Kris is the lead partner for PwC Cyber Africa, with 20 years’ operational and advisory experience in the industry. Kris has led engagements in Information Security Architecture, Information Security Audit, Advisory and Consulting, and is a subject matter expert in IT and Cyber-Security, Vulnerability Management, IT and Security Governance, Data Privacy, as well as Systems Risk Management and ICT Compliance Management. In his professional capacity, working as a volunteer to the IT Governance Institute (ITGI), Kris has contributed to the development of the COBIT 4.1 Implementation guide, COBIT Control Practices, VALIT 2.0 as well as the VALIT Assurance guide. Kris also serves as a Board Subcommittee advisor on Cyber, as CISO, or as an advisor to the CISO, at a number of large and medium-sized retail and financial services institutions.
Anna Collard is the founder of security content publisher Popcorn Training – a South African company that promotes cyber security awareness by using innovative, story-based techniques and gamification to make complex content simple to understand and easy to remember. Anna has been working in the information security field for 17 years, assisting corporates across South Africa, Europe and the US to keep their information assets safe, and holds various security certifications such as CISSP, CISA, ISO 27001 lead auditor, CIPP/IT and used to be a Visa/Mastercard PCI DSS QSA. US-based cyber security awareness training giant KnowBe4 acquired Popcorn Training in 2018. Anna maintains her role as Managing Director of Popcorn Training/Knowbe4 Africa driving security awareness across the African continent.
Manuel is currently employed as the Chief Operating Officer at Telspace Systems. Manuel has a passion for information security and over the years has gained a significant amount of knowledge and experience in the both the technical (operational) and management areas of information security. Throughout his career he has been involved in information security-related research, training, awareness and advisory projects targeting industry sectors, large financial/government institutions, multinational organisations and SMEs. He has overseen a large number of projects, including but not limited to: implementing an Information Security Management System (ISMS); Incident Management; assessing organisations, identifying gaps and remediating the identified gaps. He was previously a full-time lecturer at the University of Johannesburg (UJ), where he specialised in the fields of Software Engineering and Information Security. He currently provides specialised and tailor-made training to different teams within organisations. Manuel also facilitates and speaks at numerous conferences as well as taking part in radio interviews and forming part of specialist panels.
Gerhard has more than fifteen years of experience embedding information security and information risk in organisations. Gerhard holds a B.Com Honours degree in Informatics as well as the CISSP, CISM, CGEIT, CIPT and CRISC certifications. His experience includes heading up Information Risk (focusing on information security) at a large retail bank and IT Governance (including information security) at a stock exchange for a number of years. Gerhard currently heads up the Cyber and Information Security function for the South African Reserve Bank.
Kirsten Doyle has been involved in the ICT and information security arena for 20 years, working in various media and marketing roles. For the last 12 years, she has been an editor and journalist at ITWeb where she has covered information security extensively. In addition, she edits a weekly security newsletter for ITWeb, writes features and a security roundup month for Brainstorm magazine each month, and works closely with events, to sure each of ITWeb's events are well covered.
Winston Hayden is a recognised industry leader in the field of IT governance, risk, cyber security, compliance, privacy, assurance and service management. He is a former president of ISACA South Africa (the largest association representing IT governance, risk and security professionals in SA). During his tenure as president, the chapter was recognised as the Best Chapter Worldwide. Hayden has contributed towards various IT governance publications, most notably the King III Report on Corporate Governance and the COBIT 5 Governance Framework. Hayden is also a member of the South African National Standards ISO Development Workgroup for IT Governance (ISO-38500) and IT Service Management (ISO-20000).
Roelien Howell (CISM, CIPT, CIPM, CIPP/E, FIP) has extensive consulting experience, specifically in the privacy field and related disciplines. Roelien leads team members to assist various organisations across multiple industries in understanding, prioritising and remediating privacy control requirements. She is passionate about building relationships and identifying practical solutions to support successful projects.
Jason Jordaan's forensic career began in 1991, is considered a leading authority in the field of digital forensics and cybercrime investigation and prevention by his peers, both in South Africa and Internationally. As the principal forensic analyst of DFIRLABS, a specialist digital forensics and incident response service provider, he is responsible for the leadership of the practice, digital forensics quality assurance, complex digital forensics engagements, research and development, and digital forensic practitioner training and proficiency, and regularly testifies as an expert witness. Prior to this he was the national head of the Cyber Forensic Laboratory of the Special Investigating Unit, South Africa's national public sector anti-corruption agency.
