Connect with us

TechINFLUENCERS

How CIOs handle impact of Covid-19: From Data centre, banking, aviation, manufacturing to cyber security [VI]

Published

on

Faud Khan
Faud Khan

Faud Khan is the founder/MD and the Chief Security Analyst for TwelveDot and TwelveDot Labs based in Canada. Faud has done a lot of work with network equipment manufacturers, managed security service providers, financial service and government agencies.

He has five patents to his name, and he has nine awaiting approval. He’s also an editor for several standards related to ISMS, Cloud Computing, Vulnerability Disclosure, Smart Grid and IOT. He has done quite a lot of work over the past 25 years as an IT professional particularly in the cyber security space.

He spoke on cyber security during CIO Africa Leadership Series webinar hosted recently by CIO MasterClass Africa for Chief Information Officers (CIO) particularly in Africa under the theme – COVID – 19: “The CIO’s Leadership Moment” – Prospects, Challenges and its implication for the African Continent – with the general direction on “leadership, strategy and operational level”, looking at CIOs role in normal times vis – a – viz the new normal defined by COVID – 19.

Engr.Ifeanyi Ogochukwu

The Convener, CIO MasterClass Africa; Engr. Ifeanyi Frank Ogochukwu, a former CIO of Nigerian Airspace Management Agency and the Chief Technology Strategist for Debbie Mishael Consulting – an African premier consulting, implementation and training firm moderated this webinar.

Therefore, in this concluding part of TechEconomy.ng publication (series) we are focusing on cybersecurity where Faud is an expert in the field:

What are the cyber security related issues with regards Covid-19 Pandemic? What should organisations put in place to stay ahead of the attackers, especially in protecting staff who now work from home and even protect their networks during virtual meetings and other sundry issues?

Khan speaks:

“I think one, Covid-19 is the big eye opener to individuals, organisations and the government. I mean, when this happened, some companies weren’t prepared with regards to governance infrastructure or strategy for such an event. It really was an eye-opener from the perspective many couldn’t comprehend that the attack surface has changed, because when people are working in your office or in your facility, you have like high quality firewalls like IPS; you pay a lot of money for all this stuff and infrastructure. But, now all of that workforce is now distributed and so they’re working at home.

Companies’ lack of cyber security strategy

“And so, what’s changed at home. Well, a lot of people have wireless routers and they have their own internet access point. If you look at the technology for a lot of those things, first of all they are basic security features. The firewalls and the software that they use, what we call firmware, haven’t been updated for quite a while. So, it’s open to vulnerabilities. Then, because some users who aren’t used to working at home start do share stuff on their personal accounts and so they get a request – their email might not work – the VPN might not work. So, what did they do? They share corporate information; they share personal information over email and that’s the only problem.

“So, I think before now when companies say they have governance infrastructure strategy or policy, what they never considered was their workforce having to relocate overnight; it was never a consideration even in their Disaster Recovery scenarios, it probably was just never there.

“What we’ve now learned is that we do need to have that capability. And what does that mean? What we try to do with customers we’re working with is make them understand what are those different scenarios – what your attack surface is; and that could be from be mobile phones, because there’s lots of companies in North America that also issue their employees mobile phones to be able to do their work. And this is global as well and the people especially the leadership roles are issued a phone from the organization. So, they become bigger targets, potentially, because you can send something to the phone and attackers can inject something into the phone and now be able to intercept communications; all kinds of other things.

“So, it does come down to strategy of understanding what your attack surface is. Who’s going to talk to you and when? For example, we’ve had lots of customers since this whole thing happened, their websites have witnessed significant increase in kind of website attacks. So, we’re seeing customers who collect PII information; now they are heavily attacked because of that information.

“Perhaps, you might have seen some of the news; some of the security issues around Zoom and the issues for that now assuming leadership position; jumping from say 10 million users to a hundred million. Now, people are depending on them for a conversation like this. And so, what has happened is that they became a bigger target overnight whether they wanted to or not.

“What also has happened is that people are now targeting accounts of individuals. We want to use something but we don’t want to necessarily put the controls in place. So, we’ll set up a Zoom account code for the simple password and then all of a sudden it becomes easy for someone actually compromise the account or have a shared account that I’ve used.

“In other words, someone somewhere can now use that against me. And so that’s what happened.

