CSSA 2025 successfully took place 8-9 September 2025 at the University of Cape Town. The event focused on Protecting the human in an AI threat-driven world. Our exceptional line-up of speakers presented on a range of topics, providing participants with the insights, knowledge, and lessons learned to manage AI in their respective sectors. 

This was done as artificial intelligence has become cybercriminals best friend. This ever-evolving tool can enhance cyber-attacks making it more sophisticated, harder to detect, and quicker to carry out. 

AI can identify potential targets, create customised attacks to exploit that target, and access data and systems without the owner being aware of it. AI continuously learns and adapts and can therefore be prompted to avoid security measures that exist to prevent detection. 

Even more worrying, is that cyberattacks are launched more frequently and at a faster pace. Research about potential targets is done faster and more accurately than before, with minimal human intervention. Attacks are therefore more personalised with relevant information that makes these attacks harder to identify.  

There is even more pressure on humans to be more alert and aware of communication that they receive. In particular 

• social engineering attacks
• fake profiles
• videos, emails, text messages, audio, and photographs that contain false or biased information

First line of defence 

Humans remain the first line of defence and therefore play a crucial role in this ongoing fight against cybercriminals. However, there is a need for elements of AI to be included in incident response plans to more effectively manage potential cyberattacks. 

Cybercriminals will continue to flourish and carry out their targeted attacks. It is therefore up to each of us to equip ourselves with the necessary skills, understanding of the evolving situation, and collaboratively identify potential solutions that can be used to protect our digital assets. 

The Cyber Security Symposium Africa event aimed to provide a safe space for those in the information and cybersecurity fields to discuss, debate, and work together to come up suitable incident response plans for various sectors. 

CSSA 2025 was proudly sponsored by

Topics presented at CSSA 2025

CSSA 2025 speaker line-up

We had an exceptional range of speakers who presented at CSSA 2025.

Joe Tidy

Joe Tidy is a reporter, presenter and author. His book of Ctrl+Alt+Chaos: How Teenage Hackers Hijack the Internet is out now and investigates the dark side of teen hacking culture and why we are repeatedly failing as a society to address the growing issue of teen cybercrime. Joe is the BBC’s first ever Cyber Correspondent and the foremost voice in the corporation on cybercrime and hacking. Over the past ten years he has covered all major cyber-attacks for BBC and Sky News working across TV, Radio, social media and news websites. He has made documentaries about cyber security travelling to the US, Russia, Saudi Arabia, Argentina, Germany and Ukraine to track down stories and characters. 

Nikki Peever

Nikki Peever joined CAUDIT in January 2022, and, as Director of Cybersecurity, is responsible for the development and delivery of CAUDITs cybersecurity initiative for the Australasian higher education and research sector. This includes leading and delivering the Australasian Higher Education Cybersecurity Service (AHECS), which includes a broad range of activities and strategic thought leadership spanning procurement, advocacy, advice, training and awareness, threat intelligence, event management, operational support, and governance and compliance.

Nikki is a member of the Resilience Expert Advisory Group (REAG) which promotes organisational resilience in support of Australian critical infrastructure owners and operators by providing strategic advice, guidance, and tools to mature security and resilience approaches. The REAG advises the Trusted Information Sharing Network (TISN) and the Critical Infrastructure Advisory Council (CIAC) on practical ways to improve organisational resilience to support security and resilience uplift to achieve objectives in the 2023 Critical Infrastructure Resilience Strategy and Plan.

Nikki is also a co-chair for the Higher Education, Innovation & Research Trusted Information Sharing Network (TISN), which includes being a representative to voice the sector’s achievements, emerging situations, and issues to the CIAC and in some cases to the National Emergency Management Agency (NEMA).

Nikki has previously worked at Attorney Generals Department/Australian Government Solicitor as the Director of Field Operations, Compass Assurance as an Information Security Management System Assessor, and Queensland University of Technology as a Sessional Academic. Nikki holds a Bachelor of Information Technology (Honours), a Bachelor of Psychological Science, Grad Dip in Law, is a certified ISO27001 lead auditor, holds PRINCE2 and ITIL certifications, and is currently undertaking a Juris Doctor. Nikki worked on a PhD candidature collaboration between QUT, AFL Players Association, and Movember, which looked at fostering wellbeing amongst sports fans using mobile health applications. In her free time, Nikki plays football and futsal. Nikki is based in South East Queensland.

