10 - 11 November 2021

Building the human firewall

COVID-19 continues to impact the way organisations are functioning. While some organisations have returned full-time to the office, there are many that have either opted for the hybrid approach in that their staff can work at the office and remotely or are still working full-time remotely.

This way of working puts greater pressure on organisations to protect their networks and digital assets. It is no secret that cyberattacks are increasing and becoming more sophisticated. So, while organisations have put the necessary security measures in place, it is up to each of us to take responsibility for protecting the networks and digital assets that we use and have access to, to prevent it from being compromised.

Getting our defence line in order

Security companies have seen a definite increase in cybercriminals attacking individuals instead of organisations, except for ransomware attacks, as they know that if they gain access to a home network, they can easily access all the systems and services that it connects to.

This is why the Cyber Security Symposium Africa 2021 webinar series is placing a greater emphasis on the human firewall and ensuring that everything is done to prevent any form of cyberattacks.

CSSA 2021 will take place 10-11 November 2021. Over the two days we will have a range of security expertise sharing their knowledge and insights on a range of information and cybersecurity-related topics.

Focus areas

In line with this year’s theme, CSSA 2021 will address these topics:

Emerging Technologies, Ransomware, Remove work, People in Cyber, VPN, Weaponising of AI, Proactive vs reactive response.


Wednesday, 10 November 2021

09:30 – 09:40Welcome and introductions
09:40 – 10:25The APEC ICT Skills Framework Project – A cybersecurity perspective
Dr Nick Tate
10:30 – 11:15Work from home
Sikhumbuzo Mthombeni
Sponsor: Dimension Data
11:20 – 12:05Ransomware: Proactive vs reactive response
Dr Erdal Ozkaya
12:05 – 12:30BREAK
12:30 – 13:15Threat of the Internet (Child exploitation online)
Captain Veronica Banks
South African Police Services
13:20 – 14:05Ransomware: Before, during and after the attack
Andrew Stone
Sponsor: Pure Storage
14:10 – 14:55Inside the cauldron of fire
Peter Allwright
15:00 – 15:45Hacking: How big and damaging is this wave?
Munyaradzi Gudo & Stewart Wapwanyika

Thursday, 11 November 2021

09:30 – 09:40Welcome and announcements
09:40 – 10:25Mitigating modern threats
Ghamza Jacobs & Leon van Niekerk
University of Cape Town
10:30 – 11:15An Honest talk with Executives on Cybersecurity, Privacy & Resilience (CPR) Risk
Craig Rosewarne
Wolfpack Information Risk
11:20 – 12:05Digital Extortion - Why ransomware persists
Wicus Ross
12:05 – 12:30BREAK
12:30 – 13:15Managing cyber compliance when operating in a multi-jurisdictional context
Peter Flynn - Libryo Ltd
Sponsor: Inspired Marketing
13:20 – 14:05Embedding security behaviours in your organisation
Associate Professor Jacques Ophoff
Abertay University
14:10 – 14:55Transforming IT Security – Journey to SASE
Arashad Samuels
Sponsor: Cisco
15:00 – 15:10Conference closing


Dr Erdal Ozkaya

Dr Erdal Ozkaya

Dr Erdal Ozkaya is known as a passionate, solutions-focused professional with a comprehensive global background within the information technology, information security, and cyber security fields.

He is committed to the delivery of accurate, accessible resources to inform individuals and organisations of cybersecurity and privacy matters in the internet age.

Dr Erdal is a collaborative team leader with the key areas of his expertise spanning end-to-end IT solutions, management, communications, and innovation.

In addition, he is a well-known public speaker, an award-winning technical expert, a book author, and writer of certifications (courseware and exams) for prestigious organisations such as Microsoft, EC Council, and other expert-level vendors. Some of his recent awards are:

  • 2021: Best CISO for Banking and Financial Sector
  • CIO Online & IDC : Top 50 Technology Leaders, Security Magazine Top CISO,
  • Tycoon Success Magazine, Most Powerful 10 Middle East Businessman
  • EC Council CEH Hall of Fame
  • 2020: Khaleej Times "CISO Power List" ,
  • Cybersecurity Legend by GEC Media Group,
  • "Super Hero CISO", by Enterprise IT
  • Top CISO by Security ME Magazine
  • 2019: CISO Mag " Hall of Fame" and Cybersecurity Influencer of the year , Microsoft Regional Director
  • 2018 : NATO Center of Excellence Award
  • 2017: Microsoft Platinum Club (employee of the year

