ITWeb Security Summit 2019

27 May: Half-day workshops
28 & 29 May: Conference & exhibition
30 & 31 May: Training
Sandton Convention Centre


In an increasingly connected, digital world, cyber security threats are constantly evolving and increasing in number and sophistication. Security professionals need to be up to speed with the latest technologies, techniques and skills for predicting and mitigating potentially crippling cyber attacks, the methods and tools in use by today's threat actors, and the latest legal and compliance demands.

The ITWeb Security Summit 2019, now in its 14th year, will bring together again leading international and local industry experts, analysts and end-users to unpack the latest threats facing African CISOs, CIOs, security specialists and risk officers, demystify emerging cyber security strategies in AI, blockchain, IOT, DevSecOps and more, and explain how to increase an organisation's cyber resiliency.


31 May 2019 - by Matthew Burbidge Battle lines drawn in coming cyber war
Battle lines drawn in coming cyber war

What’s the worst that can happen in a cyber attack? Plenty, says Pukhraj Singh.

31 May 2019 - by Paula Gilbert Even your bot needs to have a manageable identity
Even your bot needs to have a manageable identity

Identity governance platforms will need to evolve to identify and manage not only humans, but the non-human elements in our systems.

30 May 2019 - by Marilyn de Villiers Plan like a marketer, test like an attacker
Plan like a marketer, test like an attacker

Most IT security failures occur because cyber criminals know the psychology of human nature and how to exploit it.

29 May 2019 - by Kirsten Doyle Constant need for profit sees cyber security suffer
Constant need for profit sees cyber security suffer

Security is hard because business is hostile to anything that does not bring profit, says the Institute for Security and Open Methodologies.

28 May 2019 - by Matthew Burbidge Don't lie about being hacked
Don't lie about being hacked

The response to the breach is more important than the breach, says security researcher Graham Cluley.

28 May 2019 - by Kirsten Doyle Curb machine learning expectations in security
Curb machine learning expectations in security

Rather than being used in isolation, machine learning must act as another layer to boost security, says Cisco distinguished engineer TK Keanini.


This week we focus on: Pukhraj Singh

Security Operations & Threat Intelligence Practitioner/Writer

Pukhraj Singh is a cyber intelligence analyst with 14 years of experience. He played an instrumental role in the setting up of the cyber defence operations centre of the Indian government after the 26/11 terror attacks. Pukhraj also had very brief stints in the private sector, working with Symantec’s DeepSight – industry’s first threat intelligence team – and innovative American, Canadian, and Israeli firms.

He has spoken at a variety of national security fora and hacking conferences, including BSides Delhi 2018 and RootConf 2018. Pukhraj’s writings have appeared in leading Indian journals and newspapers and he writes often about security on his blog:

Pukhraj will be giving a keynote address on Politics and power in cybersecurity.


Day One, Track One: Strategy and User Awareness

This track takes a strategic look at implementing a business-driven cybersecurity plan and where the responsibility for cybersecurity should sit within your organisation. It also examines how to raise awareness of cybersecurity throughout your business – from the boardroom to the shopfloor.

Day One, Track Two & Day Two, Track Four: Governance, Risk, Compliance and Regulation

These tracks will provide an update on all the current and proposed legislation around cybersecurity, most notably the Cybercrimes Bill. It also examines the need to quantify your cyber risk, identity governance, security ratings, the NIST Framework and much more.

Days One and Two, Track Three: Trends Impacting Security

On both days, there will be a track focusing on the latest technology developments and the implications that they have for information and cybersecurity. Some of the subjects covered include: Blockchain, AI, Cloud, IoT, cyber analytics, data security, DevSecOps and much more.

Day One, Track Four & Day Two, Track One: Blue team strategies

These tracks will focus on the defensive tools, technologies and strategies that your blue team should be considering. Topics such as EDR, Incident Response, Threat Hunting, Privileged Account Management and Effective Breach Defence will be covered.

Day Two, Track Two: The latest threats and how to respond

This track looks at what methods threat actors are currently using and how best to mitigate these threats. Hear the latest on ransomware attacks, software and hardware supply chain compromises, industrial control system threats and more.


Craig Rosewarne, Managing director, Wolfpack Information Risk

Led by: Craig Rosewarne, managing director, Wolfpack Information Risk

This workshop will provide you with practical advice, tools and methodologies for developing and implementing a comprehensive cybersecurity programme that is aligned with your business’ overall security strategy and has the buy-in of your senior management team.

Led by: Greg Griessel, consulting systems engineer & Paul Beyleveld, consulting systems engineer, Cisco

In this highly practical and interactive workshop, you will experience a day in the life of a malware attack and how to respond to it. It will also cover steps you can take before a breach to minimise attacks.

Led by: Ashraf Abdelazim, Manager Threat Management – MEA, Amr Awad, MEA Technical Leader, Ahmed Hashem, Senior Principle Consultant, IBM

Today’s cybersecurity operations face many challenges, one of which is having enough data but not enough insights to address cybersecurity risks. In this workshop, the IBM Threat Management Team for the Middle East and Africa will discuss and demonstrate how to build four effective pillars for threat management.

