Africa CISO Summit
March 20 - 21, 2024
Radisson Blu Upperhill, Nairobi
welcome
The Africa CISO Summit
As the digital landscape evolves, the Africa CISO Summit emerges as a critical nexus for cybersecurity thought leadership in the region. This summit, a convergence point for over 200 key decision-makers from across Africa, represents a strategic opportunity in a market where cybersecurity investments are seeing a robust upward trajectory. The African cybersecurity market, is poised for a 11.7% resulting in a market volume of US$3.54bn by 2028, presenting an unparalleled opportunity for sponsors to capitalize on emerging trends and influence key industry stakeholders.
Speaker List
Privacy is not for sale. It is a valuable asset to protect. Threat is a mirror of security gaps. Cyber-threat is mainly a reflection of our weaknesses. An accurate vision of digital and behavioral gaps is crucial for consistent cyber-resilience.
topics
Topics and Themes
Cyber Threats, Incident Management, and Resilience
Digital Transformation and Cybersecurity Challenges
Data Protection, Privacy and Workforce Development
The Future of Identity and Access Management
Cybersecurity Metrics and Reporting
audience
Target Audience
Chief Information Security Officers (CISOs)
Chief Information Officers (CIOs)
IT Security Managers and Directors
Risk Management Officers
Compliance and Regulatory Officers
Data Protection Officers (DPOs)
Government Officials and Policy Makers
Speakers
Speakers
David Mugonyi, EBS
Director General, Communications Authority of Kenya (CA)
David Mugonyi, EBS
Director General, Communications Authority of Kenya (CA)
Mr. David Mugonyi is the Director General and Chief Executive Officer of the Communications Authority of Kenya (CA). He assumed office on January 15th, 2024. Mr. Mugonyi has over 20 years of experience in leadership roles spanning public service, media, and strategic communications. Prior to his appointment, Mr. Mugonyi served in various capacities, including leading strategic communications for the Government of Kenya for over a decade. As the Head of the Presidential Communications Service, he played a pivotal role as the primary advisor on communications, perception and reputation management at the highest level in the Republic of Kenya. Mr. Mugonyi had a stellar career in the media, starting as a reporter and rising through the ranks to senior editorial roles at Kenya's leading media house, the Nation Media Group.
Harry Hare
Co-Founder and Chairman, dx5
Harry has 25 years of experience in the tech industry. He's the founder and the Executive Director of Kenya-founded DEMO Africa, a launchpad for emerging technologies and trends on the continent. He's also the Co-founder and Director of the African eDevelopment Resource Centre; Co-founder and Director of the Events Management Solutions.
Rodgers Mumelo
SO-KE CIRT, Communications Authority of Kenya (CA)
Asher Geffen
Advisor and Commercial Lead, Plena Solutions Ltd
Evan Miriti
Security Specialist, Trans Business Machines (TBM)
Wilson Maina
Security Specialist, Trans Business Machines (TBM)
Brian Mwau
Business Development Coordinator, Two Rivers Innternational Finance & Innovation Centre
Brian Mwau is a dedicated and results-driven professional with a robust background in business development, leadership, and strategic planning. His journey, from intern at Kenya Trade Network Agency (KENTRADE) to General Manager at Scraj Homes Limited, reflects his commitment to growth and innovation. As the Ajiry Program Lead at Tribus-TSG, a subsidiary of Centum Investment PLC, Brian has demonstrated his passion for technology and social impact. Notable achievements include securing a USD 2.19M Mastercard Foundation Grant, fostering public-private partnerships, and successfully executing the Zero Contact Food Distribution System during the COVID-19 pandemic.
Paul Macharia
Manager - Technology Advisory and Business Intelligence, BDO East Africa
Paul Macharia is a distinguished IT consultant with over 12 years of industry experience. He holds a BSc. in Business Information Systems from the University of Nairobi and is currently pursuing an MSc. in Information Security & Digital Forensics from the University of East London. He is a Certified Information Systems Auditor (CISA) demonstrating his expertise in auditing, control, and assurance of information systems. Additionally, his proficiency in ethical hacking is underscored as a Certified Ethical Hacker (CEH), ensuring his adeptness in identifying and addressing cybersecurity vulnerabilities. Further solidifying his credentials in cloud computing, Paul is a Certified Cloud Practitioner (AWS - Cloud), equipped to leverage cloud technologies effectively. He is also a Certified Forensic Investigation Practitioner (CFIP), showcasing his specialized skills in forensic investigation techniques.
