Anna Collard is founder and Managing Director of Popcorn Training, which promotes IT and information security awareness training using innovative, story-based techniques. Collard has been working in the information security field for 15 years assisting corporates across South Africa, Europe and the US keeping their information assets safe. Collard is a Certified Information Systems professional, an ISO 27001 Implementation & Lead Auditor consultant, and a business analyst. At one time a Visa/Mastercard Qualified Security Auditor. In this interview with Heath Muchena, Collard discusses leadership, information security, challenges women face in the IT sector, and shares insights on how to establish a successful career in the tech ecosystem.
Heath: How do you balance the need for technical security solutions with the potential friction it can create for businesses?
Anna: Security’s ultimate goal is to help business stay in business and is an enabler rather than a “restrictor”. This requires security to sit at the decision maker table from day one and not just be invited as an after-thought. Many technology trends, such as mobile, cloud, AI etc will only deliver the value if the solution has been built with adequate protection. It’s a bit like the analogy of the sports-car, it can only really race fast if it has good breaks.
Where it becomes difficult is when compliance or security starts to stifle business objectives. In those cases, the business needs to make the ultimate decision, which includes taking full responsibility for and accepting any risks highlighted by the compliance or security team.
Heath: How important is it to take a business-focused view of technology in your sector? Do you recommend a business first, IT/security second approach?
Anna: I believe in applying a risk-based approach to security. This means prioritizing security controls that help protect and enable the business’s critical business processes, rather than just following a compliance drive or the latest technology trend. Sun Tzu’s Art of War “If you know the enemy and know yourself, you need not fear the result of a hundred battles” is a great analogy for this.
The first step in defending against cybercrime is getting to know both the possible threats as well as the organization’s weaknesses. Understanding what specific criminal motives might drive someone targeting your organization makes it easier to defend against. Think about the value of personal information you store, what opportunities exist to commit financial fraud or to extort a ransom payment? Who is the ideal victim within your organization and which channels might work best? What would the impact be? Questions like these allow you to identify and prioritize risks related to cybercrime.
Heath: How should IT leaders align their businesses with the need for security solutions?
Anna: The first step here is to raise awareness both amongst the IT leaders themselves as well as business decision makers and other executives about potential threats impacting their business processes. This will allow for more informed decision making when weighing up security versus functionality for example.
Heath: What’s your approach to providing information security guidance to organisations? How should risks be conveyed to boards who are not necessarily security experts?
Anna: As a security awareness company, we take internal awareness seriously. Every new joiner undergoes a rigorous induction training program, which includes all our policies and a lot of security awareness. We conduct frequent phishing simulations internally – meaning every employee will get at least one random simulated phishing email per week. People who fall for any of those have to undergo remediation training. Anyone who doesn’t take their remediation training within a week gets reported all the way up to the CEO.
In other organizations where security is not necessarily on the board’s agenda yet, I assisted in giving awareness sessions to the executives as a VIP target audience. This serves two purposes: Firstly, it raises the awareness level of the executives themselves, who are attractive targets for spear-phishing attacks. Secondly, it allows the Security team to get executive buy in and if lucky, even their involvement in further awareness campaigns across the rest of the organization. Having senior support is absolutely crucial in creating effective awareness, so this is usually the first step before starting anything else.
Heath: What KPIs or metrics do you use to measure the effectiveness of an information security program?
Anna: Measuring effectiveness of an overall security program should include different metrics for different audiences; as for example management may not necessarily understand the context of technical metrics such as vulnerabilities found, whereas they may be of value to the IT team. The metrics I’ve seen used in practice include:
- Heatmapof current threats and how the Security rates their confidence to defend against these (i.e. DDOS attacks, Advanced Persistent Threats etc.);
- Risks identified vs remediated;
- Audit findings % complete;
- Security standards assessments and health checks (i.e. against ISO 27001 standards or ISF framework or similar);
- Security Incidents and time to resolve / mitigate;
- Technical metrics, such as phishing, spam and malware blocked (in numbers), vulnerabilities found;
- Human behavior metrics.
Heath: How do you keep up with the latest security issues and methods?
Anna: I subscribe to cyber security blogs by experts such as Brian Krebs, Stu Sjouerman, and Bruce Schneier. I also follow many interesting thought leaders on LinkedIn. I’m also fortunate enough to be part of a few industry WhatsApp groups where latest news or incidents are shared. As part of our content creation process I need to research latest scams, threats or technology trends.
Heath: Is Africa ready for the exponential nature of the change and impact of the 4IR? How should ICT leaders foster this change and ready their organisations and consumers for the fast-paced change presented by technologies?
