Johannesburg, 07 Mar 2014
The fourth consecutive Knotion-sponsored annual seminar for the Institute of Information Technology Professionals South Africa (IITPSA - formerly the Computer Society of South Africa) was an event not to be missed on any EA practitioner's calendar.
Held in Johannesburg last week, the theme of this year's seminar was 'Information Security and Security Architecture in the realm of Enterprise Architecture'.
Knotion Consulting, dynamic and visionary enterprise architecture (EA) consultant and training specialist, showed its market leadership when it comes to addressing the hard issues and extending the conventional boundaries of EA. And there are few more challenging topics for business management and IT today than security. While organisations are taking advantage of the new windows of opportunity created by rapid IT advancement, is a backdoor being left open for security compromises?
From a business perspective, executives of large corporations are under increasing pressure to get their house in order on corporate governance and regulatory compliance. In South Africa, the pressure is coming from regulations such as King III and the recent Protection of Personal Information (POPI) Act, together with the Auditor General's report exposing wasteful spend and corruption in South African government departments. Added to this are recent incidences throughout the world of large-scale corporate fraud and corruption.
From an IT perspective, corporate data breach incidents due to cybercrime attacks in the form of hacking, malware and phishing, as well as individual identity theft, are on a sharp upward trend globally. These business drivers and IT threats are causing a significant shift in the risk profiles of organisations. "Security is becoming more critical than ever before and is a top priority for most organisations," commented Knotion Executive and EA Thought Leader, James Thomas, who gave delegates a "sneak preview" of the fresh and innovative LEADing Practice Security Architecture Framework that he has since formally introduced at a LEADing Practice (LEAD) conference in Charleston , USA, on 5 March. Thomas commented that "LEAD provides the fully integrated, holistic solution required to solve today's security issues. It also meets the critical need to approach security from a business perspective and should be on the radar of every security architecture practitioner."
First guest speaker, Craig Rosewarne, MD of Wolfpack, the South African company specialising in information risk research and threat intelligence, is also the founder and chairman of the Information Security Group of Africa. His talk: "How prepared is Africa to deal with the cyber threat?" defined cyber security and outlined some cyber threats facing global and African companies. Focusing on South Africa, Rosewarne then looked at how prepared we are and what still needs to be done. Several members of the audience were aware of or had been victims of cyber crime, involving the loss of hundreds of thousands of rands.
The audience was given a reality check by Dr Stephen Berjak, a seasoned security specialist. In his presentation: "A survival guide for Security Architects", Berjak related in Bear Grylls survival-style what he referred to as some of his "good, bad and ugly" experiences with security and architecture in the private and public sector. "We looked at how existing frames of reference can, or can't, be used to enable EA as a 'problem solver' and an asset for ensuring business modernisation transformation," said Berjak. "The emphasis was on strong EA leadership as trusted advisors to ensure business buy-in and successful implementation to realise value."
Commenting on this highly successful and well-received seminar, CEO of IITPSA, Tony Parry said: "In my opinion, information and enterprise security remain key agenda items for enterprise architects and CIOs alike. The seminar brought the challenges for South Africa into sharp focus by examining some of the strategic aspects of security and security architecture, as well as the implications of EA for information security."
Share