Cape Town Chapter – June 2019


Chapter Overview

Date: Wednesday, 19th of June 2019

Time: 8.00 am – 3.00 pm

Venue: The Foschini Group, Parow East

Location: Cape Town, South Africa

Overall Theme: Community is Shaping

Areas of focus:

  • Influencing & Buy-in for Security investment from the Board
  • Threat Intelligence
  • Socialising InfoSec Policy
  • 3rd Party Risk Management
  • Cloud Security Strategy

This Alliance Chapter will focus on building a decision making and decision influencing community focused on impacting the ICT and Information Security division of enterprises and upper mid-market organisations from the Western Cape in South Africa.

  • 0800


    Arrival and networking prior to the content being divulged

  • 0830

    Welcome Remarks & House Keeping

  • 0845

    Session 1 - Workshop

    Session Leader: Christine Fahlberg – IT Security Manager – Truworths
    Problem Statement: How to gain influence and buy-in for Security investment from the Board?
    Abstract:  Cybersecurity attacks and data breaches continue to make headlines as businesses fall victim to compromised corporate networks and information theft.

    However, some organisations are reluctant to buy-in to security investment plans to build or improve their security posture. Cybersecurity becomes more expensive, Gartner reports that average annual security spending per employee doubled, from $584 in 2012 to $1,178 in 2018. Often an intense debate arises whether the cost of a breach justifies the investment cost of such preventative programs. So how do you justify your investment plan? The challenge is that information security costs are often not explicit. High security standards may arise in higher procurement costs, as the cheapest supplier does not provide the right security capabilities or it increases training costs as regular and updated security awareness training is required in addition to the existing training program. Given these challenges it is important to address the financials but it might not be the right strategy to start off your investment argument with the numbers game. Ever asked yourself why do people buy?  Why not turn your board into your customers and align your security investment plan to the buying process?

    3 Key Questions:

    1. How to make Information Security stick (and not get lost in technicalities)?
    2. How to turn the decision makers into ambassadors?
    3. How to demonstrate that Information Security plays a vital role in business growth?

    Tools used during the (interactive) session: 

    1. Start with Why (Simon Sinek)
    2. Business Model Canvas (Osterwalder, Pigneur & al. 2010)
    3. Risk Management (

    How to gain influence and buy-in for Security investment from the Board?

  • 0945

    Session 2 - Open Forum

    Session Leader: Ravindra Jugdav – Information Security Manager Africa, Middle East, Baltics, Nordics & Caribbean – Rentokil-Initial

    Session Title: Cloud Security – The Facts: Customer Responsibilities for Security in Cloud Computing

    The majority of businesses in South African have a focus on cloud strategies to enable their business availability for the customer and workforce.  From a Security perspective there is a common concern around the clarity of roles and responsibilities of the end user when it comes to the areas bullet pointed below.

    • Provider Competencies
    • Contracting provider
    • Disaster recovery
    • Guidance and assurance whilst migration is taking place (on-premise into the cloud)

    Desired Outcomes for:

    1. What are the key challenges and issues in cloud from a security standpoint?
    2. How long is data is stored, encrypted and transmitted?
    3. Data privacy policy
      1. Where is the data stored?
      2. Who is responsible for data compliance?
    4. Where is your product closing the gap from a security perspective?
      1. Where are the cloud provider partners covering the unsolved areas?

    Customer Responsibilities for Cloud Security

    CSA – SecaaS Cat 5 Security Assessments Implementation Guidance

    CSA – Top Threats to Cloud Computing Deep Dive

    OWASP – Secure Medical Devices Deployment Standard 7.18.18

  • 1030

    Networking Break

  • 1045

    Session 3 - Scenario Overview & Open Forum

    Session Leader: Suren Naidoo – CISO – The Foschini GroupSession Title: Threat Intelligence

    Cyber crime is a global issue and everyone is exposed to it in some shape or form.

    As a community, we represent some of the leading organisations in South Africa, with a common interest of “protecting our brands” as well as protecting our business stakeholders and communities at large.

    “Doing good never goes out of fashion”

    One of the ways in-order for us to deal with our common enemies, is to utilise cyber threat intelligence to better “protect our houses” and communities.

    “Are you willing to be part of a cyber threat intelligence sharing network?”

    Microsoft Security Intelligence Report – Volume 23

    Proposed Threat Intelligence Sharing Framework – Workshop

  • 1200

  • 1245

    Networking Lunch

  • 1345

    Session 5 - Scenario Overview & Open Forum

    Session Title: 3rd Party Risk Management

    Session Leader: Michelle Barnett – IT Risk, Governance and Compliance Manager – Cape Union Mart (Pty) Ltd


    A third party data breach is a nightmare in the making for any organisation, the consequences of such potentially include financial loss, reputational damage as well as penalties and operating restrictions that regulators might impose.

    Organisations deploy a number of different approaches to third party risk management; some effective, others less so. For those that develop the most effective response there is significant opportunity.  Gaining holistic visibility of the risks that third parties bring to organisations enables us to exploit, to the full, the opportunities that third parties’ services bring to the table whilst mitigating the risk.

    However, when a breach occurs it is essential that a plan is in place for dealing with third party data breaches before they happen. Breaches require immediate attention and valuable time can be saved by plotting out a response ahead of time.

    Third Party Risk Management

  • 1500

    Closing Remarks & the Next Steps

    How we collate feedback and we plan to grow out the regions educational meetings.

    Highlight the chapters outcomes and action the community can make from content explored

This content has been restricted to logged in users only. Please login to view this content.

Session Feedback & Alliances Testimonials

The session by Christine Fahleberg for providing achievable ways to obtain buy-in at C-suite level for InfoSec.

Session Leader: Christine Fahlberg – IT Security Manager – Truworths: both informative, interesting and practical. Combined knowledge experiences and insight with examples of practical insights.

Suren Naidoo: Threat Intelligence
Although the external speaker was a let-down; Suren provided some good insight and feedback and I feel we made some progress here. I hope you can organize an online session with the actual external speaker.

Christine’s session provided great insight and I feel many info sec leaders can learn from her approach.
Threat Intel sharing session was good but I feel our community particularly in Cape Town need more education around threat intel and we need to explore the basics first.
3rd party risk session by Michelle is very on topic, I do however feel the workshop component needed more structure. It did however get discussion going which is important.

Influencing & Buy-in for Security investment from the Board – Christine did a great job. I thought the content was very well structured and relatable and found all the tips and debates very useful. It was very practical insights into an important topic.

I also thoroughly enjoyed Suren’s session on Cyber Intel. It was engaging and led to good debate. Again, practical discussion not just theory or best practice stuff that don’t work in practice. It highlighted the issues with collaboration and culture and legal responsibility to your company.

The reserve bank input highlighted the need to structure objectives of a session clearly to the people providing input. I felt a bit bad for him – as it looked like he was thrown in at the deep end with no prep or context to the topic or his role in it 🙂 – but Leigh I think rescued that session well – by summarising it and identifying clear next steps.

Information Security Policy topic ran out of time – and I’m not sure if Charlie felt cheated from meeting his objectives for that session. Maybe that topic can be raised again.

The session on Influencing & Buy-in for Security investment from the Board. Very topical.

Finally, a platform that is content driven and not vendor driven.
Due to its clear vision this format has the potential to become the key information security group to provide its members with the necessary ideas to drive competitive advantage.

Christine Fahlberg, IT Security Manager – Truworths