Associate Professor Jacques Ophoff

Jacques is a Senior Lecturer (Associate Professor) in the Division of Cyber Security where he teaches various security-related topics at undergraduate and postgraduate level, including security in software engineering, digital forensics, and human aspects of security. His research focuses on all levels of cybersecurity from individual to national level. He is particularly interested in management and human aspects of security. To date he has supervised 70+ postgraduate research projects to completion.

He is the Scottish Informatics and Computer Science Alliance (SICSA) Cyber Security research theme co-lead. He is the current Vice-Chair of IFIP Working Group 11.8, which focuses on information security education. He holds an Honorary Research Associate position at the University of Cape Town, South Africa. He is an Associate Editor for the Journal of Intellectual Capital (Securing the Organization's Knowledge and Information).

His presentation topic will be Embedding security behaviours in your organisation”

Wicus Ross

Wicus is Senior Security Researcher at Orange Cyberdefense Security Research Centre.

He is tasked with investigating industry events and trends, with the single purpose of understanding how these may affect business.

Wicus uses his understanding and knowledge to advise customers and threat detection/hunting teams on the appropriate response given the threat or trend.

The title of his talk is: Digital Extortion - Why ransomware persists

As the immediate impact of the COVID-19 pandemic recedes, ransomware is the single security issue dominating the security headlines. The resilience of our IT systems and the trust demanded by users demands that the plague be stopped. By looking at the threat from multiple perspectives and examining the lessons learned from history, we can begin to formulate a strategy for dealing with it.

Piracy is almost as old as maritime history. In the mid to late 2000’s Somali pirates ravaged shipping lanes on the east coast of Africa. During the same time the Internet community experienced a flareup in unsolicited email (spam). This was the beginning of the what some called “Pharma-spam”.  These two threats resulted in millions of dollars of losses for their victims. These days are long gone, but other threats emerged to fill the void.

In this session we look at data we collected regarding ransomware groups, and we share recommendations from our learnings.

Craig Rosewarne

Craig Rosewarne

Craig Rosewarne is the MD of Wolfpack Information Risk - a South African firm established in 2011 that provides information risk & cybersecurity services to governments & organisations. He founded Alert Africa in 2015 to provide free awareness resources and  assistance to victims of cybercrime or harassment.

He provides regular opinion pieces via TV, radio and print/online media, including: 94.7fm, IAEA, 5fm, Carte Blanche, SABC, ITWeb, Power 98.7, Radio 702, ENCA, Classic FM, Metro FM, Y fm and the Sunday Times.

Craig has 20+ years management experience in the fields of information risk & cybersecurity. He is a frequent speaker & trainer at local & international events.

He is proudly South African and an even prouder husband and father to three healthy “cubs”.

MBA, CISSP, CISM, CVE, ISO 27001 Lead Auditor & Implementer, Certified ISO 27005 Risk Manager

Sikhumbuzo Mthombeni

Sikhumbuzo Mthombeni currently leads Dimension Data’s Cybersecurity Architect team nationally and works with a client base across Gauteng, Western Cape and KwaZulu Natal.

Sikhumbuzo joined Dimension Data as a graduate having worked as a developer at University of Cape Town immediately after completing his BSc Electrical and Computer engineering degree from the same University.  He was exposed to several business units at Dimension Data before pursuing a passion in Cybersecurity.

He has worked with several industry verticals on various Cybersecurity projects working closely with clients and internal teams to ensure the realization of an improved Cybersecurity posture. These projects involve secure networks, cloud environments and applications among other aspects of Information Security.

Captain Veronica Banks

I am a Captain in the South African Police Service, currently stationed at the Serial and Electronic crimes investigation unit(SECI).

I specialize in child exploitation online. I have been a police officer for 26 years. I have a diploma in Policing and in Child Psychology.

