ISACA KENYAAnnual ConferenceReport 2019

Enabling Digital Transformation

Inside

Executive Summary

Opening Plenary

Chief Guest

Speakers Session

She Leads Tech

Round Table Discussion

Conference Quotes

Conference in Numbers

Conference in Pictures

Sponsors

Register for GRC Conference

OCTOBER 2019

ISACA Certifications

03

04

05

06

12

13

14

15

16

17

18

19

Copyright & DisclaimerAll documents, pictures, graphics and layout of these pages are protected by worldwide copyrights. Unauthorised use, reproduction or distribution of some or all contents of these pages will be prosecuted.

Report compiled by members of education commitee namely:Benadatte NjorogeBonface AsiligwaFaith Wawira

Published by;Superior Arts & DesignsEmail: sa.designs05@gmail.comPhone: +254 702 303 160

2019 Conference Report 3

ISACA Kenya Chapter is a not-for-profit and a non-union professional association in the IT-related industry founded in Kenya in December 1998 by a group of volunteers. The Chapter got its Charter from ISACA International in 1999 and was registered in April 2000 under

the Kenya Societies Act. The Chapter was officially launched in October 2000 at the Grand Regency Hotel where more than 100 delegates were in attendance.

This year the Kenya Chapter is celebrating 20 years and has since experienced tremendous growth in membership. It has earned global recognition for achieving the second highest annual percentage growth in membership worldwide. From the initial formation team of eight in 1998 to the current membership of over 1,400, the Chapter is now categorized in the largest chapter group by ISACA International.

The annual conference is the main event that takes place once a year, bringing together the best minds in government and business to discuss and debate strategies and solutions needed to build better governed, more risk-aware, and compliant organizations.

The 2019 Annual conference was themed; Enabling Digital Transformation. It was held at the Prideinn Shanzu Mombasa between 10th – 12th April 2019. The theme reflects the innovation and new business models due to the dynamic technological landscape.

ExecutiveSummary01

2019 Conference Report4

OpeningPlenary02

Welcome and Opening RemarksISACA Kenya Chapter CEO Preston Odera, gave the opening remarks and talked about ISACA international being 50 years and the Kenya Chapter being 20 years. He highlighted how the chapter started with no office but has grown exponentially over the years .He thanked the delegates and the sponsors for making it to this year’s conference.

ISACA Kenya Chapter President, Raymond Bett, gave his remarks and provided a background of ISACA Kenya Chapter and the milestones achieved. He informed the delegates of the membership and the certifications offered. He provoked the thoughts of the delegates based on the conference theme by playing a video that showed the companies that have survived because of embracing digital. He also talked about how emerging technologies bring about both benefits and risks in the digital ecosystem. This set the stage for all speakers on digital transformation.

2019 Conference Report 5

ChiefGuest03

Nicholas Mulila, Chief Corporate Security Officer Safaricom was the Chief Guest and he posited that digital transformation is about the future getting happened and all about customer experience. The digital transformation agenda will require education

and skills building, buy in from executive sponsors, consideration for customer data privacy. Cybersecurity will be at the core of digital transformation as it will require consideration of the right controls, ensuring controls are working, confirming users have the right access and ensuring whatever is put out there belongs to the rightful users.

2019 Conference Report6

SessionSpeakers04

Adam Lane - Senior Director Public Affairs, Huawei -Tap into new growth with intelligent systems yearsICT infastructure will be the foundation of the intelligent world. Strong ICT infrastructure improves the quality of economic growth. Its important for countries to have digital strategies. 5G (5th generation) is here and will enable intelligent internet of things and will be adopted by various industries and sectors.

Pratik Roy - Business Group Director (Secure & Modernworkplace), Microsoft - Securing OrganisationtransformationDigital is changing what you do. Digital tranformationtouches on customer, product, process and people.The pillars of intelligent security are identity and accessmanagement, information protection, security management and threat protection

Shawna Flanders - Director instructional Technology & innovation, MISTI - Understanding the difference:digitisation, digitalisation, RPA and digital transformation. If you want to be successful in digital transformation, the steps needed to take place are documentation, amaturity level of where you are, identify what is the organisation culture is, is it ready for automation to lead to digital transformation.

2019 Conference Report 7

Session Speakers

Robert Nyamu : EY Partner and Financial Services and Risk Advisory Leader East Africa- Unlocking the strategic value of data analytics Disruption is going to happen at an exponential rate. Data analytics is a big part of digital transformation wave. It’s one thing to make investments in technology, it’s another to harness and accrue the value from the investment. The types of analytics in place: reporting, descriptive, predictive and prescriptive.