Activities in the dark web

“And so, there’s actually people selling all kinds of hacks right now on the dark web for things like Zoom. Zoom is not the only target, I’m just kind of using them as an example. But you can see Microsoft Teams is also having issues; so a lot of service providers and the tools that we need for business right now are also under attack.

What the future looks like

“So, I think that we need to just understand those things because we never thought we were going to have that dependency. So, I think in the future as Executives, especially Security executives – CTOs, CIOs – what we will need to do is when we’re looking at our security plan for deployment, we’re going to have to think potentially those really far-out kinds of examples of what is going to happen. And how we are going to stay ahead or respond effectively. How we are going to protect our employees in the field with their technology. When our infrastructure is under attack, how we are going to mitigate that knowing that we cannot deploy someone on site depending on the situation and then also what we do for isolation and not isolation of our employees. Isolation here is of that device; so all of a sudden you have a compromised phone that is attempting to get into your infrastructure or you have a compromised laptop trying to get into your infrastructure; did you identify it and did you locate that user? Those are the key things like being able to understand and see the real life change – like monitoring of your systems is critical right now. If you can’t do that you become an easy target and those are the big things that I think we’re seeing among companies right now.

Advice to CTOs, CIOs

“They’re kind of struggling to keep up with remote administration and remote monitoring; to be able to support staff working remotely. They didn’t have the staff trained and ready to do those things. They are the companies struggling right now. So, those are the new models we need to think about. We could be getting back to work in a few months, but then, there are possibilities of a second wave of Covid-19 pandemic. If that actually happens, you know, we’re back to where we are right now. We are going to be back working from home.

“So, companies, basically the CIOs and CTOs have to think about that and what that is going to mean for them. But, it would be better to get prepared for it from a technology perspective.

“There’s a term called flat-footed. It means that you’re not moving. It’s a term used in hockey. I think they used it in football as well. So, it basically means you’re standing still and you weren’t thinking about those impacts.

“So, I think as Executives we should be prepared to be more agile; we can be more agile from a cybersecurity perspective to make sure the security and privacy are considered a novel effect model.

…..

This is the concluding part in the CIO Africa Leadership Series hosted by CIO Masterclass Africa; Africa’s premier CIO platform establishing an ecosystem where Africa’s technology leaders can connect, collaborate, learn and resolve. To be part of this growing community please reach out to [email protected].

TechINFLUENCERS

How CIOs handle impact of Covid-19: From Data centre, banking, aviation to manufacturing [V]

Published

on

Serge Yao
Serge Yao

Serge Yao is the Group CIO, Flour Mills of Nigeria. As a matter of fact, Serge has done quite a bit of work. He led the digital transformation of PZ Cussons in the whole of Africa. He’s now leading IT in Flour Mills of Nigeria.

He also worked with USAID – United States Agency for Development, International Development and the UN as well. Serge is specialized in IT, Telecoms, Business Administration, Finance, Banking, and Business Continuity.

Serge spoke extensively during CIO Africa Leadership Series webinar hosted recently by CIO MasterClass Africa for Chief Information Officers (CIO) particularly in Africa under the theme – COVID – 19: “The CIO’s Leadership Moment” – Prospects, Challenges and its implication for the African Continent – with the general direction on “leadership, strategy and operational level”, looking at CIOs role in normal times vis – a – viz the new normal defined by COVID – 19.

CIO MasterClass Africa

EC-Council Advisory Board

Engr. Ifeanyi Ogochukwu

The Convener, CIO MasterClass Africa; Engr. Ifeanyi Frank Ogochukwu, a former CIO of Nigerian Airspace Management Agency and the Chief Technology Strategist for Debbie Mishael Consulting – an African premier consulting, implementation and training firm moderated this webinar.

Therefore, in continuation of TechEconomy.ng publications (series) we are focusing on manufacturing sector where Serge is currently operating as Group CIO:

Serge, basically, there’s an issue when it comes to CIO & leadership; technology – business alignment has always been a sore point between the management of organizations and CIOs, with CIOs expected to play a central role. With the crisis created by Coronavirus pandemic, what would you consider as the challenges of the CIO today? And what business drivers should the CIO focus on to resolve the challenges and put the organization back on a sound footing, probably with certain key indicators from your organization? 

