KEYNOTE SPEAKER
Steve Kennett
Steve Kennett served 23 in the Royal Air Force, he specialised in Data communications, Cryptography & Data protection (cyber and Information security).
On Leaving the RAF Steve held senior positions at Kingston Communications and Centrica where he had responsibilities for the Data & IP networks responsible for all aspects of IP and ISP operations, design & strategic management and at Ofcom he was Head of Spectrum Services responsible for all aspects of Enforcement & Interference policy. Steve was part of the successful Ofcom Olympics Spectrum
Delivery team responsible for keeping the Spectrum for the London 2012 Games free from Interference.
Steve is currently the Security Director and SIRO responsible for Jisc’s response to the increasing cyber security threat, providing leadership for the development of the cyber security strategy and policy to ensure that an extensive programme of enhanced cyber security services and initiatives is maintained that protect the network and meets the needs of Jisc’s members and customers whilst maintaining a high level of cyber security across the Janet network and other Jisc services.
Keynote Address - Jisc’s Active Cyber Defence
By 2021 UK education and research organisations will be more cyber resilient, better able to respond to security incidents and can demonstrate an increased cyber security posture to enable the UK’s education and research sector to be the most digitally advanced in the world. In the |Jisc Cyber Security Division we work to protect the UK National Research & Education Network (NREN) Janet Network and connected organisations.
The Jisc Cyber Security Divisions mission is to safeguard the current and future network and information security of the Janet network and of our members’ networks, creating a secure environment for organisations and their users to conduct innovative online activities. To do this we will continue to develop and refine products and services to help support an institution’s cyber security policy and to ensure continuity of business and we will continue to invest in shared services to protect the education and research sector.
Since our first security strategy was published in 2015 there have been many developments at both Government and international levels, and the current updated strategy now reflects the UK National Cyber Security Strategy 2016-2021. The way Jisc delivers cyber security has changed considerably to reflect the ever-changing security landscape. The types of threats are continually evolving, and as funding changes within the UK education and research sector Jisc will need to be more agile and innovative about how we work with the UK academic and research sector to address cyber security threats. Our three main objectives to Defend, Deter, Develop continue to help us build upon and improve our capabilities.
SPEAKERS
Akhona Damane
Akhona Damane is currently the Manager: Office of Digital Advantage at CSIR (Council for Scientific and Industrial Research). He is responsible for facilitating the implementation of the South Africa's ICT Research, Development and Innovation (RDI) Roadmap, which seeks to stimulate investment in R&D and Innovation in ICT by both public and private sectors through partnerships with industry, universities, research institutions and international organisations. He guides RDI programs that unearth the potential of the emerging / exponential technologies, such as Data Science, Artificial Intelligence / Machine Learning, Blockchain, Internet of Things, and Cybersecurity within the context of the 4th Industrial Revolution.
Mr Damane has previously worked as the Manager for Knowledge Management and Innovation (2012-2017) at Transnet Freight Rail, where he was responsible for spearheading the Knowledge Management function. Prior to joining Transnet, Mr Damane was employed by the Western Cape Government Department of Human Settlements as the acting Director for Strategy, Monitoring & Evaluation, and Information Management. During 2010-2011, he worked as a part-time Lecturer in Information Systems at the University of the Western Cape, in Cape Town. In recent years Mr Damane has honoured invitations to be a Guest Lecturer at Wits Business School and at University of Johannesburg.
He holds a Bachelor of Science Honours Degree in Computer Science and a Bachelor of Science from the University of Fort Hare. He has completed a number of training certificates in Systems Analysis, Knowledge Management, Project Management, Agile SCRUM and ITIL 4 Foundation. He is currently studying towards an MBA.
Craig Rosewarne
Craig is the MD of Wolfpack Information Risk - a South African firm established in 2011 that specialises in cyber threat intelligence, research, training, awareness and advisory services. A community of 9000+ information and cyber security specialists subscribe to their regular community updates.
We have partnered with senior management teams from all major sectors to understand the opportunities and threats that cyberspace presents. Wolfpack have also been instrumental in driving many strategic cyber security initiatives with stakeholders on the African continent.
