The Information Systems Audit and Control Association (ISACA) Kenyan chapter recently hosted a half-day online conference attracting over 90 professionals. As the world continues to find its way through the ongoing pandemic, many businesses – big and small – are facing numerous challenges with some struggling to stay afloat. The conference by ISACA was themed around understanding ways to navigate such disruptions.
The meeting was facilitated by different industry experts familiar with different subject matters and was moderated by Boniface Asiligwa, the chairman of the Education Committee and Dorine Nalo the liaison from SheLeadsTech.
Here’s a breakdown of the different experts thoughts as shared during the conference
Ken Kaberia – Head Enterprise Risk, Safaricom PLC
TOPIC: EFFECTIVE RETURN PLANNING
The speaker presented a COVID-19 return to new normalcy based on a WHO pandemic response plan.
He highlighted what business leaders should look for in the coming weeks and that in the current business situation, there are three questions business leaders are asking, that is Depth of disruption which is impact, Length of disruption and shape of the recovery.
The audience were taken through steps towards recovery from Resolve to Resilience and reimagination to Reform. The speaker warned that rapid Return comes with higher risks and a new reality. Participants were taken through an effective methodology of return- AACT Planning Model. The AACT model focuses in Adopting the business to a new world, Accelerating structural shifts, Crafting stage-based return plans, workforce and customers and Time- transitioning given the local environment that most businesses will be considering a stage-based return.
The speaker informed the audience that remote work may have important benefits beyond resilience to Covid-19. These benefits may include improved productivity, lower-cost production, Improved Talent access, and high employee’s satisfaction. He advised organizations to set up COVID-19 crisis management /Nerve centres support because new behaviours can evolve into the new normal for organizations
Mercy Wanjau – Ag. Director-General Communications Authority of Kenya
TOPIC: The ICT Regulator’s Role in Maintaining Enterprise Resilience During Systematic Disruption
The AG Director stated that ICT Regulator is concerned about the risks and disruptions during the pandemic and it was committed to helping the licensees remain resilient and also to protect consumers during these systemic disruptions.
She said that Resilience is all about being able to overcome the unexpected while Sustainability is about survival and the goal of resilience is to thrive.
The AG stated that Digital connectivity drives every aspect of the Kenyan economy: creating jobs, increasing productivity and efficiency. From interconnected health systems to enhanced detection and response to the pandemic; to all levels of education going online; e-government, working from home; e-commerce for business sustainability, amongst others. Therefore, digital connectivity is our new reality that is currently being critically tested with the systemic disruption caused by the current pandemic and associated risks.
She informed the audience that the Authority established the Kenya Computer Incidence Response Team – Coordination Centre (National KE-CIRT/CC) in 2012 as Kenya’s national trusted point of contact, coordination and response to cyber threats. It, therefore, operates 24/7 in managing cybersecurity in Kenya. She revealed that ever since week one of the pandemic in March this year, most of the institutions had embraced work from home program. This in effect resulted in a lot of cyber-related attacks. From the time when the first COVID-19 case had been reported in Kenya a total of 16, 450, 346 cyber threat events had been detected.
In order to mitigate cyber risks and disruptions she reiterated the need to cyber awareness through all channels of communication, the collaboration between local and international partners, and enhanced internal processes such as enhancement of incident handling, forensics investigation capabilities and upgrade of detection and analysis capabilities.
Adam Lane – Deputy CEO, Public Affairs Huawei Kenya
TOPIC: Cyber Security Strategies for Enterprise Resilience During Systemic Disruption
The speaker explained Huawei’s strategy on Smart Devices, Connectivity, Computing, Cloud and Providing Products and Solutions for three Customer Groups; i.e. Hundreds of Millions of Consumers, Global Carriers, Global enterprises, Governments and Industries.
He reiterated that an intelligent world calls for global connectivity and mutual trust that will maintain global prosperity, that Huawei is committed to providing technology for all and technology for good that prioritizes development, enhances global collaboration, promotes innovation and ensures ubiquitous connectivity, digitization and AI. However, with this technology comes unprecedented challenges like cybersecurity.
Participants were taken through applications of digital technology in the anti-epidemic fight showing how 5G, AI, big data, cloud computing and other tech have been deployed to prevent contagion, treat patients, and shorten the crisis. The speaker demonstrated this showing how in Kenya Huawei’s provision of video conference systems has helped multiple Kenyan Ministries improve their co-ordination, and learning from overseas. The speaker also mentioned how, through the Ministry of ICT, they shared global experiences in how ICT can fight against COVID-19 through best practices. From the talk, it was clear that Healthcare will not escape the ongoing industrial digitization and the importance of connectivity for homes, businesses and education. Governments should promote the construction of digital infrastructures.
The speaker informed the audience that emerging technologies drive digital growth while bringing new challenges to cybersecurity and privacy protection and that the World Economic Forum ranks Cyber Attacks the third biggest threat to mankind, behind extreme weather and natural disasters. Participants learnt about Huawei’s cybersecurity journey from making cybersecurity and privacy protection the company’s top priorities through to the strategies and end-to-end systems that Huawei uses to build trust and high quality into every ICT infrastructure product and solution that it develops. Key issues highlighted included the focus on people, processes, standards, independent verifications, and supply chain engagement.
Mark Thomas – CGEIT, CRISC Escoute, LLC
TOPIC: Rethinking IT Governance in a disruptive environment – How to re‐adjust your governance framework to be resilient and adaptable
From this speaker, it came out that with the growing complexity of today’s information and technology environments, having a proper governance framework that is tailored to your unique environment is key. That a tailored governance system requires a multitude of components, including processes, organizational structures, Information flows, behaviours, etc.
These need to work together in a systemic way in any governance system which will synchronize the IT, business and assurance functions. Participants were taken through the flexibility of the COBIT 2019 framework and how to develop a tailored governance system using the design factors with a real-world case Study
Participants gained on how to determine an appropriate governance system for enterprise considering the current disruptive environment that involves. An appropriate governance system involves gaining an understanding of the drivers for adopting a governance program, Assembling the right stakeholders and verifying their support, educating stakeholders on enterprise governance over I&T, gaining full agreement on the design factor analysis and Consider cultural aspects of adopting an EGIT system