Peter Flynn

Since 2003, Peter has been a systems specialist, technology entrepreneur and global business leader. Libryo was founded by three co-founders in 2016, where he took on the role of Libryo CEO. Peter is primarily responsible for new business development and driving technology innovation.

Previously, Peter co-founded White Wall Web, a web development consultancy in South Africa, which later expanded its business to sell from the United Kingdom. At its peak, it had customers operating in 8 countries (including the USA, the UK, Australia, and New Zealand) and had 25 software developers. White Wall Web won top 10 in the Technology Top 100 award in 2004 and Peter came second in the South African SMME Entrepreneur awards in 2007.

From 2006-2011, he worked as a non-executive of the RAMP Group (see www.rampgroup.co.za). I co-founded the RAMP Foundation, which staged the NetProphet Conference, the largest startup/technology conference in Africa at the time. Peter was particularly involved in the RAMP Foundation Bursary program and in 2011, I was named one of the Mail and Guardian's "200 Young South Africans” as a result.

Peter is based near London, UK, where he lives with his wife and two young sons. He enjoys mountain biking, snowboarding and playing his guitar (when there’s a free moment).

Topic: "Managing cyber compliance when operating in a multi-jurisdictional context"

Dr Nick Tate

Dr Nick Tate is an Author, CEO, Company Director and Adjunct Professor at the University of Queensland (UQ) in Australia. He has over 40 years’ experience in IT including 16 years at CIO level at two London banks and at the University of Queensland, as well as 17 years’ experience as a Company Director in 11 Australian and 2 US companies. He is a former Chair of the Council of Australasian University Directors of IT (CAUDIT), which is the Australian equivalent of ASAUDIT, and a former President of the Australian Computer Society (ACS). In 2010, he chaired the World Computer Congress and his recent roles have included being CEO of a software engineering company, BCI Technology, and directing the $50 million Australian Government funded Research Data Storage Infrastructure (RDSI) project, which developed and deployed one of the largest data clouds in Australia, to store research data from universities and other research groups.

His career has also included 20 years with investment/commercial banks including 18 years in London and 2 years at Macquarie Bank in Sydney where he had responsibility for Global IT infrastructure. He has spent over 15 years working with universities and research organisations, 3 years working on anti-missile missile systems for Royal Navy Warships and 2 years on real-time air traffic control systems.

For over a decade, he was the Director of the Australian Computer Emergency Response Team (AusCERT), which provided Cybersecurity incident response services for Australian Universities, Government Agencies and Private Industry and was the National CERT for Australia. During this time, AusCERT trained the Chinese National CERT as well as CERTs in Central and South America.

Nick holds a Bachelor’s degree in Physics from the University of St. Andrews in Scotland, a Master’s degree in Computer Science and a PhD in Cybersecurity. He is also a Chartered Engineer, a Chartered IT Professional, a Fellow of the Royal Astronomical Society, a Fellow of the ACS, An ACS Certified Professional (CP) and a Fellow of the British Computer Society (BCS). Nick has also been a pilot in the Royal Air Force Volunteer Reserve, a City Councillor and Chairman of a London based economic think tank.

He is co-author of “A Director’s Guide to Governing Information Technology and Cybersecurity”, a book recently published by the Australian Institute of Company Directors (AICD) and has published over 30 columns on ICT in the Australian Newspaper, Sydney Morning Herald and elsewhere.

Munyaradzi Gudo

A Senior Systems Engineer and member of the CSIRT in the Information and Cyber Security Service team, at the University of Cape Town, who over the past 10 years acquired and developed solid international training and experience in Security Engineering, Vulnerability Management, Incidence Response, Security Information and Event Management (SIEM),  IT Risk Management,  and Information Security Management Systems (ISMS) & Compliance. 

Munyaradzi is a Certified Ethical Hacker who enjoys getting his hands dirt with Cyber Security Stuff.

Stewart Wapwanyika

Stewart is a passionate network and cyber security expert with over 10 years’ experience. He holds a Diploma in Telecommunication systems and in microcomputer technology engineering, Certificate in Linux and Network Administration with University of Zimbabwe. Stewart Wapwanyika is certified with many vendors in the security domain from EC council, CompTIA, CISCO, IBM and Microsoft.

Currently, he is enrolled for Masters in Cyber security with University of Liverpool. Stewart also teaches Cisco and cybersecurity courses during his spare time and is a saxophone player.

