ISACA (an international professional association focused on IT governance) Kenya chapter hosted a half-day online conference that attracted over 90 professionals. The conference theme resonated with the current realities of the business environment.
Effective Return Planning
Ken Kaberia, Head Enterprise Risk at Safaricom presented a COVID-19 return to new normalcy based on WHO pandemic response plan.
He highlighted what business leaders should look for in the coming weeks and that in the current business situation, there are three questions business leaders are asking, that is Depth of disruption which is impact, Length of disruption and shape of the recovery.
Mr Kaberia warned that rapid return comes with higher risks and a new reality. Participants were taken through an effective methodology of return- AACT Planning Model. The AACT model focuses in Adopting the business to a new world, Accelerating structural shifts, Crafting stage-based return plans, workforce and customers and Time- transitioning given the local environment that most businesses will be considering a stage-based return.
Ken Kaberia informed the audience that remote work may have important benefits beyond resilience to COVID-19. These benefits may include improved productivity, lower-cost production, improved talent access, and high employee’s satisfaction. He advised organizations to set up COVID-19 crisis management /Nerve centres support because new behaviours can evolve into the new normal for organizations
The ICT Regulator’s Role in Maintaining Enterprise Resilience During Systematic Disruption
Mercy Wanjau, AG Director-General Communications Authority of Kenya stated that ICT Regulator is concerned about the risks and disruptions during the pandemic and it was committed to helping the licensees remain resilient and also to protect consumers during these systemic disruptions.
She said that Resilience is all about being able to overcome the unexpected while Sustainability is about survival and the goal of resilience is to thrive.
The AG stated that Digital connectivity drives every aspect of the Kenyan economy: creating jobs, increasing productivity and efficiency. From interconnected health systems to enhanced detection and response to the pandemic; to all levels of education going online; e-government, working from home; e-commerce for business sustainability, amongst others.
Therefore, digital connectivity is our new reality that is currently being critically tested with the systemic disruption caused by the current pandemic and associated risks.
She informed the audience that the Authority established the Kenya Computer Incidence Response Team – Coordination Centre (National KE-CIRT/CC) in 2012 as Kenya’s national trusted point of contact, coordination and response to cyber threats. It, therefore, operates 24/7 in managing cybersecurity in Kenya. She revealed that ever since week one of the pandemic in March this year, most of the institutions had embraced work from home program. This in effect resulted in a lot of cyber-related attacks. From the time when the first COVID-19 case had been reported in Kenya a total of 16, 450, 346 cyber threat events had been detected.
In order to mitigate cyber risks and disruptions she reiterated the need to cyber awareness through all channels of communication, a collaboration between local and international partners, and enhanced internal processes such as enhancement of incident handling, forensics investigation capabilities and upgrade of detection and analysis capabilities.
Cyber Security Strategies for Enterprise Resilience During Systemic Disruption
Adam Lane, Deputy CEO, Public Affairs Huawei Kenya, explained Huawei’s strategy on Smart Devices, Connectivity, Computing, Cloud and Providing Products and Solutions for three Customer Groups; i.e. Hundreds of Millions of Consumers, Global Carriers, Global enterprises, Governments and Industries.
He reiterated that an intelligent world calls for global connectivity and mutual trust that will maintain global prosperity, that Huawei is committed to providing technology for all and technology for good that prioritizes development, enhances global collaboration, promotes innovation and ensures ubiquitous connectivity, digitization and AI. However, with this technology comes unprecedented challenges like cybersecurity.
Participants were taken through applications of digital technology in the anti-epidemic fight showing how 5G, AI, big data, cloud computing and other tech have been deployed to prevent contagion, treat patients, and shorten the crisis.
Mr Lane demonstrated this showing how in Kenya Huawei’s provision of video conference systems has helped multiple Kenyan Ministries improve their co-ordination, and learning from overseas.
He also mentioned how, through the Ministry of ICT, they shared global experiences in how ICT can fight against COVID-19 through best practices. From the talk, it was clear that Healthcare will not escape the ongoing industrial digitization and the importance of connectivity for homes, businesses and education. Governments should promote the construction of digital infrastructures.
Adam Lane informed the audience that emerging technologies drive digital growth while bringing new challenges to cybersecurity and privacy protection and that the World Economic Forum ranks Cyber Attacks the third biggest threat to mankind, behind extreme weather and natural disasters.
Participants learnt about Huawei’s cybersecurity journey from making cybersecurity and privacy protection the company’s top priorities through to the strategies and end-to-end systems that Huawei uses to build trust and high quality into every ICT infrastructure product and solution that it develops. Key issues highlighted included the focus on people, processes, standards, independent verifications, and supply chain engagement.
How to re‐adjust your governance framework to be resilient and adaptable
Mark Thomas, CGEIT, CRISC Escoute, LLC expressed that with the growing complexity of today’s information and technology environments, having a proper governance framework that is tailored to your unique environment is key. That a tailored governance system requires a multitude of components, including processes, organizational structures, Information flows, behaviours, etc.
These need to work together in a systemic way in any governance system which will synchronize the IT, business and assurance functions. Participants were taken through the flexibility of the COBIT 2019 framework and how to develop a tailored governance system using the design factors with a real-world case Study
Participants gained on how to determine an appropriate governance system for enterprise considering the current disruptive environment that involves. An appropriate governance system involves gaining an understanding of the drivers for adopting a governance program, Assembling the right stakeholders and verifying their support, educating stakeholders on enterprise governance over I&T, gaining full agreement on the design factor analysis and Consider cultural aspects of adopting an EGIT system