Mr. Brian D Souza. . Thought Leadership Article: Blockchain Fundamentals. . Upcoming Events. Kenya Chapter Newsletter Vol 2/2018 Apr-June 2018

Transcription

1 . Brian D souza. Thought Leadership Article: Blockchain Fundamentals. Upcoming Events Mr. Brian D Souza Who is Brian? I was born in Kenya and did my studies here. I am an accountant by profession with my biggest focus and drive being the use of technology in all I do. Embedding the continuous use of technology in audit was one of my objectives for many years in my earlier days. I am currently the Partner and Head the Risk and Management consulting business at KPMG in East Africa. I am married to Sabrina and have a son, Joshua who is 12 years old. When not working, I am involved in community work and try and play a part in keeping the Goan community alive. I am a Trustee of the Goan Institute, an organization that was started in 1905 and steeped in tradition. I am also involved in ACCA activities in Kenya and like playing golf when time permits. How did you transition from accounting to Information Technology? and other services. In the early days, it was as basic as use of spreadsheets and word documents. Today, it is the extensive use of automation and analytics now and in the future. members of ISACA Kenyan Chapter and I have done a fair share of my contributions to its development including the introduction of a requirement for a minimum CISA designation to particular roles in our technology advisory teams. M.r IS Brian C c D muni souza partner c at KPMG t East bafrica What s the biggest obstacle to your career and how have you coped with the situation? Getting people to believe that technology and analytics is the future and complements all businesses. I have learned not to give up and to keep demonstrating that technology can be of use in the business world. or anything else. What is your life s philosophy? Everyone should have values that they stand for. Personally I am driven by integrity, which also drives my work at KPMG. One should believe and act with integrity. I strive for good governance in what I do and I also believe in giving back to the younger generation by teaching and coaching. I am proud to say in my life at KPMG, I have recruited many students and helped mould them into the professionals they are today. What is next for you? I want to continue to build my people to have life skills, not just as professionals but in all aspects of life. I also would like to use my skills in governance, accounting, technology and data to help the country grow. I will continue giving back to the communities as well as the professions I belong to. The interview was conducted by Fredrick Ouma CISA

2 BLOCKCHAIN FUNDAMENTALS. By J. It is very difficult to turn attention to the fundamentals of the underlying technology - Blockchain that is driving up the crypt currency craze. Everyone is excited about crypto currencies as manifested through Bitcoin and very little attention is being given to basic building blocks that have made this happen. This brief article aims to ground our understanding on what makes the Bitcoin network functional, its unique elements and properties and begin to show how these could be used beyond the financial sector. The blueprint of how bitcoin works is well articulated in the founder s whitepaper titled Bitcoin a peer to peer electronic cash system. Essentially Satoshi, the founder solved the problem of how to send electronic cash without the need of an intermediary. The predominant system of money exchange requires a middle party the bank- to act as an intermediary between two or more parties wishing to exchange money. The bank keeps a record of both parties and tracks their respective credits and balances. Both parties must obviously trust that whatever the bank reflects in its books as their balances is indeed a true picture of reality. Satoshi, flipped this trust-based model upside down by proposing a trust-less, decentralized system where participants trust in the network, rather than a central agency. When Alice wants to send electronic money to Bob, she would simply send it the same way we send s to each other. However, given the electronic nature of the money, nothing stops Alice from sending the same money to another party. This is called the double-spend problem. How can we stop Alice from buying two different items using the same electronic coin? The solution proposed is the power behind the bitcoin network. First we must have a public ledger where everyone participating is able to see the amount of money that Alice has in the first place. This is in contrast to the traditional banking model where only the bank has copies of each participant s value. How Bitcoin Works, video, Satoshi Nakamoto original white paper, In the bitcon network, each participant or node has a copy of the transaction ledger that keeps a historical record of all transactions since the beginning of the network. The ledger is therefore public, distributed and decentralized. With such a ledger, Alice cannot purport to spend more than what she has recorded in her favor, since the participating nodes will reject such a transaction. This is known as the consensus protocol and one can begin to see that the decision on which transactions gets to be validated and accepted into the public ledger or database is now taken away from a central agency, and shared across multiple nodes or participants within network. To provide better efficiency, Satoshi proposed a way in which blocks of validated transaction would now be cryptographically linked to previous blocks in a chain-like manner hence the term Blockchain. A Blockchain is therefor a transparent, distributed, decentralized and immutable database that continues to record transactions in a chronological manner. It has these useful properties that makes it revolutionary and appropriate to industries outside the financial sector. In future articles, we shall build on this foundational knowledge to explore the where else we can use Blockchain, what are the security & regulatory concerns amongst others.