Craig was previously an Associate Director of Deloitte's Risk Advisory division. He ran the Deloitte School of Risk Management and was responsible on a national level for learning and innovation for a team of over 400 professionals.
Craig has over 18 years of management experience in the fields of IT & cyber security. He is frequently invited to speak at information security, cybercrime and counter-espionage events. He provides regular opinion pieces via TV, radio and print/online media.
He is proudly South African and an even prouder husband and father to three healthy “cubs”.
MBA, CISSP, CISM, CVE, ISO 27001 Lead Implementer & Auditor, ISO 27035 Lead Incident Response Professional, Certified ISO 27005 Risk, COBIT & ITIL trainer.
Boeta Pretorius
NWU Strategic management and co-ordination of Information and Communication Technology, including:
- Management of ICT resources;
- Advocacy for digital transformation;
- Setting and executing strategy;
- Provision and optimisation of ICT-supported systems, processes and services for teaching, learning, research and administration;
- ICT Governance, including development and implementation of ICT plicy and standards;
- ICT Representation and Positioning in external and internal relationships;
- and management of IT portfolio.
Wilhelm van Belkum
NWU Management of OI department which includes:
- Overall responsible for all IT Infrastructure at the University (Strategy, Plan, Implement, Deploy and Operation)
- Overall responsibility for IT Operational Management
- Staff Management (3 Department - Operations, Systems and Infrastructure)
- Key role player in determining ICT strategies and directions at NWU
- Key role player in IT Governance planning and implementation
- IT-Infrastructure financial and budget management
- IT and HE sector collaboration & community engagement
- Cybersecurity
Maiendra Moodley
Maiendra Moodley graduated from the University of Natal, with a Bachelor of Commerce Degree in Business Information Systems and Information Systems Technology. Subsequently, he read for the Advanced Business Programme and Bachelor of Technology (Management) at Technikon Natal, before studying for his Masters in Business Administration through the University of Wales. His dissertation, on the security risk management measures that banks adopt in online banking, was awarded a distinction. His qualifications include the Foundation Certificate in IT Service Management (ISEB), Advanced Security Management Programme from Technikon Pretoria, Post Graduate Diploma in Forensic and Investigative Accounting and a Master in Security Studies from the University of Pretoria. He is presently reading for his doctorate on financial transformation through the use of ERP systems at the European University in Belgrade.
He is a member of the Golden Key International Honour Society.
Mr. Moodley's diverse experience includes having served as a senior systems auditor, a security architect with a leading retail bank, supervising IT LAN support services, to being a panelist and examiner on the IT programme of a national tertiary institution. Other posts that he has held include serving as a Trainee Accountant, a Senior Risk Consultant, a Principal Consultant, managing a security advisory services function, acting as a Chief Risk Officer to presently serving as a Senior Analyst for Wikistrat. He is the former HoD for Financial Systems and Processes at the State Information Technology Agency. His articles, extensive speaking and teaching engagements presented and published both locally and internationally in India, Kenya, Ghana, Botswana, Mauritius, Tanzania, Zimbabwe, and Zambia, span a wide range of industries and topics such as auditing, fraud, security and risk management to unlocking the strategic value of technology. He presently provides advisory services to Government customers.
Peter Allwright
Director of Horizon Forensics
Peter is a cyber intelligence investigator and open source intelligence expert.
He specialises in investigating high-value customer data breaches and hunting down hackers in hostile jurisdictions to retain the stolen data. He works closely with local and international law enforcement agencies to detain hackers and to support their successful extradition and prosecution.
He has successfully led local and international search and seizure operations of private residences, business premises and internet service providers, in order to retain stolen data and secure evidence that hackers leave behind. He often has to deal with the complexities of foreign jurisdictions and the impact of data protection legislation.
He has wide experience of dealing with crisis management situations and together with specialised professionals takes care of coordinating the key aspects of resolving the crisis and protecting the client’s position at all times.