Jason is also an internationally respected researcher and trainer in the field of digital forensics, where he is the first African to have been admitted into the DFIR faculty of the prestigious SANS Institute, as well as the first African to become a certified instructor for the International Association of Computer Investigative Specialists. He regularly teaches digital forensics to both law enforcement and the private sector in the United States, Europe and the Middle East. He has a MSc (Computer Science) Cum Laude, a MTech (Forensics Investigation), a BComHons (Information Systems), BSc (Criminal Justice Computer Science) Summa Cum Laude, and a BTech (Policing). He is a Certified Forensic Computer Examiner, a Certified Fraud Examiner, a Professional Member of the Institute of Information Technology Professionals of South Africa, a Professional Member of the Chartered Society of Forensic Science, a GIAC Computer Forensic Examiner, a GIAC Computer Forensic Analyst, and a GIAC Certified Incident Handler. He teaches digital forensics and incident response at on the Rhodes University MSc degree in Information Security and serves on the advisory board of the Department of Computer Science and the University of Pretoria. He serves on the assessment board of the Netherlands Register for Court Experts where he is responsible for assessing the competency of expert witnesses in the field of digital forensics in Dutch courts.
Steve Jump has an unashamedly technical background, being both an engineering graduate and a chartered engineer, which he uses it to translate complex technology into serious business. He started his career a long time ago in electronic systems engineering and has established manufacturing centres and Internet communication providers around Africa.
With in-depth experiential knowledge of electronics, IT, and communication systems development and the potential of contemporary software eco-systems, Steve is able to both identify and predict the changes and risks in information management that consumerisation and advanced technology brings, not just to the economics of the enterprise, but to society as a whole.
Steve has developed comprehensive information security and information technology strategies, including enterprise and information security architecture alignment of IT towards business needs and the creation of a business-centric information security framework that can be used by any organisation to identify threats and plan their security strategy.
Steve has driven the establishment of a security governance function recognisable as a risk management function and successfully transitioned it from Group IT into Enterprise Risk. He is delivering a near real-time security state dashboard so the board and business may be kept aware of the reality and practicality of cyber threats and their defence. He is conversant in the translation of new technologies, new regulatory requirements and new business models into the means to improve governance, reduce costs and measurably reduce information security risk to business.
Maeson Maherry is the solutions director of Etion Secure (incorporating LAWtrust), a business that specialises in trust services such as Advanced Electronic signature solutions, positive identity and encryption in business systems. Maherry made his foray into the emerging field of internet security in 1997, when he became a specialist in public key encryption and digital signatures. A technology expert with 20 years-experience in cybersecurity, Maeson has been part of the industry from the pioneering days of Public Key Infrastructure, right through to the global, legal recognition of standardised digital signatures. He has consulted in this field for all the major banks in South Africa, Germany and the Middle East, and has been involved in the design and implementation of number of trust centres and PKI projects. Maeson's interest and expertise in the field led him to co-author a book on e-commerce and e-commerce security as well as numerous whitepapers and articles on the topic.
As co-founder of LAWtrust, which was acquired by Alt-listed Etion Limited in 2018, he has donned several hats: first as the business development director and then as the solutions director and CIO. He firmly believes in standards, legal principles and pragmatism in designing electronic signature solutions that change the way we do business for the better. Maeson has held many senior leadership roles and has focused on designing and marketing technically complex solutions in a way that is understood by business and government decision makers.
Samresh is the newly appointed Deputy CISO at ABSA Group. Prior to joining the Bank, he was a Partner at EY and their Africa Cyber security Leader. He has over 18 years of experience in the cyber security space and has worked with large financial services, telecommunications and public sector organisations across Africa. With a career rooted in system engineering, Samresh started his career in telecommunications – implementing value added systems for the major carriers in South Africa. He became fascinated with how billing systems could be subverted which has led to a further 18 years of study and work in the cybersecurity field across sectors in Africa. Samresh is also a frequent presenter at conferences and shares knowledge actively as part of roundtable and focused events. He actively engages the African market with a view to improve cybersecurity capability for the protection of public and private enterprises.
Craig is the MD of Wolfpack Information Risk - a South African firm established in 2011 that specialises in cyber threat intelligence, research, training, awareness and advisory services. A community of 9000+ information and cyber security specialists subscribe to their regular community updates. Craig has over 18 years of management experience in the fields of IT & cybersecurity. He is frequently invited to speak at events or provide opinion pieces via TV, radio and print/online media. His qualifications include an MBA, CISSP, CISM, CVE, ISO 27001 Lead Implementer & Auditor, ISO 27035 Lead Incident Response Professional, Certified ISO 27005 Risk and COBIT & ITIL trainer.
