Please, call me Dr Mawudor

At 28, Dr Bright Mawudor holds a Doctor of Science degree in Convergence and Application Engineering.

At six years, he created his first computer virus. Then, he was a pupil at Dora Memorial School in Ghana, where he grew up. At eight years, his parents enrolled him in a computer school. The course was to take eight weeks, but in just six hours, Bright was ready to sit for the exams, in which he scored top marks.

In 2003 when he turned 14, he and his family relocated to Kenya, where he joined St Marys’ School, Nairobi. This is the same year that he created his second computer virus, and out of curiosity, he started hacking.

“After secondary school, I joined Daystar University to study for a Bachelor of Science in applied computer science. Here, I had access to a resource computer laboratory, and this allowed me to practice coding in a controlled environment,” he says.

Though he was exposed to various aspects of IT, cyber security interested him most. This interest is what led to AfricaHackOn, a non-profit entity he co-founded with a friend, Lewis Ng’ang’a, in 2013. With their team of 30, they teach what they know about cyber security through training conferences and boot camps in universities across the country.

AfricaHackOn is similar to hacking conferences such as Defcon in the United States, where cyber security enthusiasts and like minds converge to find out what is new in the hacking world and to know how to better protect organisations’ systems from this threat.

“It is interesting how the idea of AfricaHackOn came about. From discussions between like-minded individuals interested in IT on a WhatsApp, it emerged that the most effective way to go about this would be to target young people in universities and colleges, who are the main consumers of the cyberspace,” Bright explains.

Since 2014, AfricaHackOn has been running two-day student boot camps at universities in Kenya for free.

RISK ASSESSMENT

On the first day, students learn about the various areas of cyber security and what it entails. On the second day, they practically learn how to secure and manage computer systems. So far, AfricaHackOn has held the boot camps at nine universities and two colleges through the support of the science faculties at these institutions. Their upcoming training conference is due in June this year, and has attracted interest from several corporate organisations in the fields of telecommunication and finance.

The two-day training conference costs Sh1,500 for students and Sh3,000 per head for corporates. The money, Bright explains, will go towards paying for the venue, sound, catering, stationery, as well as paying the organisers.

So far, the organisation has managed to secure jobs for six budding cyber security engineers, while two others have benefitted from scholarships.

The trainings have raised awareness on the importance of cyber security, and many students studying IT have taken an interest in it.

“Our aim is to develop highly skilled IT professionals, make them see why they should not be black hat hackers,” explains the cyber-cop, who was among the finalists in the Top 40 Under 40 men survey in 2016, an annual survey by the Business Daily and KPMG.

Black hat hackers, he explains, are individuals with extensive computer knowledge who destroy organisations’ security systems out of malice or selfish motives.

Besides the periodical trainings, the AfricaHackOn team, made up of 30 individuals, including Bright and his co-founder, also do system vulnerability assessments for organisations. Some of their past clients include the Nation Media Group, Safaricom, Cellulant and JamboPay.

He explains that his job as a cyber security engineer is to find loopholes in organisations and advice on how to fix them. He has made presentations in over 10 cyber security conferences in South Korea, Kenya and Ghana.

“My finding has been that most computer systems in Kenya are vulnerable to hacking, but even worse, these companies do not know it yet.”

This subject was part of his PhD research thesis in IT Convergence and Application Engineering at the Pukyong National University in South Korea, where he graduated in  2016.

The research focused on developing the right cyber security awareness for Kenya, a development on his Master of Science in Advanced information Science and Technology research, which focused on cyber security strategy implementation in Kenya.

“It demonstrated how businesses in Kenya, especially banks, can fully secure their systems,” he explains.

For his thesis, he designed a new model for banks in Kenya to secure their systems.

In July this year, Kenya was ranked among one of the world’s top 10 most vulnerable countries to cyber attacks on the Check Point cyber threat map. With the world navigating towards digital platforms, cyber security has become a necessity.

“Today, no one breaks into organisations with physical weapons, those who want to harm you do it behind their laptops in the comfort of their homes,” he points out.

FIRST AMONG EQUALS

Alongside running AfricaHackOn, Bright is the group head of information and risks at Cellulant, a leading mobile technology solutions’ company, where he had previously worked for two years before joining Pukyong National University in Korea.

A PhD at 28? How did that happen so fast? We want to know.

“I was so passionate about cyber security, I surpassed my master’s credit. The IT convergence department at Daystar (University) advised me to push some of the credit hours to a PhD - It would have taken me about four years to complete my doctoral degree, but due to this, I managed to do it in two years since I had started my research earlier,” he explains.

“As you can imagine, I was the youngest in my class. On graduation day, I sat in a sea of very elderly people. Besides my doctorate degree, I was also recognised and awarded for exemplary performance.”

 Bright says that his PhD, has changed his thinking about research and development.

“Having interacted with experts from Russia, USA, Korea, China, Japan and Philippines, I have learnt that the skills set needed in this industry are wide,” he says.

These skills are in areas such as secure software development, infrastructure security and corporate governance.

His daily challenge is to outsmart the hacker.  “Every day, I read and research on the latest hacking techniques, how hackers are bypassing security systems.”

This involves attending physical and online forums where he engages with those in his line of work. He also learns new codes and develops many more. 

****

What does it take to excel in cyber security?

Passion.

You must have the passion to know more about this area everyday by practically doing it.

What is the best advise you would give budding techies and cyber security engineers?

Constant practice is necessary, and patience is a must.

It involves a continuous process of learning new methodologies daily. In this field, what you know today becomes almost obsolete in a year as technology keeps on changing. You have to read widely from books, webinars and conferences. Log onto africahackon.com and visit our social media pages for upcoming boot camps.

What does it take to be a cyber security engineer of repute?

Humility and a generous attitude. IT is an industry that has got many skills. You have to share your knowledge with others to learn more.