Serge speaks:

“Just before I start picking your questions, I think it is good to give the perspective from a Flour Mills view. During this pandemic as one of the largest companies in the Agro Allied group in Nigeria we understand clearly our role; our pivotal role in the economy. Of course, in order to follow our purpose, which is ‘feeding the nation every day’, we had to take some strategic measures to ensure that our supply chains were not affected and we continue to produce healthy and safe food for our consumer.

“These measures were clearly spelt in four points. First, was to reduce the risk of our employee. I think Dr. Ayotunde Coker has described what they did which is almost the same thing we have in place with our partners and stakeholders to make sure that products are still available for families that need them.

“The second area was to clearly put in place a strategy – business continuity framework. We used to have some plans in place, but we had to rethink, because the pandemic case wasn’t covered as part of our business continuity plan.

“So, we developed a strategy – Business Continuity framework – with a crisis management plan in place; this was very key.

The third point where we focus was more or less trying to inform our partners and our dealers that we keep our capacity to meet the food demands, because the biggest issue would have been a spike in terms of demand of flour or pasta and suddenly you notice that in all the places there is scarcity while you have the capacity to produce continuously during the crisis. So, it was quite key as well.

“The fourth aspect was as well working with the government agencies and offices to ensure that we have free movement; we got the letters of approbation, we have staff buses that were allowed to move around to make sure they are granted passage by security agencies.

Working as a CIO during Covid-19 pandemic

“Coming to the CIO’s challenges today or should I say today or post lockdown – the key thing is that from the latest studies, Sub-Africa will be, for the first time in recession, for the last 25 years. So, of course, for the CIO, one of the challenges will be how to get funds; how to fund all the initiatives that are in the pipeline at the time where cost management is going to be more and more critical.

“All the businesses are going to think twice before investing. In fact, what people will try to do is more or less trying to reduce whatever they have been investing on or try to do three times more with the same amount that they used to spend. I think that clearly, the role of the CIO in the boardroom will be more and more being a storyteller.

“We need to be good storytellers. We have to share the success stories; there’s a lot of companies and a lot of organizations who did the right things we have to be able to share them. We have to copy with pride; we have to take the stones as well as the one that fails. One thing that the MD/CSA, Twelve Dot & Twelve Dot Labs, Canada, Faud Khan, was saying is to make sure that we have an effective IT demand governance process in place.

Flour Mills

Flour Mills of Nigeria

“We need to drive the company mission statement; the strategy from a technology point of view. But, a lot of new things will come on board. Therefore, we are going to talk about making the process smarter, paperless, approving remotely. There are a lot of things that are coming on the board and for a lot of companies they activated the business continuity plan.

“One of the key things that we need to take out of that season is more or less to record what people are missing while working from home. Is it a file? Is it a process? We need to get together that knowledge and as well to get from them what they would like to have. If we as CIOs are able to get all this together, we should be able to be successful in the New Normal.

The concluding part of the publication series will be tomorrow, featuring the MD/CSA, Twelve Dot & Twelve Dot Labs, Canada, Faud Khan.

Continue Reading

TechINFLUENCERS

How CIOs handle impact of Covid-19: From Data centre, banking, aviation to manufacturing [IV]

Published

on

Nixon mageka Gecheo
Nixon Gecheo

Covid-19 pandemic has really brought the issue of network agility to play and being nimble as well flexible both in private and public sectors cannot be over emphasised.

On the other hand, being able to predict the future as a CIO in terms of preparedness to even exceed the expectations as contained in an organization’s Business Continuity Plan (BCP) because a plus.

So, strategy, agile and of course being flexible and forward looking and forward-thinking, clearly defines the CIO of the future.

CIO MasterClass Africa

In continuation of TechEconomy.ng publications (series) on CIO Africa Leadership Series webinar hosted recently by CIO MasterClass Africa for Chief Information Officers (CIO) particularly in Africa with the theme – COVID – 19: “The CIO’s Leadership Moment” – Prospects, Challenges and its implication for the African Continent – with the general direction on “leadership, strategy and operational level”, looked at CIOs role in normal times vis – a – viz the new normal defined by COVID – 19, we are focusing on the public sector (Government.

