Who We Are
Why Technology
Why Africa

SISTEM one-on-one from South Korea, with Mr. Bright Gameli Mawudor, co-Founder of AfricaHackon: East Africa’s premier technical computer security collective - Part 1.

Bright Mawudor
My name is Bright Gameli Mawudor, a 28 year old Cyber Security expert completing his PhD in IT Convergence and Application Engineering at Pukyong National University,Busan, South Korea. I am a Ghanaian national but spent 10years in Kenya before coming to South Korea. My love for computers has been developed ever since I was 8 years old when I created my first computer virus out of curiosity. I am also a co-founder of AfricaHackon, the first ever hands on Cyber Security Conference in East Africa. I am also a partner at Euclid Consultancy in Kenya which does Cyber Security and offers various IT Solutions and server as the mother company to the AfricaHackon conference. Knowing how wide the industry is, I like to research a lot around all types of technology but my focus has been on System Penetration Testing, Big Data Security, Cyber Security awareness training and IT Governance I have presented my publications at various conferences some of which are: 8th Asia Joint Information Security Conference – Presented on Cyber Threat Management; Korea Association Of Information Systems (KAIS) Conference – Anatomy of Cyber Attacks (Intrusion Focus; 8th Workshop among Asian Information Security Labs – Analysis of BYOD (Bring Your Own Device) and Advanced Insider threat for Evolving Cyber Threat Attacks in Corporate Networks; 15th Strathmore University Annual ICT Conference - Security Analysis and Evaluation Methods for Ubiquitous Sensor Networks; I have also taken part in essay competitions related to Cyber security such as: Commendation award winner at 10th English Economic Essay Contest (Securing Banking Systems in South Korea) and STS / ICDF2C Safe Cyberspace essay contest Panel Discussion -Emerging Cyber threats. Together with AfricaHackon, I strive to continue spreading the word around Cyber Security across all audiences especially the local community in Africa.

Q: Please tell us about yourself, education background and the career path that led you to Africahackon.

Mawudor: My name is Bright Gameli Mawudor, a 28 year old Ghanaian who lived and worked briefly in Kenya for 10 years but currently residing in South Korea for studies. I came to South Korea to do my Msc in Advanced Information Science and Technology and now completing my PhD in IT Convergence and Application Engineering. My main focus in both education streams has been around Cyber Security. I am also a Consultant at Euclid Consultancy Services which does Cyber Security in East Africa. Seeing the need for awareness in the country led me to starting the conversation about utilizing local talent to spread the gospel about Information Security.

Q: Tell us about Africahackon? What is it, who created it, what does it do (core skills/competencies, services and programs) and finally who does it assist?Tell us about Africahackon? What is it, who created it, what does it do (core skills/competencies, services and programs) and finally who does it assist?

Mawudor: Africahackon is East Africa’s premier technical computer security collective which brings together the individual talents of the best and brightest security professionals in the region, through live presentations, engaging discussions and hands on demonstrations. It is a team connoisseurs in a full range of defensive and offensive security topics are well versed in the theoretical aspect of cyber security and masters on the practical and tactical angle of the art.

It all started two years ago when two friends passionate about information security met online. These two, Bright Gameli Mawudor and Lewis Ng’an’ga dreamt of an outfit that would ignite the infosec field in the country just as conferences such as DEFCON and BLACKHAT had done. Knowing there will be many interested, they floated this idea with a few like-minded individuals who shared in this vision. The team started with just 6 members and now grew to a 20member team with the current president of being Tyrus Kamau, a veteran in the Kenyan Cyber Security Industry in Kenya and a very good leader.Below are the areas of competence that AfricaHackon is well versed with: : Mobile Device Security; Cloud Security; Malware Analysis; Reverse Engineering; Exploitation Techniques; Forensics and Anti-Forensics; Web Application Security; Wireless Network Security; Cryptography; Social Engineering; and Telecommunications Security (SS7, 3G/4G, GSM, VOIP, etc).

The target audience for this is to both University students and the corporate as such. We want the students to be able to start gaining Ethical Cyber Security skills from an early age before they get into the job market. In that case they will be able to assist the many organizations that lack the capabilities to secure their infrastructure. Furthermore, the corporates side has always been a victim to Cyber Security issues thus the need for them to be aware not only by theoretical talks but being shown practically how these attacks are executed.