3 ACADEMIC RELATIONS The ISACA Kenya chapter is focused on making ISACA resources accessible and affordable to university students. One way in which it has done so is to host inter-varsity bootcamps targeting students from various Kenyan universities. 1. IT Governance, Risk and Compliance Date: 9th-10th April 2018 Venue: Mombasa Charges: Members 40,000 Non-Members Kshs. 50, Cybersecurity (CSX) Fundamentals + Exam Date: 9th-10th April 2018 Venue: Mombasa Charges: Members 75,000 Non-Members Kshs. 85, ISACA Annual Conference Date: 11th-13th April 2018 Venue: Mombasa Charges: Members 46,400 Non-Members Kshs. 52, Cybersecurity (CSX) and CISM Bootcamp Date: 23rd -27th April 2018 Venue: Nairobi Charges: Members 7,000 Non-Members Kshs. 10, Cybersecurity: Doing more with less Date: 9th May 2018 Venue: Nairobi Charges: Members 3,500 Non-Members Kshs. 4,000. CPE Hours: 3 6. Mapping Enterprise Cyber Security Plan to Risk Framework Date:31st May 2018 Venue: Nairobi Charges: Members 1,000 Non-Members Kshs. 1,500. CPE Hours:2 7. CISA/CISM/CGEIT/CRISC Exam Review Date: 4th - 8th June 2018 Venue: Nairobi Charges: Members 60,000 Non-Members Kshs. 70, IT Audit (Financial Workshop) Date: 18th - 22nd June 2018 Venue: Nairobi Charges: Members 92,800 Non-Members Kshs. 98, IT Innovations: IoT Risk, Assurance and Audit Date: 18th - 22nd June 2018 Venue: Mombasa Charges: Members 1,000 Non-Members Kshs. 1,500. CPE Hours: 2 The bootcamps provide training on ISACA certifications facilitated by ISACA Kenya trainers who volunteer on pro-bono basis as a way of mentoring the next generation of professionals. The first bootcamp was held at USIU-A from Mon 24th April - Fri 28th April The participants were taken through the Cybersecurity Fundamentals (CSX) and Certified Information Systems Auditor (CISA) curriculum at a fee of only Ksh 10,000/=. The money was used to cater for meals, administrative costs and ISACA student membership. The second was held from 17th to 19th January 2018 at Strathmore University. This boot camp exclusively covered Cybersecurity Fundamentals (CSX). ISACA student members only paid Ksh 5,000/= and non members Ksh 7,000/= ISACA Kenya is looking for more Universities to partner with in order to host future bootcamps. If you are able to facilitate this please send an to events@isaca.or.ke. CISA Mr. Polycap Denis Okumu Onyango CISM Mr. Paul Kamau Kamiru, CISM CRISC Mr. Micah Amge Njeule, CISA,CISM,CRISC

4 Q1 SUMMARY IN PHOTOS (2018 SGM) 8

5 Certification CISA (Certified Information Systems Auditor) CISM ISACA CERTIFICATIONS Certification Description CISA designation is a globally recognized certification for IS audit control, assurance and security professionals. The uniquely management-focused CISM certification promotes international security practices and recognizes the individual who manages, designs, and oversees and assesses an enterprise s information security. Target group Cost (Tuition + Exam) Exam window The CISA Certification was specifically created for professionals with work experience in information systems auditing, control or security that include: IS/IT Auditors Security Professionals IS/IT Consultants IS/IT Audit Managers The CISM certification was developed specifically for experienced information security managers and those with information security management responsibilities who include: Information Security Managers Aspiring Information Security Managers IS/IT Consultants Chief Information Officers CGEIT CRISC CSX (Fundamentals & Practitioner) CSX (Fundamentals & Practitioner) CGEIT provides you the credibility to discuss critical issues around governance and strategic alignment, and the traction to consider a move to the C-suite, if you aren't already there. CRISC is the only certification that prepares and enables IT professionals for the unique challenges of IT and enterprise risk management, and positions them to become strategic partners to the enterprise. CSX is designed to help fortify and advance the industry by educating, training and certifying a CSX is designed to help fortify and advance the industry by educating, training and certifying a stronger, more skilled workforce that can keep organizations and their information secure- now and in the future. The CGEIT certification was specifically developed for IT and business professionals who have significant management, advisory, or assurance roles relating to the governance of enterprise IT, including: IS/IT Directors IS/IT Managers IS/IT Consultants IT Governance Professionals IS/IT Executives The CRISC certification was specifically created for risk and control professionals, which include: IT professionals Risk professionals Control professionals Business analysts Project managers Compliance professionals The Cyber Security Course is ideal for the following IT Professionals: IT Manager The Cyber Security Course is ideal for the following IT Professionals: IT Manager Manager Security Manager Site Administrator Administrator Technical Support Engineer Systems Engineer Banking, Insurance, and Finance Professionals Law Enforcement Officers Government Agencies Members: USD 728 Non-members: USD 825 per module Members: USD 728 Non-members: USD 825 per module Further details can be accessed on: For enquiries contact Fredrick Bitta (Certifications Coordinator) on: fred.bitta@gmail.com or admin@isaca.or.ke