William Makatiani –CEO -Serianu: Cybersecurity in the boardroom: using metrics & risk quantification to enhance cyber risk conversations Digital transformation has changed how business is done and at the core of disruption is the basic processes. The 2019 cyber security priorities lies in six areas i.e Skills and Training, Continuous monitoring, Fraud and Breach Scenario, Board awareness, Risk quantification and Malware eradication.

Justus Ongera – OAG IT Director on behalf of FCPA Edward Ouko- Future auditing in big data environment Significance of big data audit to office of OAG – ability to detect fraud, analyse data better, analyse the quality of work, analyse new sources of data not previously audited. Use cases for big data is citizen participatory audits (CPA) and social media analytics.

2019 Conference Report8

Gerald Kasimu – Head of Advisory, KPMG - Emerging technology risk. Risk plays is an integral part in day to day business. Its important to have risk practitioners in the room. Data is the foundation for a larger part of digital transformation and as such the data has to be reliable Digital Transformation is not about avoiding the risks that come with building algorithms or about creating rigid structures that stifle innovation and flexibility. It’s about enabling new opportunities in such a way that a trustworthy outcome is an intrinsic part of the process.

Dr. Katherine Getao – CEO ICT Authority - Digital solutions for the 19th, 20th and 21st century. We are looking at solving complex future problems yet simple problems like food stress are yet to be addressed Digital transformaiton will not work if some people are not benefitting. What this means for Kenya is: stop looking at the latest century and ignoring the other centuries; move from innovation to invention and make things to address challenges; enable people’s spirits. The 21st century needs people more. The fundamental question will be what is does it mean to be a person or be human? The jobs of the future will be jobs based on talent - Liberate yourself and find out what your talent is.

Dr. James Chu – Principal consultant Digtial transformation & , Huawei - building an end to end cybersecurity system. The elements of cybersecurity are personnel, environment and information.End to end (E2E) cybersecuity system involves looking at 3 areas: Management system e.g. policies, procedures, 3rd party management; Technology system e.g. security, technology and tools; and Operation system e.g. business continuity and disaster recovery.

Session Speakers

2019 Conference Report 9

Jane Wanjiru – on behalf of Vincent Ngundi – acollaborative approach to national cyber resilience.Everyone is looking at cybersecurity through theirown lens. There needs to be a common approach tolook at it. There is need for collaboration since cyberthreats are evolving, no one sector can mitigate therisks and there is need to protect nationalinfrastructure.

Opeyemi Onifade – MD Afenoid Enterprises -Imperatives for governing digital transformationmanagement programs. Digital transformation is being focussed on capabilities and competitiveness in the digital age. Business models must be re-invented to create value. It’s about how the technology can helps us not how good or bad it is. The end goal is organisational sustainability and strategic realisation to harness stakeholder value.

Satyajit Turumella –PKF - Data analytics as part of financial and forensic audits. Data analytics in fiancial audits is used for checking overall security, checking segregation of duties conflict and non financial data analysis for value addition. In the use of data anlytics, a fundamental question to ask is what value you’re going to provide that someone else is not giving. In forensic audits, analytics can be used to analyse structured and unstructured data to identify trends.

Session Speakers

2019 Conference Report10

Tim Theuri – Blockchain technology opportunity and risks.Blockchain is a list of records (Blocks) that is forever growing . The blocks are linked and secured using cryptography. While Bitcoin is established as the leading digital currency , banks are more focused on applications of the underlying blockchain technology. Blockchain faces challenges and with this challenges risks are bound to exist. To date, there is no practical full implementation of block chain in Kenya today.

Janet Othero – Legal tools that can aid compliance and privacy protection. Formulation of cyber security policies, SLA’s, contracts with external parties should not only be left to IT since the legal team has to be included especially when considering the clauses included in the documents. Cyber security touches on the business and as such respective departments have to be involved i.e. legal, risk, compliance, IT. Compliance is key to remaining competitive.

Major, Henry Kinyua Mwenemeru – Adoption of BYOD in an organisation. Organizations that embrace BYOD (Bring your own device)concept have many benefits. However its unstructured adoption might be catastrophic for an organization. In adopting BYOD; the presence of benefits means that BYOD can be implemented or exploited by organization. The presence of challenges means that BYOD should be implemented cautiously. Thus, hybrid model guides on how to adopt BYOD so as to exploit the benefits while at the same time addressing the challenge of BYOD in Kenya

Breakout Sessions

2019 Conference Report 11

Baranabas Chirombo - Head ACL Africa RPA- Harnessing the power of AI and ML.There are many changes in the environment among them being: data which is an integral asset in the future; and customer needs where its important for businesses to know what their clients want. Companies have to adopt to changing environmental factors. To stay relevant in the age of AI revolution, its important to collborate, brainstorm, start small, focus on creating value and piggy back on innovators.

