plenary: Africa Cybersecurity Policy: How Practical is it?
Varsha Sewlal (Conference Chair), Executive : Legal and Deputy Information Officer, Railway Safety Regulator
Julius Torach, Commissioner, Information Technology, Ministry of Information and Communications Technology

The European Union has the GDPR - a common privacy law across the region. Most regions have not been able to replicate GDPR – a common privacy law. The United States too has not been able to agree upon a common privacy law. Regulators of various countries in Africa want to see a common cybersecurity law. How practical is it and what are some of the roadblocks to forming a common policy? 

The session will also discuss:

  • How practical is it to have a common cybersecurity law
  • From where should one begin and factors to consider
  • The roadblocks and how to address them 
Varsha  Sewlal (Conference Chair)
Julius  Torach
  • 10:15 AM
  • 10:45 AM
Cloud Security With Zero Trust: A Strategic Approach
Albert Yirenchi Danquah, CISO, Stanbic Bank Ghana

It has been predicted that public cloud services will grow and reach a record $420 billion by 2022. The massive increase in cloud adoption has motivated cybercriminals to target the cloud environments where most data resides now. Around mid-2021, the International Data Corporation (IDC) surveyed 200 CISOs and reported that nearly 98% of the companies had experienced at least one cloud security breach. What is the best way to secure your cloud without disrupting the user experience?

The session will cover: 

  • The state of cloud security in 2022
  • Does zero trust in the cloud need a different approach?
  • The roadmap for the zero trust journey
Albert  Yirenchi Danquah
  • 10:45 AM
  • 11:17 AM
Mobile Application Security: Getting Ahead of Criminals
Tunde Dada, Group Head IT/BCM, inq. Digital
Zechariah Akinpelu, Chief Information Security Officer (CISO), Unity Bank Plc

The latest statistics by the IDC show that smartphone vendors shipped a total of 19.7 million smartphones across Africa in the first quarter of 2022. More users than ever before rely on mobile applications compared to traditional desktop applications for a majority of their digital tasks. High-profile data thefts like the Snapchat user database indicate serious security concerns for apps that are used by millions.

 This session will cover:

  • Threats from mobile application vulnerability
  • Best practices to develop secure mobile apps
  • Best identity verification and authentication practices
Tunde Dada
Zechariah  Akinpelu
  • 11:15 AM
  • 11:45 AM
Are CISOs Seeing Value of XDR? An Implementation Strategy
Philip Aiwekhoe, Chief Information Security Officer/DPO, NPF Microfinance Bank Plc

Today, extended detection and response (XDR)’s adoption among enterprises is at 5% and is predicted to increase to 40% by 2027. CISOs from leading organizations are commencing XDR implementations to keep up with the evolving threat landscape. Along with the rapid adoption of XDR, there is often a lack of clarity about best practices.

 This session will cover:

  • Rethinking existing security tools
  • The key questions CISOs must consider as they look to adopt XDR
  • How to increase SOC efficiency and the value of your existing security stack
Philip  Aiwekhoe
  • 12:00 PM
  • 12:29 PM
Panel: Third-Party Risk Management: How to Evolve a Program
Kenneth Palliam, President, ISACA South Africa Chapter
Dr. (h.c)Fene Osakwe, Director, Group IT, GRC and Strategy, IHS Towers
Dr. (h.c) Bharat Soni, CISO,DPO, GTBank Plc.
Chinenye Chizea, Consulting Security Architect, World Bank and Federal Government of Nigeria, Digital Identification for Development (ID4D) project

With breaches involving third-party vendors regularly making the headlines, most companies have become aware of the risks created by this extended attack surface — often because they have been victims themselves. By following the right path, security and risk leaders can feel confident in their approach to managing the cyber risk posed by third parties.

 This session will cover:

  • How third-party risk environment has evolved
  • What is needed for an effective risk management program
  • The challenges of implementing a third-party risk management program
Kenneth Palliam
Dr. (h.c)Fene  Osakwe
Dr. (h.c) Bharat  Soni
Chinenye Chizea
  • 12:30 PM
  • 12:59 PM
How Can CIO and CISO Collaborate for a Shared Vision
Nastassja Finnegan, Cyber Security Officer, FNB South Africa

The session discusses how to get a CIO and the CISO work on a common goal to facilitate the continued success of their organization. Where is the disconnect and how can these gaps be addressed? 

  • Understanding the CIO’s challenges and technology aspirations
  • The importance of utilising the same taxonomy and risk metrics
  • Benefits of converting security operations into a service delivery function
Nastassja Finnegan
  • 01:15 PM
  • 01:46 PM

Rapid digitalization in African nations, including South Africa, Nigeria, and Kenya, has triggered a growth in the number of connected devices. This resulted in more people than ever connecting to the internet. According to Internet World Stats, 43% of the total African population of 1.39 billion now have access to the internet. This has opened new gateways for cyberattacks. Earlier this year, a credit reporting giant confirmed a data breach affecting its South African business. According to the African Union Mechanism for Police Cooperation, the region is witnessing a surge in cybercrime, such as ransomware, botnets, SIM swap fraud, phishing, financial cybercrime, etc. The summit will have an accomplished panel of speakers who will share lessons learned, proven strategies, and tried-and-true tactics in cybersecurity. With the experience and perspective of cybersecurity practitioners from across the region, you can expect to build a comprehensive understanding of zero trust implementation, how to prevent SIM swap fraud, the government's cybersecurity roadmap, prevention of insider threats, and much more.
ISMG's agendas provide actionable education and exclusive networking opportunities with your peers and our subject matter expert speakers.