Engr.Ifeanyi Ogochukwu

The Convener, CIO MasterClass Africa; Engr. Ifeanyi Frank Ogochukwu, a former CIO of Nigerian Airspace Management Agency and the Chief Technology Strategist for Debbie Mishael Consulting – an African premier consulting, implementation and training firm moderated this webinar.

The speaker-focus for today is Nixon Mageka Gecheo who is a member, Universal Service Advisory Council, Communication Authority of Kenya (Government & ICT4D Consultant).

Nixon had worked as the ICT and Media Advisor to the Cabinet Secretary of Agriculture in Kenya and he also works as a Lead Consultant with FAO developing National agriculture strategies for Benin Republic.

He’s done quite a lot in terms of IT, headship and so on. He was also once the Chief IT Officer for the commission on Administrative Justice also known as Ombudsman in Kenya.

So as an ICT for Development Consultant, looking at Africa and also as an Advisory Board member of the USPF in Kenya, and impact of the pandemic; in what ways do you think that commoditizing and democratization assets can be done to deepen the broadband penetration in Africa with examples if any, you know from Kenya and all of that?

Nixon speaks:

“Thank you very much. I think from the perspective of a regulator, an African regulator, one of the things that you will see as contained in ITU report; it has revealed that 3.6 billion people remained totally cut out of Internet. That is a huge number. That’s the number around world and in probably part of this 3.6 billion people majority of them are docile in Africa.

“Therefore, what Covid-19 has come to show us actually is that there is a lot of digital divide even in the world and in Africa. I know it is even much, much bigger and therefore it has been the focus of the Regulators around the world with the use of the Universal Service (Provision) Fund to see how to try and close this digital divide that we have seen. Having said that, I think priority really is that and putting Kenya’s example, priority has always been to look at how to use the fund (USF) as a smart subsidy to attract the Operators to go to areas which you know, ideally they will not go because of the economic issues around the areas.

“So, from the government side: it is to provide this USPF funds to see how to excite the operators to extend their network to areas where the network is not covered. However, you also realize and I think from Dr. Ayotunde Coker’s submissions, you’ll also realize that now the impact of Covid-19 has also meant that a lot of employees whether in public sector or private sector, are working from home. And that means that there is a lot of demand for broadband; there’s a lot of demand for network to be able to have sort of to continue that conversation.

Communication Authority of Kenya

Communication Authority of Kenya

“The rise in demand for technologies has really drawn the world into realizing need to scqle up infrastructure. When we met in South Africa for the AfricaCom, I was in a panel discussing the 4IR – 4th Industrial Revolution and to me I was looking at three five years for that 4IR solution to really come to Africa, but as you can see Covid-19 has already given us a taste of what that is involved in. You see people now working from home; people not being able to meet as usual and so that has really brought forward some of the realization of the fourth Industrial Revolution especially in Africa. But having said that I must credit operators.

“Talking about the situation in Kenya; for having been able to provide the necessary bandwidth at the time of peak traffic as people were taking up work from home and so forth, it shows a lot of resilience. From our perspective as the regulator, there are quite a number of things that we have done: one is with the understanding that they are so many students and pupils who have been affected by Covid-19 with the schools closed and people including the student being at home, that again means that even as those employees are using that broadband and working from home, there’s a lot of competition for this bundles of Broadband.

“Therefore, what we have put in place as a regulator is one: we’ve worked with the authority that is in charge of curriculum development and that is locally called the Kenyan Institute of Curriculum Development, to avail educational content to all the broadcast stations.

COVID-19

Coronavirus (COVID-19) Outbreak on a World Map on a digital LCD Display
Map source: https://www.nasa.gov /

As the regulator, we stepped in to say: Look every education content that is promoted by the Kenyan Institute of curriculum development must be carried by all broadcast stations. And that being said is because we are aware that, especially in the rural Africa rural Kenya, they are many people who may not have the internet to be able to have that provision for a conversation like what we having in our classroom. So many schools were affected by that. TV and FM radios which are vastly and widely used in Africa, they had to step in. We said, let the students who may not have Broadband on the internet in their areas also have this facility of either radio or TV to be able to enjoy just like the others who are in the cities.

…COVID-19 and Fake News 

“We also have realized that one of the most dangerous things during this Covid-19 is fake news.

“What we have done with the operators is to ask them to be able to use bulk SMS to now push the right information and thereby educate the public about covid-19 because they are so many fake news there and people will not know what to believe and what not to believe.