Andrew Mecca
Solutions Architect, Safaricom Plc
Andrew is a seasoned Strategic Product and Solutions Lead with over 15 years of extensive experience in consulting, delivery, and management of digital transformation initiatives. Throughout their career, Mecca has demonstrated a strong track record of driving transformational digital experiences, leveraging data and insights to deliver impactful solutions. Having worked with a diverse range of clients and stakeholders, Mecca brings a wealth of knowledge in navigating the complexities of digital transformation projects.
Moderator
Patricia Jepkoech
Manager - Cybersecurity Incident Response, Safaricom PLC
agenda
Agenda
-
March 20, 2024
Cybersecurity Leadership and Risk Management
-
March 21, 2024
Application Security and Cybersecurity Operations
08:00 AM - 10:00 AM
Registration and Welcome Coffee
10:00 AM - 10:10 AM
Opening Remarks
Andrew Karanja
Director, dx5
speaker
10:10 AM - 10:40 AM
Official Opening
David Mugonyi, EBS
Director General, Communications Authority of Kenya (CA)
speaker
10:40 AM - 11:00 AM
Keynote
Emerging Cybersecurity Trends in Africa
Richard Muthua
Executive Head - Cloud and Security, Liquid C2
speaker
11:00 AM - 11:30 AM
Keynote
The Art of Cyber War: Lessons in Leadership From Real-World Cyber Attacks
This explores the strategic and tactical elements of warfare within the digital realm. It analyzes past cyber attacks to extract valuable leadership lessons for defending against and potentially launching future cyber operations.
Engr Harrison Nnaji
Group CISO, FirstBank Nigeria
speaker
11:30 AM - 12:00 PM
Tea Break
12:00 PM - 12:35 PM
Panel Discussion
Leadership in Times of Crisis: Managing Cybersecurity During Major Incidents
Leaders must make rapid, critical decisions to protect digital assets when a major cyber attack occurs. It requires an emphasis on strategies for responding to the crisis while minimising damage.
Joseph Mathenge
Chief Operations Officer, Serianu Ltd
moderator
Tim Theuri
CISO, M-Pesa Africa
panelist
Sammy Ongalo
CIO and Head - Innovation and Technology, Anjarwalla & Khanna (ALN)
panelist
Sithembile Songo
Group Head - Information Security, National State-Owned Entity
panelist
Daniel Wakori
Technical Solutions Specialist - Cybersecurity, Liquid C2
panelist
12:35 PM - 12:50 PM
Navigating the Evolving Cyber Threat Landscape
Cybersecurity threats are constantly changing – think of new viruses, more advanced hacking techniques, and unexpected targets. There is a need for individuals and organisations to stay informed about these shifts in the threat landscape.
The goal is to continuously adapt security strategies to maintain protection in this ever-evolving digital world.
Ronald Ngugi Maina
Security Specialist, Trans Business Machines (TBM)
speaker
12:50 AM - 01:05 PM
Unveiling the Invisible: AI's Role in Real-Time Threat Intelligence
This explores how artificial intelligence (AI) transforms cybersecurity by swiftly detecting and analysing hidden threats. Leveraging vast data streams, AI algorithms provide real-time insights, empowering organizations to proactively defend against evolving cyber risks. This presentation illuminates AI's pivotal role in fortifying cyber resilience through advanced threat intelligence.
Nancy Nderi
Regional Sales Manager - East, West and Central Africa, Cyble Inc.
speaker
01:05 PM - 02:30 PM
Lunch
02:00 PM - 02:25 PM
Cyber Resilience: Preparing for the Inevitable Breach
Rodgers Mumelo
SO-KE CIRT, Communications Authority of Kenya (CA)
speaker
02:25 PM - 03:00 PM
Fireside Chat
Fireside Chat
Cyber resilience is a mindset that shifts away from the idea of perfect prevention and instead focuses on preparation for the inevitable cybersecurity breach. It is how organisations remain operational and protect critical assets even when facing a cyber attack.
Mbugua Njihia
Venture Builder and Solution Architect, Gruppo Potente
moderator
Engr Harrison Nnaji
Group CISO, FirstBank Nigeria
panelist
03:00 PM - 03:25 PM
Machine Learning and Predictive Analytics in Cyber Risk Management
This pair are revolutionising cybersecurity by harnessing the power of data. These tools analyse patterns and historical data to identify potential threats before they strike, uncovering vulnerabilities that traditional methods may miss. This proactive approach strengthens defenses and allows for more informed risk management decisions.