Anna: The KnowBe4 African Cyber Security Survey 2019 has shown that African’s are not prepared for cyber threats. Since security is a prerequisite for any of the new technologies that will take us into the 4IR, more work needs to be done to not just address the security skill shortage on the continent (we only have about 10000 security professionals across the whole of Africa) but to also educate the public on the potential pitfalls and risks they are exposed to, ranging from sharing too much information to being aware of mobile malware and social engineering attacks.
Heath: Women in the technology ecosystem are definitely in the minority, so why did you decide to pursue a career in tech?
Anna: I got into the cybersecurity field coincidentally, I was lucky to get a student-job at Siemens while I studied economics in Munich, Germany. They paid better than waitressing and I enjoyed the diversity and learning opportunity. Siemens also allowed me to write my thesis on the importance of information security from a business perspective back in 2001, when security was still very much a nice area.
I generally love learning new things and security requires you to learn every day as the landscape changes all the time. It’s such a fascinating field as security touches literally all the technology domains as well as the physical and human factors. There are many exciting opportunities for women in cybersecurity because of its overarching applicability.
Heath: What are some of the biggest challenges that women who want to venture in the world of technology face today?
Anna: Women sometimes tend to be less assertive as well as doubt themselves more than men do. I see this often in interviews, women too quickly highlight their shortcomings, whereas male counterparts display more confidence in tackling new challenges, even if they are not qualified yet.
As employers, we need to be aware of these subtle differences and encourage women more to take risks and trust their abilities. I always tell women who have self-doubts that if they mastered how to apply a smoky eye from watching it on YouTube, they can learn anything. Security might be complex, but it’s not rocket science and there are many areas in the field that are really interesting.
Heath: What do you think are the biggest misconceptions about working in the tech sector as a woman today?
Anna: That it is a male dominated industry. I know many successful women in the tech sector and it’s an exciting field to get into for young girls and boys alike. Women, especially mums, are generally great jugglers- a skill that is needed in a demanding industry. This is a bit of a generalization, but a lot of women have great communication and creative skills, something that is absolutely key in running security awareness programs, project or change management programs.
Empathy and listening skills, another typical female trait comes in handy when trying to communicate technology or security to end users, upper level management or executives.
Heath: What influences your leadership style and what values are important to you?
Anna: I love learning, research and innovation and I’m not a typical people’s person. This makes me a more distanced leader as I leave my team to do what they do best. I strongly believe in hiring great people and giving them the freedom to become high performers by providing the vision and some guidance but not interfering in the way they do things. Unless they need assistance of course.
Heath: Who are your role models for women in tech?
Anna: I once was lucky enough to sit next to Cathy Smith, CEO of SAP Africa on a flight. She really inspired me to remain authentic. We don’t have to be highly extroverted and loud alpha type personalities to be good leaders. Being soft-spoken, calm and relying on our female intuition is an often-underestimated superpower. Cathy reminded me of that, it was a very inspiring conversation for which I’m very grateful for.
Visit Popcorn Training
Opeyemi Adeyemi: Addressing menstruation stigma with her invention, The Flow Game
Opeyemi Adeyemi fondly called dryemz is a Public Health Physician and owner of the sexual health clinic which runs under O and A Medical Center Ogun State, Nigeria. She had her medical training in Sumy State University, Ukraine and MscPH from the University of South Wales. Opeyemi invented The Flow Game in an effort to address menstruation stigma and has written two books on sexual and reproductive health. Her foundation runs the Brave Boys and Girls club which travels around the South western part of Nigeria to provide sex education to children and teenagers in the effort to fight against public health issues like teenage pregnancy, STIs, HIV/AIDS and Sexual assault. In this interview with Alaba Ayinuola, she speaks on her social entrepreneurship journey, The Flow Game and why she is addressing sexual and reproductive health issues. Excerpts.
Alaba: Could you briefly tell us about yourself and your social entrepreneurship journey?
Opeyemi: I am a public health physician who is passionate about sexual and reproductive health. I am also the creator of the FLOW GAME which is West Africa’s first board game that teaches menstrual health. My journey started in 2017 during my NYSC program where I met with the impact of misinformation and lack of access to youth friendly sexual clinics had on teenagers and young people. This led me to the start of The Brave Boys and Girls Club tour around secondary schools where students are given age specific sexuality education free of discrimination and judgment. From touring, it gave birth to menstruation workshops, consent workshops and now creation of board games that are afrocentric and youth friendly.
Alaba: What inspired you to launch O & A Medical Center and The Menstrual Flow Game?
Opeyemi: The Sexual Health Clinic is under O and A Medical Center in Asero, Abeokuta where anybody regardless of your background, gender, sexual orientation or any other status can get care for sexual and reproductive health issues. We offer a wide range of services that are cost friendly for the average Nigerian. The Flow game was created because during the tour, I realized the power of menstruation stigma, so decided to involve the team of expertise and the girls from the club in the creation.