Nastassja Finnegan
Cyber Security Officer
FNB South Africa
Albert Yirenchi Danquah
CISO
Stanbic Bank Ghana
Varsha Sewlal (Conference Chair)
Executive : Legal and Deputy Information Officer
Railway Safety Regulator
Sithembile Songo
Group Head: Information Security
ESKOM HOLDINGS

Geetha Nandikotkur
Managing Editor & Conference Chair, Asia & Middle East
ISMG
Zechariah Akinpelu
Chief Information Security Officer (CISO)
Unity Bank Plc
Julius Torach
Commissioner, Information Technology
Ministry of Information and Communications Technology
Tunde Dada
Group Head IT/BCM
inq. Digital
Dr. (h.c) Bharat Soni
CISO,DPO
GTBank Plc.
Suparna Goswami
Associate Editor
ISMG
Dr. (h.c)Fene Osakwe
Director, Group IT, GRC and Strategy
IHS Towers
Dr. Haji Amirudin Bin Abdul Wahab
CEO
CyberSecurity Malaysia
Dr Wahab is currently the chief executive officer of cybersecurity Malaysia, a strategic agency under the Ministry of Science, Technology, and Innovation (MOSTI). He has more than 20 years of ICT working experience in the telecom and IT sectors in...
Philip Aiwekhoe
Chief Information Security Officer/DPO
NPF Microfinance Bank Plc
Chinenye Chizea
Consulting Security Architect
World Bank and Federal Government of Nigeria, Digital Identification for Development (ID4D) project
Jeremy Grant
Managing Director-Technology Business Strategy
Venable LLP
Grant is a managing director at Venable, where he works with the firm's clientele to develop growth strategies, identify market solutions and advise on policy impacts across the information technology and cybersecurity and government services. In this role, Grant utilizes...
Varsha Sewlal (Conference Chair)
Executive : Legal and Deputy Information Officer
Railway Safety Regulator
Nastassja Finnegan
Cyber Security Officer
FNB South Africa
Albert Yirenchi Danquah
CISO
Stanbic Bank Ghana
Steve Uma
CIO & Head, Information Services and Technology
NSIA Insurance Limited
Kenneth Palliam
President
ISACA South Africa Chapter

View Agenda
Welcome to ISMG's Cybersecurity Summit: Africa
Suparna Goswami, Associate Editor, ISMG
Varsha Sewlal (Conference Chair), Executive : Legal and Deputy Information Officer, Railway Safety Regulator

The summit's objective is to provide education and exclusive networking opportunities for the participants with peers and subject matter experts. The program has been carefully designed with the support and guidance of the 'editorial advisory board,' including senior thought leaders from the region, to capture the regional security challenges that resonate with their current concerns. The editorial advisory board includes:

Conference Chair:  Varsha Sewlal, Executive: Legal and Deputy Information Officer, RAILWAY SAFETY REGULATOR

Advisory Board:

  • Albert Yirenchi Danquah, CISO, Stanbic Bank Ghana  
  • Nastassja Finnegan, Cyber Security Officer, FNB South Africa  
  • Sithembile (Nkosi) Songo, Group Head: Information Security, ESKOM HOLDINGS   
Suparna Goswami
Varsha  Sewlal (Conference Chair)
  • 09:00 AM
  • 09:14 AM
Keynote: An Identity Centric Approach to Cybersecurity: Building on Zero Trust
Jeremy Grant, Managing Director-Technology Business Strategy, Venable LLP

With the IAM framework growing to fame, most practitioners are toying with the idea of using IAM to address their organization’s challenges, including security, trust, risk appetite, and managing the critical business risk to drive more value. How can identity be a business enabler in the digital transformation journey? Some say implementing an IAM framework is complex, and integrating with security is a big task and expensive too.

The session will discuss:

  • Why has the strong password criteria not worked well
  • Why IAM is not about authentication
  • Framework for managing identity that supports ‘zero trust’
Jeremy  Grant
  • 09:15 AM
  • 09:44 AM
Industry 4.0: How to Protect Your Data in This Critical Era
Dr. Haji Amirudin Bin Abdul Wahab, CEO, CyberSecurity Malaysia
Steve Uma, CIO & Head, Information Services and Technology, NSIA Insurance Limited

The interconnected nature of Industry 4.0-driven operations means that cyberattacks can have far more severe impacts than ever before. As enterprises adopt Industry 4.0, they become an increasingly appealing target for attackers who can now move laterally across a network, jumping across IT and OT systems for their malicious activities. With automation accelerating the adoption of IoT devices, are enterprises ready to handle cyber risks from these devices? Do they have enough visibility? 

