Date 28 - 30 August 2013
Location Morogoro, Tanzania
1st annual Cyber Defence East Africa conference, organised by Norway Registers Development AS and ISACA Tanzania Chapter.
Please see CDEA 2013 conference report.
In order to assist organisations in creating a secure digital environment in the East African region NRD together with ISACA Tanzania Chapter organised Cyber Defence East Africa 2013 - a three-day conference that took place on the 28th-30th August in Morogoro, Tanzania. The main purpose of the event was to help organisations to get up to speed in information security and create a community of IT security professionals ready to protect their networks and handle security incidents appropriately.
The conference was attended by almost a hundred information security professionals, information systems auditors, IT risk professionals and IT enthusiasts from Tanzania, Uganda, Kenya and Zimbabwe. Among the attendees, there were representatives from the Bank of Tanzania, Tanzania Revenue Authority, National Identification Authority, Social Security Regulatory Authority, Tanzania E- Government Agency, Tanzania Communications Regulatory Authority, PPF Pensions Fund, Ministry of Home Affairs, Tanzania President's Office, National Social Security Fund, Mzumbe University, PricewaterhouseCoopers and many other local and international organisations. The event lasted for three intensive days and the participants had a chance to practice Critical Security Controls and Penetration Testing, attend technologies demonstrations, network and form a community of information security professionals.
The event was sponsored by BAIP, a company having more than 20 years of experience in critical IT infrastructure and cyber security areas. BAIP is involved in various cyber security projects and cooperates with government, national regulatory institutions and educational institutions in the EU, CEE, East and West Africa. Connectivity was provided by SimbaNET - a Licensed Public Data Operator in providing Voice, Video, data and Internet connectivity in East Africa. The event was also sponsored by CTWO - a company making secure hardware encrypted USB drives SafeXs.
Member of Parliament in the Tanzanian National Assembly and Deputy Minister - Communication, Science & Technology at the Government of the United Republic of Tanzania Hon. January Y. Makamba welcomed the initiative to organise this conference and expressed his gratitude for NRD and ISACA. During his speech, Hon. Makamba invited the participants to be a part of a discussion, a process of new cyber security legislation in Tanzania. He encouraged the audience to help government understand the magnitude of the problem, help understand the risks associated with cyber security, make as much noise as possible - "your job is advocacy for what you do".
Critical Security Controls and Penetration Testing trainings, that were the key part of this conference, were highly concentrated, based on the best security practices, standards of business ethics, legal regulations and principles of business continuity, real life examples and hands-on experience. Technology demonstrations, delivered by FireEye representative Mr. Ala' Khalil and experienced information security professionals, introduced the participants to the example tools they could use to implement cyber security in their respective organisations: FireEye (defence against advanced malware, zero day & targeted APT attacks), Balabit SCB (privileged users remote session auditing (recording) appliance), AccessData FTK (forensics toolkit for incident response), Lumension Risk Manager and LEMSS (risk and compliance management, effective endpoint security), QualysGuard Suite (vulnerability management), IBM Q1Labs QRadar SIEM (Security Information and Event Management). At the end of the conference, participants were given certificates confirming completion of trainings.
In order to keep the network of information security professionals, formed during unofficial meetings and the Gala dinner, alive, enable the good practice exchange between them, and in this way improve the security of the digital environment in East Africa, a steering group - Cyber Defence East Africa community - has been established.