“In the same area, what we have asked even the people in charge of cyber security to actually note where this fake news come from; so through the national Kenya anti cybersecurity organization we look at and identify fake news pages and especially on coronavirus with the aim of sharing that with the law enforcement to address it.

“The other thing of course, we have done because of the issues around cybersecurity, is to converge around and see where are the attacks coming from and who are launching the attacks, so that we are able to protect the people who are using this facility to do their legitimate work or to do schooling.

“The other one, of course is because so many of our children now are going online tools and the danger with that is that we will need to sieve what they are actually looking at; the pages they are actually looking at, because some of them may be online, but they may be targets of cyber predators.

COVID-19

COVID-19 and new business culture – Image Credit: Anonymous

“So, to protect these vulnerable children what we have done is to work with other organizations and other actors around this to bridge some of these attacks that would be coming to the schools’ digital platforms.

“Honestly, there are many challenges around even for those working from home and I think somebody spoke to that.

“You know, even with individual organization as one of the panelists said; it is also to protect people who are using Zoom and all those other channels for video conferencing so that when you are discussing policies of companies you are protected. To manage meetings for companies then the CIO’s role is very critical; to look at who is joining the meeting.

…Need for supportive infrastructure in Africa 

“In terms of actual take up for mobile phones and mobile carrier you’ll see that Africa generally has the biggest numbers of mobile phone use in the world. Like I said earlier, the only danger there is that there is no supportive infrastructure around Africa. What so many regulators are working around is how to then populate that infrastructure to enable the uptake of more users having these gadgets and that also speaks to the fact that when you have infrastructure and the gadget then you are able to solve a lot of issues around.

Telecom equipment or mast

Telecommunications infrastructure

“The other thing we have done as the regulator, is also to organize Hackathon. We invited creators, innovators around covid-19 whether it be of Healthtech – in terms of Contact Trace Application or technology that drives personal hygiene; just to stop the spread of covid-19. So, we have different people who are coming up with different ways of developing things like water taps that people use to wash their hands and sort of things. So, we are trying to promote that and giving seed money to inventors who are coming up with the creative innovation around Covid-19 to be able to roll out and see how we help the population manage that kind of epidemic.

“Thank you very much”.

To be continued tomorrow, featuring the •  Group CIO, Flour Mills Nigeria Plc; Serge Yao.

Continue Reading

TechINFLUENCERS

How CIOs handle impact of Covid-19: From Data centre, banking, aviation to manufacturing [III]

Published

on

Carole Jeni
Head of IT, Equity Bank, Carole Jeni

With Covid-19 banks face many difficult choices—including how to protect their workers and clients while still providing essential services.

For instance, while prioritizing the health of its customers and employees by keeping the working environment as safe as possible, the challenge of ensuring customer service support in branches while keeping the self-service terminals and ATM areas open, posed a challenge to many banks.

In continuation of our publication series on CIO Africa Leadership Series webinar hosted recently by CIO MasterClass Africa for Chief Information Officers (CIO) particularly in Africa with the theme – COVID – 19: “The CIO’s Leadership Moment” – Prospects, Challenges and its implication for the African Continent – with the general direction on “leadership, strategy and operational level”, looked at CIOs role in normal times vis – a – viz the new normal defined by COVID – 19, we are focusing on the Banking sector.

EC-Council Advisory Board

Engr. Ifeanyi Ogochukwu

The Convener, CIO MasterClass Africa; Engr. Ifeanyi Frank Ogochukwu, a former CIO of Nigerian Airspace Management Agency and the Chief Technology Strategist for Debbie Mishael Consulting – an African premier consulting, implementation and training firm moderated this webinar.

Debbie Mishael Consulting

The spotlight is on the Head of IT, Equity Bank, Rwanda, Carole Karema Jeni.

She has an MBA and an MIT; she schooled in Cyprus, in University of Pretoria and Adventist University of Central Africa. Carole is someone who has actually traveled wide, lived in different countries, worked in Telecoms, Investments, Construction, Security Services, Building, Insurance and Brokerage as well as Agric-Business. She speaks English, French, Swahili and Kinyarwanda.

She has got over 20 years’ experience in IT; Carole is actually a Solution Architect and she’s done a lot of extensive work in a number of organizations including; working at PMP Processes, COBIT and ITIL. She’s currently the Head of IT at Equity Bank in Rwanda.