Russel Okoth
CISO (US), Principal Consultant, Cyberdiligent
speaker
03:25 PM - 04:00 PM
Panel Discussion
The CISO’s Dilemma: Balancing Cybersecurity With Business Innovation
CISOs face the challenge of maintaining strong cybersecurity without hindering the company's ability to innovate and grow. New technologies often introduce potential security risks, forcing CISOs to carefully weigh the benefits of innovation against the need to protect sensitive data and systems. This balancing act requires constant vigilance and collaboration between security teams and business leaders.
Michelle Kuria
Regional Marketing Manager, ESET East Africa
moderator
Daniel Adaramola
CISO, SunTrust Bank Nigeria Ltd (NG)
panelist
Aprielle Oichoe
Senior Advisor Africa, Center for Strategic Cyberspace and International Studies
panelist
William Makatiani
Founder and CEO, Serianu Ltd
panelist
Shalom Onyibe
CISO, UBA Kenya
panelist
04:00 PM - 04:30 PM
Tea Break
04:30 PM - 05:30 PM
Breakout
Roundtable Discussions
-
The Future of Identity and Access Management (IAM) in Protecting Corporate Assets
-
Cybersecurity Metrics and Reporting: Communicating Value and Risk to the Board
IAM will play a central role in securing the expanding digital landscape of businesses. Advanced IAM solutions will leverage technologies like AI and biometrics for more robust authentication and authorisation. The goal is a frictionless yet secure experience for users, enabling streamlined access to necessary resources while protecting sensitive corporate data.
Victor Paul
Software Development Lead, dx5
moderator
Duncan Omani
Chief Information Security Officer, Access Bank Kenya Plc.
panelist
Noam Krakover
CRO - Cyber Division, IAI/Elta Systems Ltd
panelist
Kevin Tuei
Cloud and Cybersecurity Consultant
panelist
Jothi Murugan
Strategic Account Manager, ManageEngine (ZOHO)
panelist
Selecting the right cybersecurity data to track (metrics) and presenting it to company leadership (the board) in a clear and understandable way cannot be overestimated. Sound reporting helps the board grasp the importance of cybersecurity investments and understand the level of risk the company faces. This is crucial for securing resources and aligning cybersecurity goals with overall business strategy.
Carol Odero
Head of Content, dx5
moderator
Thelma Kganagka
Group CISO, Equity Group Holdings Plc (KE)
panelist
Anthony Muiyuro
Partner, Risk Advisory and Cybersecurity Leader, Deloitte (KE)
panelist
Laban Nyarera
CISO, Family Bank Ltd
panelist
Lawrence Muchilwa
Head of Information Security, Governance, Risk and Compliance, Silensec
panelist
Dr Kenneth Riany
Manager – ICT, KMTC
panelist
08:00 AM - 09:30 AM
Registration
09:30 AM - 10:30 AM
Get Hacked! Inside the Mind of a Hacker: See a Live Hacking Demo and Stay One Step Ahead
Bright Gameli Mawudor
Founder, AfricaHackon
speaker
10:30 AM - 11:00 AM
Keynote
Balancing Risk and Innovation in Cybersecurity
Businesses need to embrace new technologies to remain competitive, but these innovations often introduce new cybersecurity risks. The challenge lies in finding a balance between adopting beneficial technologies and implementing the necessary security measures to protect those technologies. Successful cybersecurity in this context means carefully assessing risks and continuously adapting security strategies to match a changing digital environment.
Celia Mantshiyane
Chief Information Security Officer, MTN South Africa
speaker
11:00 AM - 11:35 AM
Tea Break
11:35 AM - 12:10 PM
Panel Discussion
The Future-Forward Approach to Data Privacy and Security
An approach focusing on proactive and adaptable strategies to protect sensitive information in a dynamic digital landscape. It recognises that as technology and regulations change, security solutions must evolve too. Key elements include ongoing risk assessment, robust encryption, user privacy controls, and continuous education to counter potential threats and ensure compliance with privacy laws.
Ken Mbuki
Business Intelligence Specialist, Moringa School
moderator
Celia Mantshiyane
Chief Information Security Officer, MTN South Africa
panelist
Angela Ngava
ICT Risk Manager, National Bank of Kenya (KE)
panelist
Hartnell Ndungi
CDO, Absa Bank Kenya (KE)
panelist
Paul Macharia
Manager - Technology Advisory and Business Intelligence, BDO East Africa
panelist
12:10 PM - 12:30 PM
The Threat of Rogue Devices in Organisations
Rogue devices represent a significant risk to organisations. They can introduce malware, leading to the theft of sensitive data or unauthorised network access. Unmanaged rogue devices also strain network resources, impacting productivity. Additionally, they expose a company to fines and legal consequences for failing to meet security regulations.