Alaba: What is the core issue you are addressing with the Flow Game?
Opeyemi: Menstruation is a subject that still has a great level of shame attached to it. Some cultures still see menstrual blood as dirty blood. Some girls use harmful products to collect their menstrual blood. The Flow Game is a fun way to teach menstrual health and hygiene. The game covers four main areas: the female reproductive system, menstruation and menstrual related health issues, menstrual products, pregnancy and contraception. Other issues touched on include sexual assault, consent and sexually transmitted infections.
Alaba: How have you attracted users and grown the platform from the start?
Opeyemi: The platform is currently being reviewed as the plan is to take it digital; decided to start with a board game as it is easier with the tours, besides an average Nigerian teenager might not have the resources to play the game online and did not want to miss out on these sets of people. The buzz around the game is increasing, the game was recognized on Menstrual Hygiene Day 2021 by the African Coalition for Menstrual Health Hygiene and the Indian Commissioner of Women Affairs during a conference held in Bangladesh.
Alaba: Data protection is a concern for users of health platforms. Could you explain your data protection policy?
Opeyemi: Right now we are are currently working on our policy but I can assure users that they would be protected besides the data page in design would require nickname, age, sex and email address.
Alaba: Would you expand in the direction of male health (fertility, contraception, etc)?
Opeyemi: Yes, in June, 2021. In a bid of getting a project with an international organization, the Play It Safe board game was created and it is currently being tested in the school tours. The game is for both genders and covers safe sex practices.
Alaba: As a social entrepreneur, what has been your biggest challenge up until now?
Opeyemi: The field I chose is still faced with a lot of stigma, so a lot of sensitization is involved, changing mindsets and cultures associated with it. The second I would say is finances, balancing the cost of production and the ability of the target community to afford the services rendered.
Alaba: The term Femtech is still quite new. What is your opinion of the state of Femtech industry and its growth?
Opeyemi: Femtech has had a massive impact on female health, so many innovative ideas that are gender specific. A good example are period tracking apps which have allowed women to track the menstrual cycle, have a better understanding of their cycle and make informed decision about fertility. I am happy to be in the industry and I know there is still so much more to be done especially in Nigeria.
Alaba: Where do you see the Flow Game and sexual wellness in the next 5 years?
Opeyemi: This is one question I keep asking myself every day, I desire to go beyond the Flow Game. Very few innovations on sexual and reproductive health tailored to the African woman. I would like to be one of the women creating sexual health innovations that are Afrocentric in the next five years.
Alaba: As an inspiring social entrepreneur, what piece of advice would you give to fellow female entrepreneurs?
Opeyemi: Invest in knowledge; learn from those who have done things in your desired field. Also understand that gender is nothing more than a social construct it does not define YOU, whatever you want to achieve is not tied to gender. Dream big and take steps to turn the dreams into realities.
Interview with Insure Africa Founder, Judith Pila On Driving Insurance Inclusion
Judith Pila, Founder Insure Africa (Image: Supplied)
Judith Pila is the Founder of Insure Africa, a company whose main goal is to drive insurance inclusion in Africa through literacy, education, and awareness. Aside being an insurance professional, Judith is a contributing writer to Insuranceopedia, an online insurance information platform focused on Canada and US markets. She is the Content Director for Ladies Corner Canada Magazine, a Board Director for LCC Media Foundation. She volunteers with various organizations like, Insurance Institute of Canada, Career Education Council, SoGal Foundation. In this interview with Alaba Ayinuola, she speaks on her entrepreneurship journey into the insurance ecosystem and why she is driving insurance inclusion with Insure Africa. Excerpts.
Alaba: Could you briefly tell us about yourself and how you end up building in the insurance space?
Judith: My name is Judith Pila, born and raised in Nigeria, I now live in Canada. My journey to the insurance industry was purposive and one inspired by the need to do something different in an environment where it seemed everyone else wanted regular careers. Shortly after I moved to Canada, I already knew the industry was where I needed to be. In 2015, I began my career in insurance.
Alaba: For those who don’t know, what does Insure Africa do?
Judith: Insure Africa is a company that is, focused on driving insurance inclusion in Africa through literacy, education and awareness. We also provide consulting services to individuals and small businesses, we help them make smart and informed insurance decisions to help meet their personal and business goals.
Alaba: What makes Insure Africa special from other startups driving insurance inclusion?
Judith: While other startups are driving insurance inclusion through Artificial Intelligence and Technology, Insure Africa is doing same through literacy, awareness, making sure that Africans are well informed about insurance, so that when they decide to take on any insurance products, they are equipped with the knowledge they need.
Alaba: What have been the biggest challenges and successes in building Insure Africa till date?