This session will cover:

  • How to be cyber-ready for Industry 4.0
  • Protecting your data and securing the endpoints
  • How practical is it to have security standardization for Industry 4.0 
Dr. Haji Amirudin Bin Abdul Wahab
Steve  Uma
  • 09:45 AM
  • 10:14 AM
Plenary: Africa Cybersecurity Policy: How Practical is it?
Varsha Sewlal (Conference Chair), Executive : Legal and Deputy Information Officer, Railway Safety Regulator
Julius Torach, Commissioner, Information Technology, Ministry of Information and Communications Technology

The European Union has the GDPR - a common privacy law across the region. Most regions have not been able to replicate GDPR – a common privacy law. The United States too has not been able to agree upon a common privacy law. Regulators of various countries in Africa want to see a common cybersecurity law. How practical is it and what are some of the roadblocks to forming a common policy? 

The session will also discuss:

  • How practical is it to have a common cybersecurity law
  • From where should one begin and factors to consider
  • The roadblocks and how to address them 
Varsha  Sewlal (Conference Chair)
Julius  Torach
  • 10:15 AM
  • 10:45 AM
Cloud Security With Zero Trust: A Strategic Approach
Albert Yirenchi Danquah, CISO, Stanbic Bank Ghana

It has been predicted that public cloud services will grow and reach a record $420 billion by 2022. The massive increase in cloud adoption has motivated cybercriminals to target the cloud environments where most data resides now. Around mid-2021, the International Data Corporation (IDC) surveyed 200 CISOs and reported that nearly 98% of the companies had experienced at least one cloud security breach. What is the best way to secure your cloud without disrupting the user experience?

The session will cover: 

  • The state of cloud security in 2022
  • Does zero trust in the cloud need a different approach?
  • The roadmap for the zero trust journey
Albert  Yirenchi Danquah
  • 10:45 AM
  • 11:17 AM
Mobile Application Security: Getting Ahead of Criminals
Tunde Dada, Group Head IT/BCM, inq. Digital
Zechariah Akinpelu, Chief Information Security Officer (CISO), Unity Bank Plc

The latest statistics by the IDC show that smartphone vendors shipped a total of 19.7 million smartphones across Africa in the first quarter of 2022. More users than ever before rely on mobile applications compared to traditional desktop applications for a majority of their digital tasks. High-profile data thefts like the Snapchat user database indicate serious security concerns for apps that are used by millions.

 This session will cover:

  • Threats from mobile application vulnerability
  • Best practices to develop secure mobile apps
  • Best identity verification and authentication practices
Tunde Dada
Zechariah  Akinpelu
  • 11:15 AM
  • 11:45 AM
Are CISOs Seeing Value of XDR? An Implementation Strategy
Philip Aiwekhoe, Chief Information Security Officer/DPO, NPF Microfinance Bank Plc

Today, extended detection and response (XDR)’s adoption among enterprises is at 5% and is predicted to increase to 40% by 2027. CISOs from leading organizations are commencing XDR implementations to keep up with the evolving threat landscape. Along with the rapid adoption of XDR, there is often a lack of clarity about best practices.

 This session will cover:

  • Rethinking existing security tools
  • The key questions CISOs must consider as they look to adopt XDR
  • How to increase SOC efficiency and the value of your existing security stack
Philip  Aiwekhoe
  • 12:00 PM
  • 12:29 PM
Panel: Third-Party Risk Management: How to Evolve a Program
Kenneth Palliam, President, ISACA South Africa Chapter
Dr. (h.c)Fene Osakwe, Director, Group IT, GRC and Strategy, IHS Towers
Dr. (h.c) Bharat Soni, CISO,DPO, GTBank Plc.
Chinenye Chizea, Consulting Security Architect, World Bank and Federal Government of Nigeria, Digital Identification for Development (ID4D) project

With breaches involving third-party vendors regularly making the headlines, most companies have become aware of the risks created by this extended attack surface — often because they have been victims themselves. By following the right path, security and risk leaders can feel confident in their approach to managing the cyber risk posed by third parties.

 This session will cover:

  • How third-party risk environment has evolved
  • What is needed for an effective risk management program
  • The challenges of implementing a third-party risk management program
Kenneth Palliam
Dr. (h.c)Fene  Osakwe
Dr. (h.c) Bharat  Soni
Chinenye Chizea
  • 12:30 PM
  • 12:59 PM
How Can CIO and CISO Collaborate for a Shared Vision
Nastassja Finnegan, Cyber Security Officer, FNB South Africa

The session discusses how to get a CIO and the CISO work on a common goal to facilitate the continued success of their organization. Where is the disconnect and how can these gaps be addressed? 

  • Understanding the CIO’s challenges and technology aspirations
  • The importance of utilising the same taxonomy and risk metrics
  • Benefits of converting security operations into a service delivery function
Nastassja Finnegan
  • 01:15 PM
  • 01:46 PM

Speaker Interviews

September 22 - 23, 2022

Cybersecurity Summit: Africa