Sunday McDickson Samuel
CEO, SMSAM Systems Ltd
speaker
12:30 PM - 02:30 PM
Lunch Break
02:30 PM - 03:10 PM
Panel Discussion
Cybersecurity Orchestration and Automation: Boosting Efficiency and Response
By connecting various security tools and automating repetitive security tasks, organisations can significantly improve the way they respond to cyber threats. This approach leads to faster detection and resolution of security incidents, allowing security teams to work more efficiently. It also ensures that security procedures are carried out consistently, reducing the risk of human error.
Patricia Jepkoech
Manager - Cybersecurity Incident Response, Safaricom PLC
moderator
Prasanna Burri
Group CIO, CISO, Dangote Group (NG)
panelist
Engr Harrison Nnaji
Group CISO, FirstBank Nigeria
panelist
Francis Mwangi
Group Head - IT Security and Infrastructure, Platcorp Group
panelist
Fredrick Wahome
Vice Chair, Kenya Cybersecurity & Forensics Association (KCSFA)
panelist
Evan Miriti
Security Specialist, Trans Business Machines (TBM)
panelist
03:10 PM - 03:30 PM
Cloud Security: Protecting Data In A Multi-Cloud Environment
As businesses increasingly use multiple cloud providers, ensuring robust data security becomes more complex. This requires implementing consistent security policies across different cloud environments, utilising strong encryption, and carefully managing access controls. Centralised visibility and monitoring tools are key to quickly identifying and responding to potential threats in this distributed landscape.
Lt Col David Rom
Founder, GDIS Cyber Intelligence Shield
speaker
03:30 PM - 03:50 PM
Future-Proofing Cybersecurity Operations: Preparing for Tomorrow's Threats
Focusing on proactively evolving security strategies is essential to stay ahead of constantly changing cyber threats. It involves anticipating the tactics used by attackers and identifying potential weaknesses in technology. The goal is to build a resilient and adaptable cybersecurity system that can withstand unforeseen challenges.
Thelma Kganagka
Group CISO, Equity Group Holdings Plc (KE)
speaker
03:50 PM - 04:20 PM
Tea Break
04:20 PM - 05:20 PM
Breakout
Roundtables
-
Tackling the Insider Threat: Strategies and Approaches
-
Next-Gen SOC: Evolving Cybersecurity Operations for the Future
Mitigate. Detect. Prevent. Insider threats, security risks from those with authorised access, needs a multi-faceted approach. One focused on limiting access, monitoring behavior, and fostering a security-conscious culture. Key strategies include strict access controls, employee awareness training, and tools for detecting unusual activity.
Raymond Kiprotich Bett
CEO, Salaam Technologies
moderator
Joan Mburu
Chief Information Security Officer, Airtel Kenya
panelist
Felix Malombe
Executive Director, STEAMLabs Africa (KE)
panelist
George Kisaka
ISACA Kenya Vice President, ISACA Kenya Chapter
panelist
Brian Mwau
Business Development Coordinator, Two Rivers Innternational Finance & Innovation Centre
panelist
Andrew Mecca
Solutions Architect, Safaricom Plc
panelist
Next-Gen SOCs (Security Operations Centers) are the nerve centers of modern cybersecurity, evolving to meet ever-changing threats. They leverage advanced technologies like AI and automation to detect and respond to attacks faster and more intelligently. These modernised centres focus on proactive threat hunting and seamless integration with other security systems.
Kevin Namunwa
dxContent Writer, dx5
moderator
Georgina Mukami
Head of ICT Channels Operations, National Bank of Kenya
panelist
Nancy Muriithi
Lead Security Engineer, Platcorp Group
panelist
Alex Osunga
Cybersecurity Technical Lead, @iLabAfrica IT Security Unit
panelist
Sam Muthui
CISO, Blurok Africa Ltd (KE)
panelist
Asher Geffen
Advisor and Commercial Lead, Plena Solutions Ltd
panelist
Thelma Kganagka
Group CISO, Equity Group Holdings Plc (KE)
speaker
05:20 PM - 05:30 PM
Closing Remarks
Harry Hare
Co-Founder and Chairman, dx5
speaker
05:30 PM - 06:30 PM
Cocktails and networking
Networking Cocktail
sponsors
Sponsors
partner
Liquid C2 x Google Cloud
Liquid C2
Liquid C2 is a business of Liquid Intelligent Technologies, a pan-African technology group, offering managed cloud and security services, product solutions, and related professional and advisory services in 22 African countries. We help organisations move to the cloud with technologies that integrate diverse teams and enhance customer interactions, business innovation, agility, and go-to-market capabilities. Our team of IT specialists brings several decades of cumulative experience. This enables us to provide customers with the most robust cloud protection tools across Africa.