Greg Sawyer

Greg Sawyer joined CAUDIT in January 2020 as Director, Cybersecurity Program and was appointed CAUDIT's Chief Executive Officer in April 2022. Prior to this Greg was seconded as the Strategic Initiatives Development Manager in 2019 from the University of Sydney. Greg has over 25 years’ experience in the Higher Education sector between the University of Sydney and UNSW Sydney. During that time he has held technical roles within Faculty IT Manager and Communication Services, desktop and infrastructure before moving into management and director roles within Infrastructure, Security and Project management. Prior to this he completed 11 years in the Department of Defence - Army focusing on electronics, radio communication and cypher including operation service in Cambodia with the United Nations. Greg has represented on external advisory boards including the Australian Computer Society Internet of Things (IOT) and Cisco Mobile Technical Advisory Board. He has presented at numerous conferences. 
Greg holds a Master of Business Technology (MBT) and graduated from the CAUDIT Leadership Institute in 2018. 
Greg is based in the Blue Mountains in NSW.

Michael Pound

Michael Pound is an Associate Professor of Computer Science at the University of Nottingham, UK. His research focuses on the development and application of computer vision and AI approaches across a variety of problem domains. His recent research has focused on object saliency ranking, segmentation and counting, using both traditional machine learning and modern generative AI. He has also taught computer security and cryptography to students for a decade, as well as courses on Encryption for O'Reilly media. Outside of academia, he is passionate about education in computer science. He is a regular contributor to the YouTube channel Computerphile, where his videos on subjects including AI, computer security and cryptography have accumulated over 60 million views.

Dr Eldridge van der Westhuizen

Dr. Eldridge van der Westhuizen is a highly experienced IT professional with a career spanning more than 25 years, encompassing IT engineering, strategic leadership, and digital transformation in both the public and private sectors. H holds a Master’s degree in IT from Nelson Mandela University (2011), and a PhD in IT with a specialisation in Health Informatics, awarded in 2023.

Eldridge’s technical foundation includes advanced competencies in Linux/Unix systems, networking, firewalls, databases, and cloud computing. He brings more than 20 years of experience in the higher education sector. At Nelson Mandela University, he served for 14 years in IT engineering and management, leading a team of 40 professionals within an ITIL-aligned operational framework. In 2020, he was appointed Director of Information Technology Support Services at Durban University of Technology, where he oversaw and optimised institutional IT operations.

Since then, Eldridge has also served as the Data Analytics and Special Projects Manager at HEITSA (Higher Education Information Technology South Africa). In this national role, he supports South African universities by providing data-driven insights and managing key digital transformation initiatives across the higher education landscape.

He is a member of the Institute of Information Technology Professionals South Africa (IITPSA) and a longstanding, active contributor to HEITSA. Passionate about the intersection of technology, people, and education, Eldridge is committed to driving innovative, people-focused solutions that shape the future of higher education IT.

Galeboe Mogotsi

Galeboe Mogotsi is the Chief Information Security Officer (CISO) at the University of the Witwatersrand and Vice President of the Cloud Security Alliance – South African Chapter. With over 18 years of experience in cybersecurity, digital transformation, and IT leadership across public and higher education sectors, Galeboe is a trusted advisor on building cyber-resilient organisations. He is passionate about advancing cybersecurity awareness and closing the talent gap, especially among South African youth.

Galeboe's presentation, AI vs AI: Detection and Response vs Attacks, will explore the evolving AI arms race, examining how defenders can harness AI to detect, respond to, and outpace AI-powered attacks. Real-world case studies and practical insights will highlight how security teams can stay ahead in this dynamic battlefield.

Istvan Berko

Istvan Berko is an AI Security Strategist at World Wide Technology, based in Dallas, Texas but originally from Cape Town, South Africa. With over 25 years of experience in security, risk, and governance, he now specializes in AI security.

His professional journey includes key roles such as Field CTO and Director of Security Services & Solutions at NTT/Dimension Data as well as Security Advisory Lead, Global Services Security at Amazon Web Service. Istvan holds an MSc in Information Security from Rhodes University in Makhanda. He is certified in CCSP, CISSP, CISM, CISA and CRISC. 

In addition to his corporate contributions, Istvan has co-authored AWS Cloud Adoption Framework whitepapers, including the Security Perspective and Governance Perspective. He is actively involved in the cybersecurity community as past Vice President of the (ISC)² East Bay Chapter and as an organizer for BSides San Francisco, BSides Cape Town, and various other industry events.
Istvan continues to drive innovation in AI security while supporting professional development in the field.

Terence Govender

Terence Commenced his career in Networking as a consultant with then qualifications in Novell and Microsoft as a Systems Engineer. He later progressed to management and held roles of Head of IT, Chief Technology Officer and Chief Information Officer for some blue-chip listed organizations such as Sun International, Discovery Health and Zurich Insurance. Terence is currently a Pr. CIO and Senior Director of Engineering – heading up Cyber, Risk and Compliance. Previously, he was a partner in a boutique firm heading Cyber Security and GRC. He is also a board member of the IITPSA and the Deputy Chair of the Western Cape Chapter.
Due to his passion for human development and wanting to make a difference in the lives of others, he also co-founded a business that helps other businesses manage People Change in large and/or complex technology systems adoption including but not limited to digital transition. Terence is not only technically inclined but also equipped with an MBA from Oxford Brookes University, Post grad in Advanced Strategy from UNISA, in addition to TOGAF, ITIL and COBIT Certifications.

