BSides Nairobi Conference Event Schedule

08:00 AM
TO 8:55 AM

Devil's Dance: Exploring the Nexus Between Data Breaches and Cyber Terrorism

Lawrence Muchilwa:
Current Role: Head of Information Security, Governance, Risk and Compliance. KCSFA Research and innovation WG - KCSFA
Lawrence Muchilwa is an accomplished cybersecurity leader and executive with close to a decade of experience in guiding organizations to transform their information security programs, compliance, and risk management. With extensive knowledge in digital forensics, national CERT establishment, risk and compliance management, CSOCs, and incident response, Lawrence has earned a reputation as a leader in the field. Lawrence possesses a passion for security and a proven track record in governance, leadership, collaboration, and product development. Currently, he holds the position of Head of Information Security at a multinational organization, where he provides visionary leadership to the risk and cybersecurity teams. As a seasoned professional, Lawrence is also an active member of the security community, serving as a member of the management board of BSides Nairobi and the Kenya Cyber Convention. In his free time, he volunteers as a mentor with ADPlist and Kamilimu, where he helps up-and-coming professionals in the cybersecurity field.
Talk Brief:
Whats cyber terrorism? Can a simple data breach morph into full scale cyber terror act or be used to advance it cause?

09:45 AM
TO 10:20 AM

Safeguarding Data Privacy and Security in the 5G Revolution

Margaret Kamau:
Margaret Kamau is a dynamic and multifaceted professional who thrives at the intersection of Radio Network Planning and Optimization and Cybersecurity. With a passion for innovation and a sharp eye for detail, Margaret has become a driving force in her fields, constantly seeking to improve and optimize communication networks while ensuring they remain secure from potential threats. From a young age, Margaret has displayed a fascination with technology and its impact on society. Her journey in the world of telecommunications and Information technology began with a degree in information Technology, which laid the groundwork for her career in radio network planning. Her insatiable curiosity led her to explore the complexities of network optimization, striving to enhance coverage, capacity, and overall performance to provide seamless connectivity to users. While immersing herself in the telecoms world, Margaret also recognized the growing importance of cybersecurity in an increasingly interconnected world. With a natural ability to anticipate potential vulnerabilities, she expanded her skillset to incorporate the principles of cybersecurity to safeguard vital communication infrastructure from cyber threats. Margaretâ€™s desire to share her expertise with others stems from her belief that technology should be harnessed to make the world a better place. By optimizing communication networks and fortifying them against cyber threats, she aims to contribute to a safer and more interconnected world. As a thought leader in both Radio Network Planning and Optimization and Cybersecurity, Margaret frequently participates in industry conferences, delivers insightful presentations, and contributes to academic journals. She is committed to empowering individuals and organizations to embrace technological advancements while mitigating risks, ensuring that future innovations can be harnessed responsibly and securely. Margaret enjoys unwinding by listening to music, and she unabashedly admits to being a fan of the legendary boy band, One Direction. Her favorite member of One Direction is All Directions! Kidding. Her favorite member is Harry Styles. His charm, charisma, and unique style resonates with Margaret, reminding her that even in the most complex endeavors, a touch of creativity and personality can make all the difference. In conclusion, Margaret Kamau is a powerhouse in the fields of Radio Network Planning and Optimization and Cybersecurity, driven by a desire to create positive change in the world of telecommunications while safeguarding its integrity.
Talk Brief:
Lets delve into the cutting-edge world of 5G data security and privacy. We will explore innovative strategies to ensure data protection in the era of 5G connectivity. Discover how organizations can prevent, respond, and recover from data breaches in the 5G landscape ensuring trust and resilience.

10:20 AM
TO 11:00 AM

Opening Keynote

Dr.Almerindo Graziaon:
Almerindo a.k.a Al co-founded and now leads Silensec. He is also the co-chair at the European Cyber Security Organisation (ECSO) of SWG 5.1 and 5.2 on cyber ranges, technical exercises and cyber security skills development. Al was the founder and course director of the MSc in Information Systems Security programme at Sheffield Hallam University, a first of its kind in the UK, and in collaboration with the British Standard Institution (BSI). Al has personally authored a number of training courses from ethical hacking to intrusion detection, along with the first ever ISO27001 Lead Implementer certification course offered by BSI worldwide. Al’s areas of expertise include: standards compliance (e.g. ISO27001, ISO22301, PCI DSS), IT infrastructure protection, design of SIEM and Log Management systems and development of cyber threat intelligence capabilities. Al has consulted in information security for private and government organizations across Europe, Africa and the Middle East. He also works as a cyber security expert for UN’s International Telecommunication Union (ITU) and regularly delivers cyberdrills and other capability development exercises and workshops for national CERTs and governments around the world. He holds an MSc in Electronic Engineering and a PhD in mobile computer security from “Federico II” University of Naples.