Led by: Pete Herzog, Managing Director, The Institute for Security and Open Methodologies (ISECOM) (USA)

This workshop will review the specific cybersecurity threats that teenagers are regularly exposed to and will provide practice advice and tools on how parents, teachers and anyone who is interested can teach cybersecurity to teens in a fun, interesting and engaging way.

Led by: Jason Jordaan, Principal Forensic Analyst & Veronica Schmitt, Lead Forensic Analyst DFIR Labs

This workshop will examine system-generated logs, the process of tracking events, the reviewing of security event logs and the use of additional open source logging, all of which will enable you to significantly enhance your visibility of illicit or malicious movement in your environment.

Led by: Dr James Stanger, Chief Technology Evangelist, CompTIA (USA)

This half-day workshop will discuss penetration testing, security analytics and risk management, as well as the tools and approaches that are used in today’s Cloud, IoT, and perimeter-free environments. The presenter will explain the hacker lifecycle, the pen tester’s lifecycle and also how security analysts look for indicators of compromise.



  • Identify threats: Explore the latest security threats to your organisation.
  • Create awareness: Understand how to combat user ignorance by implementing innovative user-awareness programmes.
  • Ensure compliance: Learn how to comply with local and international data protection and privacy legislation.
  • Safeguard assets: Understand how to protect critical networks and data through effective endpoint detection and response strategies.
  • Learn what works and what doesn't: Gain insights into successful security strategies and best practices.
  • Experience it: Witness demonstrations of the latest information and cyber security tools and techniques.
  • Explore options: Speak directly with suppliers, providing a wide range of innovative security products and solutions.
  • Exchange ideas: Network with your peers and industry experts.


In addition to the Summit, ITWeb is offering you the opportunity to benefit from an in-depth two-day training course on 30 & 31 May. Choose from one of the following options:

Training course 1: Ethical Hacking 101, led by Telspace Systems.

This course, while remaining ethical in its approach, will ensure that you understand and are able to get from the perimeter right into the heart of networks and systems.

Training course 2: Incident Response, led by CYBERGYM SA.

Held at CYBERGYM’s state of the art cyber arena, this course will provide you with the opportunity to experience and handle a wide range of cyber-attacks, while equipping you with the ability to sharpen your skills in detecting, investigating, mitigating and recovering from cyber events.

Training course 3: Cyber Risk Assessment and Quantification, led by The FAIR Institute.

This course will familiarise you with all the information you need to know in order to understand, analyse, measure and quantify cyber/information risk.


The BIG Idea – ITWeb Security Summit

New security events are always going to find their way into the South African events calendar. The difference between ITWeb's annual Security Summit and other security events is that, unlike others, we're here to stay and we deliver!

ITWeb Security Summit 2019 is the 14th annual event for industry: we listen to our market and we consistently deliver on a campaign and event platform that speaks to your ultimate goal – ROI.

Top international, African and local speakers will again ensure this summit continues to build on its legacy as the 'must attend' gathering for every IT, security and business decision-maker who is serious about promoting excellence in information security to the benefit of his/her company and the information security community as a whole.

Is this an audience you want to reach?
Contact Debbie Visser today for a detailed proposal outlining options available:

Testimonials from previous sponsors:

"Just a thank you from my side. I can tell you the internal response and our VP feedback is great, and we have a real opportunity to take this forward into the future. I believe we did not just achieve what we had in mind, but got a lot more... A good idea can only be executed with people who can make a difference, thanks." - Cisco
"Thank you for a wonderful event! We made some great contacts and had a busy stand." - SailPoint
"Very useful. Interactive. Nice usage of venue. Optimum amount of attendees and sponsors." - Forcepoint
"My team was very pleased with how the event turned out and I really appreciate how helpful your team has been, from beginning to end." - Cloudflare

Event Sponsor

Cisco (NASDAQ: CSCO) is the worldwide technology leader that has been making the Internet work since 1984. Our people, products, and partners help society securely connect and seize tomorrow's digital opportunity today. Discover more at and follow us on Twitter at @Cisco.
Cisco, the Cisco logo, Cisco Systems and Cisco IOS are registered trademarks or trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries. All other trademarks mentioned in this document are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. This document is Cisco Public Information.

Diamond Sponsor

Empowering Africa through innovative IT solutions.
Networks Unlimited is a Value-added Distributor, offering some of Gartner's most highly recognised solutions within the Cybersecurity, Enterprise Systems Management, Cloud, Networking and Storage arena. Our solutions are sold through an extensive, reputable and solution-focused reseller base across 36 countries on the African continent.

Click here to register

Become a Sponsor

Event Sponsor

Diamond Sponsor

Platinum Sponsors

Security Survey & Executive Roundtable Sponsor

Gold Sponsors

Silver Sponsors

Bronze Sponsors

Display Sponsors

Showcase Sponsor


Endorsed by


pDBException: [1]: Database not defined