Brigadier Janine Steynberg

Brigadier Janine Steynberg is a distinguished officer in the South African Police Service (SAPS), with a career spanning over three decades. Joining SAPS in 1990 as a line function police officer, she qualified as a detective in 1996, specialising in fraud investigation. After transitioning to commissioned officer roles, she held various command positions before shifting her focus to cybercrime investigation in 2011. As a pioneer in this field, Brigadier Steynberg became the first online investigator in SAPS and established a dedicated capacity for online investigation using Open Source Intelligence within the Directorate for Priority Crime Investigation. Currently, she serves as the Provincial Commander for Priority Crime Specialised Investigation in the Western Cape, overseeing cybercrime, financial investigation, and asset forfeiture and recovery. Brigadier Steynberg holds multiple certifications, including Certified Ethical Hacking, and earned her National Diploma in Policing in 2023, formalising her extensive expertise in law enforcement and specialised investigations.

Simon Black

As a Technical Solutions Architect for EMEA XDR & Vulnerability Management, Simon Black brings over two decades of deep IT/Cyber Security experience, honed at companies such as Qualys and Symantec. He specializes in guiding organizations to implement data-driven, risk-based approaches that not only prioritize current security threats but also build future-proof remediation capabilities. Committed to navigating the ever-changing market, Simon actively integrates the latest Cisco innovations, including Cloud Protection and Breach Protection Suites, to deliver adaptive and comprehensive security solutions.

Dr Moses Dlamini

Moses (PhD, CISSP, CCSP & CGRC) is a senior cybersecurity researcher in the Information and Cyber Security Centre. He has lectured on Computer Science courses with a specific focus on Information Security at the University of Pretoria, University of KwaZulu Natal, Wits University and University of Swaziland. His research and consultancy work focuses on intersection of Cybersecurity and Artificial Intelligence, Gen AI and Agentic AI; Cryptography; Cybersecurity GRC; Cybersecurity for Industrial Control Systems, OT and IoT; Cloud Security; Cybersecurity Maturity Assessment; Privacy-preserving Federated Learning, Digital Forensics, and Digital Identity of Non-Human-Identities. Moses is passionate about technology that serves the needs of community and industry. He publishes his research work both at national and international forum.

Yunus Scheepers  

With 20 years of senior IT leadership experience—seven at the CIO level—Yunus Scheepers specialises in digital transformation, cybersecurity, and cloud operations. As Divisional Director of CyberSecOps at BUI, he leads teams in delivering security solutions that safeguard organisations in the evolving digital landscape.
Yunus has built IT practices from strategy to operation, optimising technology functions across industries like software development, telecommunications, eCommerce, consulting, and financial services. He has spearheaded cloud migrations, cybersecurity initiatives, and IT service management frameworks, bridging business strategy with technology execution to drive innovation and efficiency.
 

Callum Cockburn

Callum is Technical Innovation Manager at Synoptix, and in this role leads a number of capability development and R&D programmes within Synoptix, focussing on novel or disruptive technologies and working from fundamental research through to commercial product development. Currently, Callum is particularly interested in AI technologies, especially Responsible AI/AI Governance, AI Assurance, Assured Capability, and Human-Autonomy Teaming, and he is leading the development of Synoptix’s AI Assurance offering, as well as the development of Synoptix into the Healthcare domain. He is an Incorporated Systems Engineer by background, and holds an MSc in Biomedical Engineering and a BEng in Mechanical Engineering.

Andy Richings

Andy Richings is a Principal Security Engineer at Synoptix, with circa 15 years of experience in Cyber Security. With a military background and a practical approach to cyber security, Andy leads secure by design efforts across high assurance programmes, translating risk and compliance into actionable security architecture and assurance strategies. His work spans a range of domains, including the secure development of a new software platform for sensitive defence environments, the assessment and modernisation of cryptographic architectures within legacy systems, and the deployment of secure authentication and encryption methods across containerised microservices. Andy has also supported the ongoing development of security tools designed to identify and resolve vulnerabilities within operational technology environments across critical national infrastructure sectors.
 

Alvin Chang

Alvin Chang MSc, MBCS is a seasoned cybersecurity professional renowned for his strategic insight, resilience, and unwavering work ethic. He has made significant contributions to teams and organisations, earning recognition as a valued leader and a standout individual. His expertise spans cutting-edge areas in digital security, including being a board member of Cloud Security Alliance UK and co-author of CSA AI Control Matrix. Alvin is deeply engaged in innovation, particularly in venture investment models that align with his entrepreneurial focus on disruptive startups. He also works with transformative technology initiatives, such as IBM Quantum and the Wellcome Sanger Institute.