So, what are the impacts of Covid-19 on the CIOs’ operations in banks and how does Carole handles hers?

Carole speaks:

“I think the experience that we had, first of all, being working for the bank, has been categorized as an essential service. So, we didn’t close shop. We were still working, but at a limited capacity. The good thing like Equity Bank, it’s one of the banks that has strategized for a long time to go digital. So, the impact of Covid on businesses was not that much.

“Of course, in terms of revenue, we can feel the impact. But, in terms of operations, most of the services were actually done digitally. So, you could say that what Covid-19 brought to us was an acceleration of digitization of the service and delivering them to customers.

“So, I’ll give an example with Covid most of the services are provided through branches and branches are only allowed to work-in till 3:00 p.m. So, you can imagine the transactions that were happening at branches are reduced considerably. So, the good thing: I think when Covid started if I can recall around January and February, already the leadership were meeting often to understand the impact, because most of the customers that we have are actually financed to either import or export from different countries.

“So, by having China impacted by Covid-19 we could actually feel some of our customers impacted too. Therefore, we started discussing on what could be done. So, businesses were already ahead and looking at the different alternatives in a scenario where people could not go and buy the stuff from China and go elsewhere. So, with these meetings, I recall, when Rwanda decided to apply lockdown, was the second week of March; already, we were discussing how to provide most of the services on digital. What happened is that we were fast with digital adoption. So, our customers that could not reach branches, because, again things like buses, motorcycles, were not allowed and having people coming to branches was becoming difficult. So, by offering some services on a digital platform was actually giving alternatives to our customers.

“In terms of business, we could still continue working and providing services to our customers, but then on a different channel. We moved from some giving services through branches to the digital platform. Now, the role of connecting the CIO and IT in general was making sure that we maintain uptime of our systems because now having most of the transactions actually shifting from branch to digital, we had to make sure that our digital platforms would be up 24/7.

“So, the shift was also happening to the backend office and also on the support team. Although most of them could not work from the office, what we managed to do was to ensure that most of the staff would have VPN access. They continued supporting clients and we reviewed some of the processes in terms of customer registrations.

“We reviewed the minimum balances on transacting over digital platforms; we offer different services. So, there was a need for customers to still have access to the bank account and the transaction and the good thing also, I say from the Rwandan perspective, is the coordination. The coordinated efforts with the regulator on the financial sector and the government. So, most of the regulations that have been put in place or the responses, were coordinated with financial services like the bank ourselves and then anything that we put in place, will be a coordinated effort and they’ll be also emphasized for the whole sector.

Equity Bank, Rwanda

Equity Bank, Rwanda

“In addition, the impact, I think, that has been very important for the banking sector, especially for Equity, was to make sure that our people are safe. So, by being safe, we have put in place a BCP (Business Continuity Plan) committee, which I was actually a Vice Coordinator. So, we put in place a BCP and actually activated it and every week we meet to review the actions to make sure that: first of all, our people are safe. Then, we still continued doing business and then we could also project ourselves in the future. So, let’s say when the lockdown was a hundred percent we put ourselves to actions and when there was a little relaxation we also improved. So, the BCP, at first, was starting with more on making sure that our people were safe and then we shifted to the business.

How do you make sure that business continues as usual and also the banks continue making money?

So, the good thing again: belonging to a very big group that has a lot of big strategies. So there’s a lot that has been put in place to make sure that we continue working and what I foresee as a CIO is we need to continuously be agile because we’ve already invested in digital that was  not very difficult for the bank because what will have happened was just a shift of how we’ve been doing transaction and serving customers. But, mostly what has also been important is to continuously be innovative and listen to our customers. That is what has been my experience. We are still in lockdown.

“We are still providing responses to Covid-19 and then we can even project and tell ourselves that there’s so many things that are going to be changed. For example, we can just look at how we are doing business in terms of approval processes serving in branches. We are looking on different innovations that we’re going to put in place to continuously grow the bank, of course, and also assuring customers that they are safe with us by banking with us.

Thank you.

To be continued tomorrow, featuring a member, Universal Service Advisory Council, Communication Authority of Kenya (Government & ICT4D Consultant), Nixon Mageka Gecheo.

Continue Reading
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement

Trending