He has investigated hacking of data centres, data breaches, domain name hijacking, man-in-the-middle attacks, phishing and spear phishing attacks, counterfeit trademarks, copyright violations, prohibited/illegal content, identity theft, malvertising, ransomware, cyberstalking, cyberbullying, online scams, fraudulent invoices/change of bank account scams, sextortion, defamatory blogs, hacking and reprogramming of master slave devices, software piracy, and the distribution of child pornography.
He uses conventional and unconventional techniques to investigate cybercrime. His conventional methods include a proprietary threat intelligence and investigation platform together with custom-built threat hunting workstations and advanced forensic tools to access information that is out of the public domain. His unconventional methods include system thinking tools that analyse the situation to reveal unknown or hidden associations.
He has successfully guided multidisciplinary forensic teams in Africa, the Middle East, Europe and Asia.
Nadia Veeran-Patel
BCom (Marketing & Business Management) | ISO27001 Foundation | ITIL Foundation | ITIL Service Management |Completed CISSP course | Train the Trainer | Lotus Domino Administrator | Lotus Domino Developer
Nadia has 13 years of IT experience in Service Desk Management, Training, Account Management and Information Security.
She has spent the last 3 years providing advice and assurance on Information Security related activities
- Application and Infrastructure Baselines
- Writing and implementing Information Security policies
- Leading IT DR testing and planning for inclusion in the Business Continuity Plans
- Conducting Phishing campaigns with remedial training
- Vulnerability Management
Nadia trained in the UK in the Information Assurance Maturity Model (IAMM) and successfully adapted and implemented it in South Africa over a 12-month period.
Jacques Ophoff
Jacques is a senior lecturer in the Department of Information Systems at the University of Cape Town. His research covers a variety of topics within information systems security, with a specific focus on behavioral (human) aspects of information security. Jacques supervises a Security & Privacy Research Group with more than a dozen active research students and has over 40 peer-reviewed publications.
Jacques holds a Ph.D. in Information Technology from the Nelson Mandela Metropolitan University
Stephen Nel
Stephen has over 18 years' experience in Consulting and is currently the Group Senior Manager of Transformational Consulting. He previously was Head Security Consulting for MEA. During his 6 years at Dimension Data, he has worked across multiple industry verticals, assisting organisations with their Transformational and Cyber Security Challenges, aligning these strategies with the organisational business outcomes. His background includes management positions in one of the big four audit firms and working in the financial sector.
During this time Stephen was a Senior Information Security Consultant and at various stages was acting in the Group Information Security Officer role. Stephen worked primarily within Information Security Management and Governance arena where he was responsible for setting Security Strategy and defining the Information security target operating model, he was also responsible for the implementation roadmap for the effective execution of Information Security within the Group.
Stephen has also numerous years' experience assisting local and international companies within the E-commerce industry with their security architecture, strategies, and implementation. During this time Stephen was responsible for defining the security strategies and aligning the strategies to the business strategy. This included the development of and delivery against a security road map.
Mervyn George
Mervyn George is a seasoned technologist, experienced in driving value discussions and implementing enterprise systems at multinational organisations. As a business architect with SAP, Mervyn dedicates his focus to advising leaders of large enterprises on the role technology plays in business innovation and the modernisation of corporate strategy.
Dominic Cull
Dominic holds a master’s degree in ICT law from UCT and specialises in electronic communications regulation. After proving unsuited – due to a stubborn streak of pragmatism – to the formalities of life as an attorney, Dominic founded ellipsis regulatory solutions (www.ellipsis.co.za) as a consultancy seeking to assist those navigating the murky waters of communications law.
Dominic’s brief is to shape policy and regulation towards the interests of ISPA’s members and to ensure effective communication between ICASA and members.
Dr Kiru Pillay
Kiru has thirty years of experience in the ICT sector with the first 23 years as an ICT practitioner and has worked in various industry sectors and in various roles globally.
He has eight years of experience in an academic and research environment and has been based at three South African universities both on a full-time, and currently on a part-time basis.
