News Print

East African IT security professionals attended Cyber Defence East Africa 2013
2013-09-30

 

In order to assist organisations in creating a secure digital environment in the East African region NRD together with ISACA Tanzania Chapter organised Cyber Defence East Africa 2013 - a three-day conference that took place on the 28th-30th August in Morogoro, Tanzania. The main purpose of the event was to help organisations to get up to speed in information security and create a community of IT security professionals ready to protect their networks and handle security incidents appropriately.


The main reason behind the conference is the rising importance of cyber security in East Africa due to region's rapid development. East African region has a huge potential to increase its competitiveness by modernizing services and providing them online. However, it means that organisations are increasingly reliant on data and IT infrastructure's availability and are increasingly vulnerable to cyber attacks. While many Western countries had years to adapt to these threats and slowly increase their capacities, East Africa cannot afford to grow slowly and lose confidence of its societies in opportunities that the Internet can provide. For this reason, creating a secure digital environment is mandatory in order to maintain the current pace of development.


The conference was attended by almost a hundred information security professionals, information systems auditors, IT risk professionals and IT enthusiasts from Tanzania, Uganda, Kenya and Zimbabwe. Among the attendees, there were representatives from the Bank of Tanzania, Tanzania Revenue Authority, National Identification Authority, Social Security Regulatory Authority, Tanzania E- Government Agency, Tanzania Communications Regulatory Authority, PPF Pensions Fund, Ministry of Home Affairs, Tanzania President's Office, National Social Security Fund, Mzumbe University, PricewaterhouseCoopers and many other local and international organisations. The event lasted for three intensive days and the participants had a chance to practice Critical Security Controls and Penetration Testing, attend technologies demonstrations, network and form a community of information security professionals.


The event was sponsored by BAIP, a company having more than 20 years of experience in critical IT infrastructure and cyber security areas. BAIP is involved in various cyber security projects and cooperates with government, national regulatory institutions and educational institutions in the EU, CEE, East and West Africa. Connectivity was provided by SimbaNET - a Licensed Public Data Operator in providing Voice, Video, data and Internet connectivity in East Africa. The event was also sponsored by CTWO - a company making secure hardware encrypted USB drives SafeXs.


Member of Parliament in the Tanzanian National Assembly and Deputy Minister - Communication, Science & Technology at the Government of the United Republic of Tanzania Hon. January Y. Makamba welcomed the initiative to organise this conference and expressed his gratitude for NRD and ISACA. During his speech, Hon. Makamba invited the participants to be a part of a discussion, a process of new cyber security legislation in Tanzania. He encouraged the audience to help government understand the magnitude of the problem, help understand the risks associated with cyber security, make as much noise as possible - "your job is advocacy for what you do".


Critical Security Controls and Penetration Testing trainings, that were the key part of this conference, were highly concentrated, based on the best security practices, standards of business ethics, legal regulations and principles of business continuity, real life examples and hands-on experience. Technology demonstrations, delivered by FireEye representative Mr. Ala' Khalil and experienced information security professionals, introduced the participants to the example tools they could use to implement cyber security in their respective organisations: FireEye (defence against advanced malware, zero day & targeted APT attacks), Balabit SCB (privileged users remote session auditing (recording) appliance), AccessData FTK (forensics toolkit for incident response), Lumension Risk Manager and LEMSS (risk and compliance management, effective endpoint security), QualysGuard Suite (vulnerability management), IBM Q1Labs QRadar SIEM (Security Information and Event Management). At the end of the conference, participants were given certificates confirming completion of trainings.


In order to keep the network of information security professionals, formed during unofficial meetings and the Gala dinner, alive, enable the good practice exchange between them, and in this way improve the security of the digital environment in East Africa, a steering group - Cyber Defence East Africa community - has been established.


The group will stay in touch using a social networking platform and all of the members are invited to get engaged in the preparation of the Consultative Tanzanian National Cyber Security Framework. In addition, the participant questionnaires indicate that 100% of the respondents would participate in a similar conference again next year, if given the opportunity, confirming that there is a great demand for cyber security initiatives in East Africa.

 

For further information about the event, please refer to: www.cybersecurity.co.tz.

NRD East Africa Ltd, 2nd Floor ABLA Complex, Rose Garden Road, Mikocheni Dar es Salaam, Tanzania;

+255 222 701 367; +255 754 999 198; info@nrd.no