Q: Why is cyber security so important nowadays?

Mawudor: Kenya and Africa as a whole is becoming more connected and a lot of data is being transmitted on the daily bases. Looking at the fact that most business are working faster with technology, Cyber Security has become an afterthought as they focus solely on functionality of their systems and processes. The need for Cyber Security is very important to make them aware of the various loopholes they might be exposed to and the various ways they can curb attacks to their organization thus enabling a smooth and functional business.

Q: Please tell us specifically about the Africahackon 2015 conference.

Mawudor: AfricaHackon successfully held the first conference to critical acclaim on the 28th of February, 2014 at PricewaterhouseCoopers conference hall. It attracted over 150 participants with a balancing audience of students from various universities and corporates at large, most of which come from the financial sector. The group has continued to grow with a second conference hosted mid this year on July 31, 2015. Priding itself as the premier collective of the best information security minds in the region, AfricaHackon continues to push boundaries both in inspiring the next generation while driving the information security agenda in the region.

Q: In a nutshell, what are the greatest cyber security threats that African individuals and organizations face today? How can one protect himself or herself, and one's organization against those potential dangers?

Mawudor: Currently, a lot of people are facing fraud issues and basic Social Engineering threats. Due to the fact that they are not Cyber Security aware, they easily fall victim to scams and hacks from other countries such as their online transactions being compromised due to clicking of rogue links and downloading malicious applications. Organizations on the other hand are ill prepared for these attacks. There is a large pool of malicious attackers out there locally who have the capability to compromise and take down organizations. The faith most IT leaders in organizations believe they cannot be hacked makes them to relax until it happens. Basically they are not proactive but rather reactive.

People need to be security aware by seeing actions practically what a potential hacker can do hence the AfricaHackon Conferences. Organizations need to step up their capabilities to get their engineers trained well to enable proactive defense and also train their entire staff on awareness. All the tools such as firewalls might be there but unless one knows how an attacker breaks into their organization, they will not know how to defend themselves or know if they are under attack.

Q: What is next for Africahackon?

Mawudor: AfricaHackon is in the process of taking its conferences regional, starting with the greater Eastern African region and progressing to the whole continent. The plan is to rival the best of any conference wherever held in the world and more so in Africa.

AfricaHackon at its core is all about building information security capacity in the region. Development of well thought training both for the budding enthusiast to the working professionals is in advanced stages with pilot programs already underway. This training aims at getting the right skills to the people who need them using a more practical approach than what is usually theoretical paper skills that usually lead to half-baked solutions.

Consultancy and research are part of what the members of AfricaHackon practice and pursue obsessively. By assuring clients of security done the right way by professional who are experts in their respective fields, AfricaHackon is definitely the first name considered.

Driving policy both at a national and regional level is an area that AfricaHackon is not shying away from. From the creation of Kenya’s National Cyber Security Master plan to the involvement in the developing legal frameworks, AfricaHackon is already and continues being at the forefront in conjunction with key partners.

Q: Finally, in your opinion, what groups in Kenya are the most underrepresented in STEM? Secondly, what key steps should policy makers undertake to promote scientific literacy and STEM amongst these specific Science and Technology underrepresented groups?

Mawudor: Some of the underrepresented groups when it comes to STEM include: high school students and primary (elementary) students. This is due to the fact that a greater part of the institutions lack electrical connections and also the facilities required to teach the necessary skills to them. This in turn results in potential talents going untapped.

The other reason is that organizations do not see the potential in these young students as the future workforce and innovators that will fill in the gaps in the future marketplace. By not creating opportunities to nurture and mold this talent, potential solutions to local problems are less discovered.

Some other steps taken to promote literacy include: the one laptop per child project which is an ongoing initiative by the Kenyan government to ensure that children in the lower elementary classes start learning computer skills early on. This is also boosted by the rural-urban electrification project which will ensure that all schools will be connected to the grid regardless of the location thereby enhancing the effectiveness of the school laptop program.

Another way to improve on literacy is to bring internet connectivity closer to the underrepresented groups which at this time is limited to schools in urban areas while leaving out most of the others in the country.

To read more ISTG Online Publication articles, please click here.