Judith: I think I would have less to say in this regard, considering that Insure Africa has been actively operating as a company for only about four months. I think the biggest challenge has been trying to convince people that we are not insurance salespeople. I think the moment you mention insurance to someone in Africa, they feel like you are trying to sell them a product. People that we have been able to reach, see value in the services we offer and have given us positive feedbacks, I would consider that a success.
Alaba: How has the insurance industry evolved?
Judith: Unlike before, when most people thought insurance was only for the rich and large corporations, more and more people are now seeing the need for insurance. The Covid-19 pandemic has also proved the importance of insurance. And with the use of technology, insurance companies are now offering insurance products through different channels making it more accessible to consumers like never before.
Alaba: Kindly share the most difficult part of being a CEO of a startup?
Judith: I think one of the most difficult part is the unpredictability, that what you are trying to build will either fail or be a success.
Alaba: How do you feel as an African entrepreneur?
Judith: I feel great and inspired by other African entrepreneurs who have made it to the top.
Alaba: What are Insure Africa’s expansion plans in terms of product, tech & markets in the next 5 years?
Judith: We are more of a service company and have plans of reaching as many people as possible that might need our services. We do have tech plans but are not ready to share those plans yet. We already have representatives in about 5 African countries and think that the opportunities are endless, and the future is looking bright.
Alaba: Finally, what piece of advice would you give to budding entrepreneurs?
Judith: Keep building, there are going to be tough days, but hold on to the vision and hope for a better end.
Edith Njage: My Letter to fellow Female CEOs
Edith Njage, Co-Founder and current CEO of Arielle for Africa (Image: Supplied)
Edith Njage is a Social and Serial Entrepreneur based in Africa. She is the Co-Founder and current CEO of Arielle for Africa, which aims to create over 100,000 jobs in Africa through empowering, training, coaching and connecting and funding entrepreneurs. Edith is the Country Representative for Invicta Ventures on a mission to fund social impact ventures with up to $10 billion in developing markets. She holds a Bachelor of Business Administration with a major in Finance and a Bachelor in Business Management with a major in Economics. A Master of Science in International Business with a major in Disruptive Innovation and a Master of Science in Finance, both from HULT International Business School. Excerpts of her letter below;
There are realities that come with being a woman in leadership that in most cases remain secret.
Realities faced but not communicated.
My journey as a Young, Black and Female CEO has been nothing short of rough, tough and everything in-between. The hardest truth is that the journey has been lonely with no-one to turn to, until I decided to make changes to not only my leadership, but my circles as well. I began my journey as a serial entrepreneur at 18, relatively young in the books of most but when a problem in your continent calls, age is never a factor. I became a CEO at 24 and to date I wish someone explained the realities of being a woman in leadership. Especially a young and black woman in leadership.
I wish I knew the bias that I would face each time I walked into a room and sat on the table when most expected me to just bring the coffee,
I wish I knew that fundraising would be more about my gender and race than the value my companies brought to the table,
I wish I knew that the most powerful weapon a female CEO can wield is a network of other female CEOs,
I wish I didn’t do it all alone.
Dear Female CEOs,
You are powerful. You are graceful, You are beautiful in leadership. I know that the world has taught you to blend in, I know you have been told to use your position or title to protect your vulnerability and I know most days it feels like no-one in the world can understand what it is like to be you. I want you to know the key to our strength is each other. I want you to know that rather than face the bias alone, rather than rise to the top alone, we can band together and not only rise but build a system for the next generation of female CEOs to struggle less than we did.
Where the world has called us bossy, let’s exude grit and relentless pursuit of our dreams,
Where they have called us soft, we can preach emotional intelligence and finally,
Where they have prevented our progress, we can build paths for the progress of other women after us.
This is our time, but we cannot go at it alone. We must band together and begin talking about these realities, not in secret but for the world to see. It is for this reason that I decided about a month ago that enough was enough and that it was important for me to begin sharing the truth behind my journey as a Young, Black and Female CEO. I started a podcast!
Since beginning this journey I am in awe of how many women in leadership, in business, in politics and in corporate have reached out sharing their stories!
The Latest Episode is available below (streamed to Spotify and Apple Podcast). Adding onto that I have decided to be intentional about building a Female CEO Global Board. A space for Female CEOs to share their stories, struggles, plans for growth of their businesses and so much more!
If this is something that interests you and you would like to join us next week or maybe just find a safe space and community of women who understand, book a coffee chat with me here; https://calendly.com/edith-njage-alpha-group/one-on-one
I became intentional about building circles with fellow female CEOs and investing into those circles so that as a tribe we would all rise! Rise in business, rise in our purposes and pursuits and rise in who we are as people in the world.
As always, I hope that unashamedly sharing my truth will help you know that you are never alone.