Dr Erdal Ozkaya

Erdal is a globally recognized Chief Information Security Officer with over 25 years of experience leading international cybersecurity programs across banking, tech, and consulting sectors. He has served in leadership roles at Standard Chartered Bank, Microsoft, and NEOX Networks, driving enterprise risk management and threat intelligence strategies that align with business goals. Named a Top Technology Leader by IDC, CIO Online, and NATO, Erdal is also an award-winning author and sought-after keynote speaker at events like Black Hat and Microsoft Ignite. His work bridges technical expertise with executive vision, empowering organizations to build resilient, security-conscious cultures. 

David Batho

David is the Director of security at Jisc. He is responsible for protecting the UK education sector from cyber-attacks(Further, Higher Education and UK research) . Involved in a substantial number of major cyber incidents in the sector over recent years, David is passionate about educating and improving the sector at all levels. With experience as a penetration tester and head of IT for several years in the education sector, David believes that cyber security is everyone’s responsibility, and all have a role to play in protecting their organisations. 

Liz Gosling

Liz Gosling is currently the Chief Technology Officer & CISO at Auckland University of Technology, New Zealand. She leads a team of around 100 people and is responsible for information technology provision for AUT’s nearly 30,000 staff and students, including 6,500 + desktop and laptop computers, IT and Digital plans, networking, audio visual services, innovation, contracts and software licensing, customer relationships and support services, as well as the development teams and infrastructure.

Her role is focussed on contributing to the University’s strategic direction, creating and executing ICT strategy, building collaborative relationships with key stakeholders across the University and ensuring that ICT delivers excellent services and value.

Her professional interests include customer relationship management, human resources and change management, strategy and people development.  She is passionate helping everyone develop, both professionally and personally.

Liz has worked in the IT industry for over three decades, in New Zealand, the US, UK and Europe, in a variety of roles in commercial and not for profit organisations, and in both vendors and client companies. She was chair of the Universities NZ Information and Communications Technology Committee for four years and was also the New Zealand invited board member on the CAUDIT Executive in Australia for four years.  She was elected to the TUANZ board in 2015 and served as both Chair and Deputy Chair of the TUANZ Board in 2017, until she stepped down in September 2021.

Liz was appointed to the Board of REANNZ, the national Research and Education Network, in September 2019, and served both as a Director, and as chair of the People & Culture Committee until July 2024.
Liz studied Computer Science at the University of Westminster in London, and holds an MBA (Human Resources Management), Distinction from AUT.  She was awarded the Educause Jane Ryland Fellowship in 2009 (https://www.educause.edu/careers/scholarships/eligibility/past-recipients), and in 2014, Liz attended the Harvard Graduate School of Education, and undertook the Institute of Educational Management intensive course.  She holds an Executive & Organisational Coaching Certificate and is an Agile Certified Professional, and a Chartered Member of the Institute of Directors.

Liz has featured in the top 20 of CIO Magazine’s Top 100 CIOs in New Zealand in 2017 and 2018, and was a CIO50 Award winner in 2023, and won a global Infotech Benchmarking Award in 2022.

Nathaniel Fried

Nathaniel Fried is a British technology entrepreneur, OSINT specialist, and CEO of OSINT Industries, delivering advanced investigative tools to law enforcement, journalists, and security professionals worldwide. He previously founded Turgensec, a UK national security startup funded by GCHQ/NCSC that was later acquired by a US-based firm. Nathaniel has trained law enforcement agencies worldwide in advanced OSINT methodologies, with a focus on ethical and operational intelligence gathering. He has been featured in the Financial Times for his contributions to intelligence, cybersecurity, and government.

Padma Naidoo

With more than 15 years’ experience in the field of resilience and more recently cyber, Padma Naidoo is the Director of Cybersecurity Advisory and Managed Services at NTT Data. Highly passionate about Cyber & Resilience, Padma has received awards and acknowledgements for her contributions to the field.

Over the years, she has dedicated her time to helping organisations build resilience, whilst striking a balance between “best practice” and what’s practical. Her client experience spans across all major industry sectors and includes servicing clients globally. 

She believes that, appropriately approached, Cyber-resilience can deliver broad benefits that include increased stakeholder confidence and trust, achievement of strategic objectives, receptiveness to change, agility and flexibility and an enhanced digital transformation journey.”

Kyle Pillay

Experienced Head of IT / IT Security with a demonstrated history of working across multiple industries over the last 25+ years. Skilled across strategic, tactical, and operational roles with CISSP and ISO27032 Senior Lead Cybersecurity Manager amongst others; including Mainframe security certifications. Industries have included Public sector, Banking, Telecommunications, Security cluster, Manufacturing and technology providers.