Peter Allwright

Head of Forensics Services - Amber Gaming

Peter is Head of Forensic Services and focuses on preventing, detecting, and investigating perpetrators that target Amber’s clients with white-collar crime. He has extensive experience investigating common forms of business crime, including fraud, bribery, corruption, money laundering, theft, and tax evasion. He also leads Amber’s cybercrime practice that focuses on offensive forensics and hunts down threat actors targeting the infrastructure, operations, and intellectual property of our clients. He regularly leads crisis management situations by working together with specialized professionals and taking care of coordinating the key aspects of resolving the crisis and always protecting our client’s position. He has successfully guided multi-disciplinary teams to investigate and overcome criminal enterprises in Africa, the Middle East, Europe and Asia.

Andrew Stone

Andy Stone joined Pure Storage in April 2019 as CTO – Americas where he is responsible for supporting go-to-market and internal, product development activities. Andy works with large, enterprise customers
to help identify and deliver solutions to meet their needs, while working with product management to ensure that product roadmaps meet the ever-evolving needs of customers and prospects.

Prior to joining Pure, Andy worked at PwC for three and a half years as US and Global Chief Technology Officer and Global Head of Security Technology and Engineering supporting the Firm’s 160 global
territories and nearly 300,000 users. Andy worked to implement a number of global technology solutions to improve the overall usability, scalability and security postures of PwC, while improving overall IT
services’ performance. Some notable, solutions and innovations came in areas such as:  secure, borderless networking, Global wireless network upgrade, Global Active Directory redesign and build out, data center
consolidation, cloud adoption, secure software development, unified communications and collaboration, and data analytics.  Andrew also led efforts to virtualize PwC desktops to improve end-user usability and
protect from potential outside attacks and internal data leakage.

Prior to PwC, Andy was the Farmers CISO and Global Head of Security Engineering, Architecture, Technology and Strategy for Zurich Insurance where he was responsible for a global security
transformation across 140+ countries, which included modernizing the entire security organization across people, process and technologies.

In his consulting past with Accenture, Andy led the creation of multiple security offerings including Identity and Access Management and Application Security. Andy also led the Power of 3 security alliance
between Accenture, Avanade and Microsoft. These were in addition to his work with numerous, Global Fortune 500 companies, where he provided thought leadership and helped design, implement and
support a broad set of custom and commercial technology solutions.

Andy holds a BS in Business – Information Systems from Indiana University, Bloomington and an MBA from the University of Southern California. Andy has been presented at numerous conferences and been
published on several topics in security and other technologies. Lastly, Andy holds patents in the security space for technologies developed related to identity and access management.

Ghamza Jacobs

Ghamza has over 15 years' experience working with Information Systems in the public and private sectors.

From working as a Microsoft consultant and trainer, to Systems and Security Administrator, Ghamza has a holistic view of Information Technology and cybersecurity. This varied experience allows for a transition between hands on technical work, forensic investigations, incident response, procedure/policy creation, and engagements with both technical and non-technical clients and stakeholders. Ghamza has several certifications from vendors like CompTIA, IBM and Microsoft.

He also has a BCom (Hons) Information systems specialising in Computer forensics from the University of Cape Town. The ability to easily translate technical jargon to help teach and raise awareness on cybersecurity issues has seen Ghamza present to many diverse audiences.

Arashad Samuels

Arashad Samuels has a vast background in the IT industry across some of the major OEM brands.

A technology expert that collaborates with both leadership and subject matter experts, aligning IT & security strategy to business goals, delivering architecture that supports efficient and secure IT environments.

A resourceful and skilled individual, trusted advisor to the Cisco Cyber security community that is passionate about helping businesses secure their environment.

Leon van Niekerk

Experienced Information Security consultant, Certified Ethical Hacker (CEHv10), with a demonstrated history of working in the Computer & Network Security industry.

Experienced in PentTesting, Security Consulting, Skilled Network Administration, Customer Service, Servers, Active Directory, and Microsoft Office.

Well versed Information Technology professional, graduated from University of Cape Town with BCom (Hons) Information Systems and a Post-Graduate Diploma in Digital Forensics.