Sylvia Mulinge – Chief Customer Officer, Safaricom- women in technology and their contribution to the bottom line. How do we create opportunities for women from classrooms to the boardroom? Men in the room need to be allies for women to be able to create impact. If we want to have more women in technology or board positions, we have to win in schools, universities and villages. There can be no change without confrontation. We must be deliberate on the change we want to see. Seek progress and not perfection – it will create an opportunity for another woman.

Session Speakers

2019 Conference Report12

05She LeadsTech

The program seeks to increase representation of women in technology and leadership roles.

8 7%UNDER REPRESENTATION OF WOMENAccording to the ISACA survey, there is 87% under representation of women in technology sector. Issues identifed included lack of mentors, no female role models, gender bias, no safe spaces, unequal pay for same skills. Reason for under representation – IT perceived as male dominated. This formed a key motivation for the SheLeadsTech program inorder to Engage, Empower and Elevate women.

2019 Conference Report

Round TableDiscussions

Session 3Before you start a digital journey, you need to check whether you are ready. We actmanual but think electronic.Moderator: Wycliffe MomanyiPanelists: Justus Ongera, Gerald Kasimu.

Session 2“Fibre will not be made redundant by 5G but there will be less need for it. Fibre doesn’t use spectrum 5G uses spectrum which is limited”Moderator: Jonah OwittiPanelists: Shawna Flanders, Robert Nyamu, William Makatiani

Session 5In setting your goals-Always include a timeline.-This ties your missionModerator: Edwin KamarPanelists: Opeyemi Onifade, SatyajitTurumella

Session 4Outlining your vision should always be on a positive note.Moderator: Anthony MuiyuroPanelists: Dr. Katherine Getao, Dr. James Chu, Jane Wanjiru

Session 6Women have to choose whether to define themselves or allow others to define them. Women need to upscale themselves to meet opportunityModerator: Dorine NaloPanelists: Angela Ng’ang’a, Sylvia Mulinge, Shawna Flanders

Session 1“Most companies make products they want and not what customer wants. Companies need to use data for innovation”Moderator: George NjugunaPanelists: Adam Lane, Pratik Roy

06

13

2019 Conference Report14

07QuotesWhat Was Said

‘ ’A fool with a tool isstill a fool. -OPEYEMI ONIFADE

if you need it, we got itif you need it, we’re looking for it

if you need it, we don’t have it - ( howNakumatt got disrupted)

-JONA OWITTI

We need a lot more enlightened men and brave women to create the

change we want to see. -SYLVIA MULINGE

Technology has an impact on your suppliers, customers and partners ingeneral. -RAYMOND BETT

Are we a barrier or support for business in adoption of digital agenda. -GERALD KASIMU

Research and development will be akey area for collaboration in cybersecurity. -JANE WANJ IRU

Responsible disclosure implies that the vulnerability finder and vendor work

together. -DR. JAMES CHU

Look for solutions to reduce the securitymanagement layers in an organisation to

bring them into one. -PRATIK ROY

It’s important for countries to havedigital strategies

-ADAM LANE

The future gets happened -NICHOLAS MULILA

You ride the wave or the wave rides you (on disruption) -ROBERT NYAMU

The jobs of the future will betalent based jobs -DR. KATHERINE GETAO

2019 Conference Report 15

08The ConferenceIn Numbers

OVER 300 PARTICIPANTS

5 COUNTRIES REPRESENTED

9070 TWEETS

16 SPEAKERS, 7 MODERATORS8 PANEL SESSIONS

11 QUESTIONS ON KAHOOT,87 PLAYERS, 3 WINNERS

OVER 400 QUESTIONSASKED AND ANSWERED

3 SESSIONS DEDICATED TO WOMEN IN TECHNOLOGY

2019 Conference Report16

The Conference In Pictures 09

2019 Conference Report 17

Sponsors

All sponsors had a tent at theconference venue to showcase

their products and services

2019 Conference Report18

Register for GRC ConferenceOCTOBER 2019

The premier conference for governance, risk and compliance executives, decision makers, regulators, subject matter experts.Join us and learn from key industry players.

Register Now!!!

www.isaca.or.ke

Pre-Conference: COBIT 2019 Foundation Course:14th - 15th October

Main Conference: GRC-A pathway to sustainable enterprise performance:16th - 18th OctoberVenue:Acacia Hotel, Kisumu City

2019 Conference Report 19

ISACACertifications

Vision Plaza 3rd Floor Suite 4

info@isaca.or.ke www.facebook.com/ISACAKenya @isaca_kenya

Tel: +254 (0) 20 51 00001 +254 (0) 786 249357 & +254 (0) 717 116518 www.isaca.or.ke

P.O Box 10384 – 00100 Mombasa Road, Nairobi, Kenya.