Speaker:
Kris Budnik, Group CISO, First Rand Bank

The past two years has resulted in increased digitization across sectors, with the enterprise cybersecurity leaders suddenly finding themselves tasked with defending their largest-ever attack surface. The trend has led to data proliferation, and organizations struggle to handle the sheer volume of data in this new regime. What are the threats to watch and technologies to embrace during the pandemic and beyond, particularly when the abundance of valuable information has captured subversive elements' attention? At the same time, cybercriminals have breached networks and compromised millions of records, not only causing revenue losses but impacting brand reputation? Enterprises consider this decade as the decade of digital trust as the country's top leadership emphasizes cybersecurity to have a tremendous impact on the nation's society and economics.

This session will discuss:

• Key priorities for 2022—identity and access management, cloud, data protection, and regulations
• A collaborative approach to building skills and techniques to achieve "future-proof" enterprise security
• How will fraud and cybersecurity evolve in coming years?

Speaker:
Harrison Nnaji, CISO, FirstBank Nigeria

Various reports suggests that 24% of all security breaches that occur at financial institutions come from insiders. Workers in this critical sector have access to valuable customer data. This access makes them a lucrative targets for bad actors. Some insiders are malicious. Many are just careless. And others are compromised by outside attackers who gain access to sensitive data, systems and resources. It’s no wonder that insider threats are such a challenging threat vector. What can FIs do differently to tackle the problem?

The session will further discuss:

• How concepts of zero trust can help fight insider threat
• What new technologies are FIs leveraging in other markets
• How to predict insider fraud

Speakers:
Ahmed Mokdad, Associate, Covington & Burling
Kerissa Varma, CISO, Old Mutual Limited
Ross Saunders, Co-chair, Jo'Burg Chapter, IAPP

Cyberattacks in African countries, especially in the key financial centers of South Africa and Kenya have risen drastically this year. The Protection of Personal Information Act, or POPIA, which entered fully into force in July 2021, promotes the protection of personal information processed by public and private bodies, and introduces significant obligations regarding reporting and notification of data breach incidents. What are leading corporates doing to implement their POPIA compliance programs, and what are the priorities for South Africa's Information Regulator?

The session will discuss:

• Practical implementation steps that companies are taking to address POPIA compliance
• Priorities for South Africa's Information Regulator
• Best practices for data breach response

Speaker:
Oriyomi Fowler, Head of Information Security and Network Operations, Dangote Industries

A holistic data-centric zero trust approach will keep your data safe, enable digital transformation and allow enterprises to be cost efficient when choosing the right zero trust platform. But how maturely are enterprises in Africa embracing the framework and moreover are they technology ready to apply the framework?

The session will also discuss:

• How to use zero trust to guide a hybrid workforce
• What one needs to do beyond ZT to actively monitor for threat activity
• How to begin your zero trust journey

Speaker:
Sithembile Songo, Head Information Security and Risk Management, Public Investment Corporation

Earlier this year, South Africa’s port and rail company was apparently targeted with a strain of ransomware that cybersecurity experts have linked to a series of high-profile data breaches. There have been multiple other cases of ransomware in the region. With ransomware gangs increasingly targeting critical infrastructure, often impacting supply of essentials, how can enterprises fight against this growing menace?

This session will also discuss:

• Using right technology and tools to ensure business continuity and protecting the assets
• Building resilience against attacks with appropriate risk management strategy

Speaker:
Andrzej Kawalec, Head of Cybersecurity, Vodafone Business

Treating security is not just about a series of technical controls, it is much more holistic. As the pandemic continues, concepts such as "zero trust" have now become essential. So too in this era of empty offices and working from home is working to secure the lowest common denominators - employees, laptops, home routers, mobile devices.

The session will also discuss:

• The importance of focusing on people, reputation, brand and securing lowest common denominators
• Why organizations need to move from a reliant to a resilient mindset, and essential steps for getting there
• Creating norms for out-of-office security incident management and response, and risk assessment

Speakers:
Charles Kungwane, Group Head, ICT Security, Risk, City of Johannesburg
Itumeleng Makgati, Group Executive- Information Security, Standard Bank Group
Lerato Makgopa, Information Security and Risk Lead, From a Leading Bank

The year saw some high profile cyberattacks. While ransomware and supply chain attacks continued to dominate the headlines, the problem of identity, cloud security as well as risk of third party vendors continue to bother security practitioners. These cybersecurity threats are amplified by phishing attacks, targeted attacks, disruption, distortion, and deterioration. As we are about to end 2021, how do security leaders plan to approach these issues:

A panel of experts discuss:

• Threats that concern them the most
• How they plan to address the threats
• Cybersecurity investments in 2022