ISACA Kenya chapter hosted a half day online conference that attracted over 90 professionals. ISACA is an international professional association focused on IT governance.
The conference theme resonated with the current realities of business environment. It was facilitated by industry subject matter experts as below and Moderated by Boniface Asiligwa Chairman Education Committee and Dorine Nalo – She -Leads Tech Liason
Among key speakers were Ken Kaberia, Head Enterprise Risk at Safaricom PLC, Mercy Wanjau, DG at Communications Authority of Kenya, Adam Lane, Deputy CEO, Public Affairs Huawei Kenya, and Mark Thomas, CGEIT, CRISC Escoute, LLC.
Ken Kaberia, one of the speakers is the Head of enterprise risk at Safaricom PLC. He talked about effective return planning. Are you considering returning to business in the next coming weeks?
The speaker presented a COVID-19 return to new normalcy based on WHO pandemic response plan.
He highlighted what business leaders should look for in the coming weeks and that in the current business situation, there are three questions business leaders are asking
- Depth of disruption which is impact
- Length of disruption
- Shape of recovery
The audience were taken through steps towards recovery from Resolve to Resilience and reimagination to Reform. Ken warned that rapid return comes with higher risks, and a new reality. Participants were taken through an effective methodology of return- AACT Planning Model. The AACT model focuses in Adopting the business to a new world, Accelerating structural shifts, Crafting stage-based return plans, workforce and customers and Time- transitioning given the local environment that most businesses will be considering stage-based return.
The speaker informed the audience that remote work may have important benefits beyond resilience to Covid-19. These benefits may include improved productivity, lower cost production, Improved Talent access, and high employee’s satisfaction. He advised organizations to set up COVID-19 crisis management /Nerve centers support because new behaviors can evolve into the new normal for organizations
Next was Mercy Wanjau, the AG Director General Communications Authority of Kenya
TOPIC: The ICT Regulator’s Role in Maintaining Enterprise Resilience During Systematic Disruption
The AG Director stated that ICT Regulator is concerned about the risks and disruptions during the pandemic and it was committed towards helping the licensees remain resilient and also to protect consumers during these systemic disruptions.
" Resilience is all about being able to overcome the unexpected while Sustainability is about survival and the goal of resilience is to thrive"
The AG stated that Digital connectivity drives every aspect of the Kenyan economy: creating jobs, increasing productivity and efficiency. From interconnected health systems to enhanced detection and response to the pandemic; to all levels of education going online; e-government, working from home; e-commerce for business sustainability, amongst others. Therefore, digital connectivity is our new reality that is currently being critically tested with the systemic disruption caused by the current pandemic and associated risks.
She said that the Authority established the Kenya Computer Incidence Response Team – Coordination Centre (National KE-CIRT/CC) in 2012 as Kenya’s national trusted point of contact, coordination and response to cyber threats. It therefore operates 24/7 in managing cyber security in Kenya. She revealed that ever since week one of the pandemic in March this year, most of institutions had embraced work from home program. This in effect resulted to a lot of cyber related attacks. From the time when first covid-19 case had been reported in Kenya a total of 16, 450, 346 cyber threat events had been detected.
In order to mitigate cyber risks and disruptions she reiterated the need to cyber awareness through all channels of communication, collaboration between local and international partners, and enhanced internal processes such as enhancement of incident handling, forensics investigation capabilities and upgrade of detection and analysis capabilities.
To cover cyber security strategies was Adam Lane Deputy CEO, Public Affairs Huawei Kenya
TOPIC: Cyber Security Strategies for Enterprise Resilience During Systemic Disruption
Adam Lane explained Huawei’s strategy on Smart Devices, Connectivity, Computing, Cloud and Providing Products and Solutions for three Customer Groups; i.e. Hundreds of Millions of Consumers, Global Carriers, Global enterprises, Governments and Industries.
He reiterated that an intelligent world calls for global connectivity and mutual trust that will maintain global prosperity, that Huawei is committed to providing technology for all and technology for good that prioritizes development, enhances global collaboration, promotes innovation and ensures ubiquitous connectivity, digitization and AI. However, with this technology comes unprecedented challenges like cyber security.
Participants were taken through applications of digital technology in the anti-epidemic fight showing how 5G, AI, big data, cloud computing and other tech have been deployed to prevent contagion, treat patients, and shorten the crisis. The speaker demonstrated this showing how in Kenya Huawei’s provision of video conference systems has helped multiple Kenyan Ministries improve their co-ordination, and learning from overseas.
She also mentioned how, through the Ministry of ICT, they shared global experiences in how ICT can fight against COVID-19 through best practices. From the talk it was clear that Healthcare will not escape the ongoing industrial digitization and the importance of connectivity for homes, businesses and education. Governments should promote the construction of digital infrastructures.
She informed the audience that emerging technologies drive digital growth while bringing new challenges to cyber security and privacy protection and that the World Economic Forum ranks Cyber Attacks the third biggest threat to mankind, behind extreme weather and natural disasters. Participants learnt about Huawei’s cyber security journey from making cyber security and privacy protection the company’s top priorities through to the strategies and end-to-end systems that Huawei uses to build trust and high quality into every ICT infrastructure product and solution that it develops. Key issues highlighted included the focus on people, processes, standards, independent verifications, and supply chain engagement.
How do you re-adjust your governance framework to be resilient and adaptable? Mark Thomas covered this topic during the session.
TOPIC: Rethinking IT Governance in a disruptive environment
From this speaker it came out that with the growing complexity of today’s information and technology environments, having a proper governance framework that is tailored to your unique environment is key. That a tailored governance system requires a multitude of components, including processes, organizational structures, Information flows, behaviors, etc.
These need to work together in a systemic way in any governance system which will synchronize the IT, business and assurance functions. Participants were taken through the flexibility of the COBIT 2019 framework and how to develop a tailored governance system using the design factors with a real-world case Study
Participants gained on how to determine an appropriate governance system for enterprise considering the current disruptive environment that involves. An appropriate governance system involves gaining an understanding of the drivers for adopting a governance program, Assembling the right stakeholders and verifying their support, educating stakeholders on enterprise governance over I&T, gaining full agreement on the design factor analysis and Consider cultural aspects of adopting an EGIT system