Wicus is currently the Lead Researcher at SecureData Labs. He is tasked with investigating industry events and trends, with the single purpose of understanding how these may affect business. Wicus uses his understanding and knowledge to advise customers and threat detection/hunting teams on the appropriate response given the threat or trend. His insights are often used to create new detection processes or tools. Wicus' current role builds on over a decade of experience working as a software developer at an e-commerce technology vendor. Wicus is a regular speaker at conferences and he enjoys conveying complicated technical concepts in ways that the audience can relate to. He is a graduate of the Cape Peninsula University of Technology.
Cybereason is the leader in endpoint protection, offering endpoint detection and response, next-generation antivirus, managed monitoring and IR services. Founded by elite intelligence professionals born and bred in offense-first hunting, Cybereason gives enterprises the upper hand over cyber adversaries. The Cybereason platform is powered by a custom-built in-memory graph, the only truly automated hunting engine anywhere. It detects behavioural patterns across every endpoint and surfaces malicious operations in an exceptionally user-friendly interface. Cybereason is privately held and headquartered in Boston with offices in London, Tel Aviv, and Tokyo.
See more at: www.cybereason.com.
Cloudflare, Inc. (@cloudflare) is on a mission to help build a better Internet. Today the company runs one of the world’s largest networks that powers more than 10 trillion requests per month, which is nearly 10 percent of all Internet requests worldwide. Cloudflare protects and accelerates any Internet application online without adding hardware, installing software, or changing a line of code. Internet properties powered by Cloudflare have all traffic routed through its intelligent global network, which gets smarter with each new site added. As a result, they see significant improvement in performance and a decrease in spam and other attacks. Cloudflare was recognized by the World Economic Forum as a Technology Pioneer, named the Most Innovative Network & Internet Technology Company for two years running by the Wall Street Journal, and ranked among the world's 50 most innovative companies by Fast Company. Headquartered in San Francisco, CA, Cloudflare has offices in San Jose, CA, Austin, TX, Champaign, IL, New York, NY, Washington, D.C., London, Munich, Beijing, and Singapore.
Please visit www.cloudflare.com
Popcorn Training - a KnowBe4 company create high quality, engaging and effective security awareness videos, games and interactive learning modules.
All content is locally produced and available on KnowBe4's award-winning training and simulated phishing platform.
KnowBe4, whose mission it is to help organisations manage the ongoing problem of social engineering are a leader in the Gartner Magic Quadrant for security awareness.
Please visit popcorntraining.com
SensePost is part of Orange Cyberdefense, Europe's largest managed security, threat detection and threat intelligence services provider. SensePost is it’s elite consulting arm, renowned for its expertise, 18 year track record and innovation on the frontlines of cybersecurity.
With team members that include some of the world's most preeminent cybersecurity experts, SensePost has helped governments and blue-chip companies both review and protect their information security and stay ahead of evolving threats. SensePost is also a prolific publisher of leading research articles and tools on cybersecurity which are widely recognised and used throughout the industry and feature regularly at industry conferences including BlackHat and DefCon.
Please visit sensepost.com
Magix Security delivers comprehensive and trusted Cybercrime Defense and Detection solutions and services to address, manage, and contain the risks of financial losses and reputational damage arising from the misuse of applications, or other IT information assets, by employees and/or third parties.
Checkmarx is the global leader in software security solutions for modern enterprise software development. Checkmarx delivers the industry’s most comprehensive software security platform that unifies with DevOps and provides static and interactive application security testing, SCA and developer AppSec training to reduce and remediate risk from software vulnerabilities.
Learn more at Checkmarx.com
Securicom provides best in industry cloud-based Managed IT Security Services to address the increasing security threats that businesses find themselves contending with.
Please visit www.securicom.co.za
Telspace Systems provides security assessment services to organisations in order to make organisations as unattractive to cybercriminals as possible thus reducing their cyber security risk. Our main goal is to provide high quality services to organisations and to add value. Services include Application Assessments (web, mobile and thick), Social Engineering, Attack and Penetration Testing, Infosec Training and Advisory (consulting).
Please visit www.telspace.co.za
Wolfpack provides specialist information and cyber threat consulting, training & awareness services to governments and organisations in Africa and pro bono incident support to victims of cyber attacks.
Please visit www.wolfpackrisk.com