He is presently in the Public Sector as a Chief Director, Cybersecurity Operations at the Department of Telecommunications and Postal Services (DTPS) responsible for the national Cybersecurity mandate and the management of the national Computer Security Incident Response Team (CSIRT). He also has a mandate for the operationalisation of the Department’s 4IR initiatives via its Digital Transformation Centre.
Kiru holds a PhD in Information Systems from the University of KwaZulu Natal. He is currently a visiting academic attached to the LINK Centre at the University of Witwatersrand and also to Wits Business School, with a primary responsibility of post-graduate supervision with some lecturing responsibilities.
Corien Vermaak
IT law specialist by trade, Vermaak has spent many years working in ICT and representing multinationals.
Vermaak specialises in ICT technologies and network security. She has recently completed studies towards becoming a certified digital forensic auditor.
Vermaak has been instrumental in assisting the Law Society of South Africa with seminars for legal practitioners regarding technology law and cyber crime legislation.
As director of a technology academy, she developed training in cyber security and data protection and audits in large companies.
Paul Beyleveld
Paul Beyleveld is a Consulting Systems Engineer for Cisco Security Sales supporting the sub-Saharan Africa region. He is responsible for providing advice, consultation services and gearing up Cisco customers with end-to-end cyber security capabilities.
Paul has over 15 years' experience in the Cybersecurity industry, 8 of which were spent at Cisco. Before Cisco, Paul was part of the Engineering teams at leading value added cyber security distributors within the sub-Sahara Africa region and worked to design, implement and support encryption, content, network and application security solutions.
Paul is a Certified Information Systems Security Professional (CISSP). He is a self-professed Maker with a keen interest in 3D printing and electronics.
Hylton Brand
Hylton Brand, has over 21 years work experience in government and is currently a Risk Officer at the City of Cape Town.
With a passion for Information Security, he qualified as a CISSP in 2004, graduated with a UCT Computer Forensics diploma in 2009 and obtained Honors degree in 2010.
Specialisations include Information Security awareness, Public education, GRC and Business Continuity.
Noteworthy achievements include spearheading the City’s Cybersecurity Handbook for Cape Town residents and driving information security awareness amongst public servants and officials as part of a 10-year City campaign.
Giuseppe Garau
Giuseppe has more than 15 years of experience in the ICT sector, during his career he has managed projects in Telco and Enterprise focusing mainly on networking and security issues.
Giuseppe has worked in Allot since 2015 as Solution architect for Italy, North Europe and Africa territories focused in Enterprise market.
He took his degree in Telecommunication Engineering at Technical University in Milano.
Mauritz Grobler
Mauritz Grobler is a security Solutions Architect who works as part of the Dimension Data cybersecurity team to develop security solutions that enable their client’s businesses.
Mauritz believes that good security starts with good policy.
“Few things provide me with as much joy as reading a well-managed risk register”
He has been working in information technology for the past 14 years as engineer, sales specialist and solutions architect.
Raymond Maclean
Raymond Maclean is currently a Senior Systems Engineer with the Information and Communication Technology Services (ICTS) department at the University of Cape Town.
He has over 21 years’ experience in ICT; ranging from customer service, network technician and a hardware specialist; to a consultant in the Service Desk environment and as a Systems Engineer.
He has a passion for Information Technology and his interests include basic electronics, amateur radio, gaming, tinkering, security, scripting and automation.
Raymond studied Digital Forensics at UCT in 2017 and graduated in 2019 with a BCom Honours (First Class) specialising in Information Systems (IS).
Prof SH (Basie) von Solms
Prof SH (Basie) von Solms is a Research Professor in the Academy for Computer Science and Software Engineering at the University of Johannesburg, the Director of the Centre for Cyber Security at the University of Johannesburg as well as an Associate Director of the Global Cybersecurity Capacity Centre of the University of Oxford in the UK. Basie is a member of the World Economic Forum’s Global Future Council for Cyber Security.