Google Cloud
Google Cloud is a subsidiary of Alphabet Inc. and a global technology company that specializes in internet-related services and products. It offers a suite of cloud computing services, including computing, data storage, analytics, and machine learning, along with management tools.
partner
partner
ManageEngine
ManageEngine is the enterprise IT management division of Zoho Corporation. Established and emerging enterprises—including 9 of every 10 Fortune 100 organizations—rely on ManageEngine's real-time IT management tools to ensure optimal performance of their IT infrastructure, including networks, servers, applications, endpoints and more. ManageEngine has offices worldwide, including the United States, the United Arab Emirates, the Netherlands, India, Colombia, Mexico, Brazil, Singapore, Japan, China and Australia, as well as 200+ global partners to help organizations tightly align their business and IT.
SMSAM Systems
SMSAM SYSTEMS LTD is a global cybersecurity consulting company that brings cyber simplicity into cybersecurity, leveraging proven technologies to slow down, disrupt, irritate, distract, and ultimately frustrate threat actors (internal and external) in their quest to cause devastating data breaches to organizations.
In achieving the above, we’ve developed a comprehensive, frictionless, and practical cybersecurity framework that maps to identified proven cybersecurity technologies and solutions. Our framework aligns and complements most cybersecurity frameworks, such as NISFT, ISO 27001, and CIS top 20. You can download a copy of the framework here.
Trans Business Machines (TBM)
Trans Business Machines Ltd (TBM) is a Kenyan based technology company established in 1991, with the aim of providing tailored technology solutions to small, medium and large corporations in Kenya and the neighboring countries. Our promise is to deliver top-notch services with a commitment to excellence through our experienced and highly professional team and internal systems in accordance with the standards of ISO 9001:2015.
TBM has been a dedicated partner to leading global vendors like IBM, Lenovo, Cisco, Oracle and others for more than Thirty-three years, and has been evolving its products and services offering to suit the current market needs.
Our range of services includes technology infrastructure (networking, data centers, servers and storage), middleware software (BI/Analytics, Disaster Recovery and Database), Cyber-security solutions (Firewalls, DB Security, SIEM) and End-points (Laptops and Desktops).
partner
ESET
ESET is a digital security company that provides innovative and award-winning antivirus and internet security solutions for millions of customers and businesses worldwide. They offer a suite of security functions, including ESET Smart Security Premium and ESET Internet Security, which are upgraded and released annually. ESET also offers products for macOS and Android devices. The company has developed technologies to address the threat of ransomware and has produced papers on the subject. ESET is a founding member of Google's App Defense Alliance and has branches in several countries worldwide.
partners
Partners
Cybertech
From Tel Aviv to Tokyo, from New York to Kigali via Rome, Singapore and Panama City (and more) – Cybertech serves as the global cyber industry’s foremost B2B networking platform, with various industry related events all around the world. Our conferences and exhibitions serve as the go-to place to make business happen and learn all about the latest technological innovations, challenges, and solutions to combating threats in the global cyber sphere. Cybertech events feature C-level executives, top-ranking government officials, and leading decision-makers from a wide range of sectors – such as critical infrastructure, finance, health, defense, insurance, manufacturing, automotive, and many more.
AfricaHackon
AfricaHackOn, based in Nairobi & Ghana, is a Cyber Security collective dedicated to fostering excellence through, capacity building and development of a strong community of experts in Africa. Africahackon has been running for 11 years now and that has changed over time nurturing the next best talent in the Cyber Security industry.
Founded by Dr. Bright Gameli Mawudor, a seasoned Cyber Security expert who has constantly worked to change the landscape to curb threats.
Through this, the brightest professionals in the region and from around the globe have the chance to share their insights and skills through live presentations, engaging discussions, and hands-on training demonstrations.
Little
Little is a pan-african "everyday everything" app and one of the african largest ride-hailing service companies, serving cities across Kenya, Uganda, Tanzania, Ethiopia, Somalia, Senagal, Ghana and India. The Little app offers mobility, delivery and payment solutions by connecting customers to drivers and delivery agents, enabling convenience and transparency for hundreds of thousands of customers.