11:05 AM
TO 11:30 AM

Unveiling Insider Threats in Africa, The Anatomy of an Attack

Brian Nyali:
Current Role: Lead , Risk & Digital Forensics - Serianu LTD
BIO:
Brian is an experienced Cybersecurity professional committed to helping clients establish comprehensive cyber security programs that assess and mitigate current and emerging risks. As the lead consultant for risk assessment, digital forensics, and incident response initiatives at Serianu, he collaborates with clients spanning various industries throughout the African region to enhance their security posture and provide expert guidance in detecting, responding to, investigating, and recovering from cybersecurity incidents. His background spans consulting, critical infrastructure and the financial sectors among others. He is a JKUAT alumnus and holds certifications in CHFI, ECSA, CEH,CIH and mediation among others. Brian is passionate about volunteering, mentorship and information sharing to build capacity in the tech space. Aside from this, some fun facts are that he loves good music, rugby, formula 1, cooking, sharing a meal with friends and is very competitive(very is in bold).
Talk Brief:
In this talk, we embark on an expedition into the shadowy world of insider threats unique to the African context. Gaining Entry, The Art of Persistence, Lateral Movement, Evasion Strategies, Exfiltration of Funds and Data, Forensic Challenges, Eradication Dilemmas and Incident Response.

11:50 AM
TO 12:30 PM

Cloudy with a chance of breaches : Navigating the stormy seas of Data Security

Ellan Wambugu:
I am a DevOps engineer with experience across AWS,GCP and Azure. A cybersecurity professional specializing in Multi-Cloud Red Teaming . A developer working mostly with Python and Golang REST APIs. A stressed Man Utd fan.
Talk Brief:
In this session, we’ll delve into the world of cloud data breaches. Exploring real-life stories of mishaps, where attackers find ingenious ways to exploit misconfigurations and lapses in security. We will talk about strategies to implement to be proactive in mitigating cloud data breaches.

12:30 PM
TO 1:00 PM

National Computer and Cybercrimes Coordination Committee

Confidential

Talk Brief:
Initiatives being rolled out to improve the country's cyber resilience by the National Computer and Cybercrimes Coordination Committee and its stakeholders.

1:00 PM
TO 2:00 PM

LUNCH BREAK

2:00 PM
TO 2:30 PM

Zero Trust Security Models

Nancy Muriithi:
I'm Nancy, a passionate Cybersecurity Engineer, Penetration Tester, and Public Speaker. I'm on a mission to make the digital world a safer place, one line of code and one secure system at a time. With a blend of technical expertise, ethical hacking skills, and effective communication, I strive to drive awareness and build robust defenses against cyber threats.
Talk Brief:
Explore the principles of a zero trust security model and how it can help organizations prevent data breaches. I will explain the concept of a modern security strategy based on the principle: never trust, always verify.

2:30 PM
TO 3:35 PM

Safeguarding Ethical Hackers: Navigating Legal Terrain

Haniel Dennis:
I'm the 'J.D. in the Shell', seamlessly toggling between courtrooms and command lines. As a legal virtuoso and a code-wielding sentinel, I'm your dual-threat ally in the ever-evolving arena of cybersecurity. Whether I'm dissecting digital forensics or defending cyber realms, my mission is to safeguard networks, bytes, and rights with equal zeal. Join me in embracing the thrilling tango of law and hacking, where legal codes meet the binary code.
Talk Brief:
Unleash the Power of Ethical Hacking Safely! Learn to Navigate Legal Waters, Bolster Credibility, and Safeguard against Risks. Join Us in Mastering Cybersecurity’s Legal Dimensions. Elevate Your Expertise Today!

3:35 PM
TO 4.20 PM

Oxygène MCL

Ms. Jewel Tete & Waceera Kabando:
Oxygène MCL is a multidisciplinary agency filled with people from different backgrounds who are empowered and inspired to think about products, companies and challenges in a different way.
Talk Brief:
The legal and public relations aspects of a data breach.

4:20 PM
TO 5:00 PM

Rethinking Network Security

Øystein Torsås:
Øystein Torsås is a Norwegian computer programmer who thought about how to solve the cyber security problem rather than just benefiting from other people’s misery.
Talk Brief:
Øystein Torsås is a Norwegian computer programmer who thought about how to solve the cyber security problem rather than just benefiting from other people’s misery. The best solution is if firewalls report back to the telecom company that owns the sending IP address. The sending telecom company then encapsulates and tags successive traffic from units that are reported by firewalls to be infected. Currently, telecom companies are not willing to be involved in “packet sniffing”. However, when others (the receiving firewalls) do the assessment, then there’s no risk for the sending telecom companies and it increases the value of their service dramatically. It also makes cyber crime unsustainable. This is of course bad news for IT security industry – but not for those located in Nairobi (or Kenya) because this new secured net will be owned and managed by Kenyan NGO that is also working to alleviate mental health problems (Akili Bomba CBO in Kibra).

5:00 PM
TO 5:10 PM

Closing Remarks

BSides Nairobi

Theme: Data Breaches.

Day 1 Conference Schedule

Registration

Opening Remarks