(Via Video Presentation)
PLATINUM SPONSORS
CSSA 2019 CONFERENCE PROGRAMME
New Lecture Theatre (NLT)
Upper Campus
University of Cape Town (UCT)
View map
Wednesday, 03 July 2019
09:00 – 10:30 | Registration (tea & coffee on arrival) |
10:30 – 10:35 | Introductions Richard van Huyssteen Executive Director: ICTS UCT |
10:35 – 10:45 | Welcome Dr Reno Morar UCT |
10:45 – 11:15 | The emerging cybersecurity legislative framework and obligations for organisations Dr Kiru Pillay South African Department of Telecommunications and Postal Services (DTPS) |
11:15 – 12:00 | Cyber self-defence; organisation, people and country risk Craig Rosewarne Wolfpack |
12:00 – 13:00 | LUNCH |
13:00 – 13:35 | Session chair: Roshan Harneker Security as an Elusive Service Maiendra Moodley Government advisor |
13:35 – 14:10 | The South African ICT R&D and Innovation Roadmap Akhona Damane Council for Scientific and Industrial Research |
14:10 – 14:45 | Cybersecurity: A Smart-City Perspective Hylton Brand City of Cape Town |
14:45 – 15:15 | TEA |
15:15 – 15:45 | Platinum sponsor: Dimension Data Dimension Data’s Global Threat Intelligence Report Mauritz Grobler |
15:45 – 16:30 | Cornered in the pool room – using unconventional techniques to find a hacker Peter Allwright Horizon Forensics |
16:30 – 16:45 | Closing remarks |
18:00 | Conference Dinner |
Thursday, 04 July 2019
08:00 – 09:00 | Registration (tea & coffee on arrival) |
09:00 – 09:05 | Welcome Andre Le Roux |
09:05 – 09:50 | Keynote address Jisc’s Active Cyber Defence Steve Kennett JISC |
09:50 – 10:20 | Cyber Security Capacity Building for the 4th Industrial Revolution Basie von Solms University of Johannesburg (pre-recorded presentation) |
10:20 – 10:50 | Cybercrime bill what is next for South Africa Corien Vermaak Cyber security and IT law specialist |
10:50 – 11:20 | TEA |
11:20 – 11:55 | Session chair: Penny Thompson Are we ready to embrace the future of work? Mervyn George SAP |
11:55 – 12:30 | Cyber resilience Nadia Veeran-Patel ContinuitySA |
12:30 – 13:00 | Network Intelligence to See, Control & Secure IT Giuseppe Garau Allot |
13:00 – 14:00 | LUNCH |
14:00 – 14:30 | Session chair: Ghamza Jacobs Developing an IT cyber security strategy in a vacuum Boeta Pretorius & Wilhelm Belkum North-West University |
14:30 – 15:00 | Jedi Mind Tricks 101: Social Engineering - Vice, Virtue or … Jamiela Dawood University of Cape Town |
15:00 – 15:30 | Awareness of cybersecurity risks (Phishing) leads to well-informed user choices Richard Hlalele University of Johannesburg |
15:30 – 16:00 | TEA |
16:00 – 16:25 | Determining the key factors that lead to the adoption of password managers Raymond Maclean University of Cape Town |
16:25 - 17:00 | Interactive Session |
17:00 – 17:15 | Closing remarks |
17:15 | Cocktail Function |
Friday, 05 July 2019
08:00 – 09:00 | Registration (tea & coffee on arrival) |
09:00 – 09:05 | Welcome Roshan Harneker UCT |
09:05 – 09:45 | Dominic Cull Ellipsis |
09:50 – 10:20 | Platinum sponsor: Dimension Data Multi- cloud security Stephen Nel |
10:20 – 10:50 | The Cybersecurity Capacity Centre for Southern Africa Jacques Ophoff UCT |
10:50 – 11:20 | TEA |
11:20 – 11:40 | Allot DDoS solution for Enterprise Giuseppe Garau Allot |
11:40 - 12:10 | Paul Beyleveld Cisco |
12:10 - 13:00 | Panel Discussion |
13:00 - 13:15 | Conference closing and Lucky Draw Richard van Huyssten UCT |
13:15 | TAKEAWAY LUNCH |
13:30 – 15:30 | Cybersecurity SIG meeting By invitation only |