TAS 2023 | Hitachi Prioritizing People and Partnerships in Africa to Provide Innovative Cybersecurity Solutions

Anthony Subero, President and Chief Executive Officer of Hitachi Systems Security and Chief Operating Officer of Hitachi Systems Trusted Cyber Management (HSTCM) and Akim Benamara from TechAfrica News discuss the importance of customer-centric approach to cybersecurity in Africa, with a focus on user training, education, and building digital confidence.

We are happy to meet you at the Transform Africa Summit. Let’s start with your focus for Africa – what is your approach to the market?

We prioritize the customer’s perspective over the technology when examining dynamics. Digital technology and platforms are just a single component of a larger system that includes processes and people components. People are an essential component of this system and can be broken down into two contexts: users and maintainers. In order to build trust with users, we focus on user training, education, and building confidence. We sell products and solutions, prioritizing people and processes to maintain and sustain the system. This is how we structure our cybersecurity programs because attackers target people rather than systems. Instead of looking for patches and vulnerabilities, attackers now study patterns, behaviors, and communication methods such as writing style and email language to commit cybercrimes. Overall, our approach is customer-centric and considers the entire system to provide the best cybersecurity solutions.

In order to build trust with users, we focus on user training, education, and building confidence. We sell products and solutions, prioritizing people and processes to maintain and sustain the system.

ANTHONY SUBERO
PRESIDENT AND CEO OF HITACHI SYSTEMS SECURITY & COO OF HSTCM

Are you considering expanding your training centre to other member states?

Yes, We’re definitely going to charter through Smart Africa. We previously did direct sales business in Ivory Coast, but we’ve been selective about partnerships and felt Smart Africa was a perfect match. Regarding your question, I believe the Ivory Coast Innovation Center is a blueprint we can replicate across member states, with necessary adjustments for any regulatory nuances.

What would you say is your business’s core market or area of focus?

Direct sales are crucial, but we’re currently revamping our business model to stay competitive in the ever-growing cybersecurity industry. Unfortunately, the low barrier of entry means that anyone can start a cybersecurity company, which is a harsh reality we must acknowledge.

But expertise allows you to control your credibility, right?

Exactly. Moving into larger engagements requires credibility, which is built upon your level of accreditation, years of experience, and the number of similar engagements you’ve completed. To expand beyond small operations, we aim to bring value to markets and build stronger relationships, not just sell. We plan to enter new markets, including Africa and India. We are working with one of our sister companies to penetrate the Indian market.

Over the years, I’ve learned that the market can be difficult, even with a blueprint, due to the vast differences in societies. For instance, Africa has a diverse range of cultures, with sub-Saharan and North African regions exhibiting varying levels of cultural influence. Therefore, is it challenging for you to adapt your solutions to these markets, or do you find it easy and adaptable?

Markets can be challenging, but I’ll try to explain our philosophy. We’ve focused on the customer and the market for the past two years. If we see big opportunities in a market, we look for a strong partner who knows the market dynamics. This makes it easier for us to expand, especially if the partner already has a presence in the market.

Smart Africa is a broader topic, encompassing social innovation and many related areas. We need to prioritize and align our investments accordingly. For example, if we enter the cybersecurity market, we’ll need to address issues like automatic controls, infrastructure expansion, and network segmentation. We’ll work with other parties in those regions to make it happen. That’s how we approach our markets: we drive ourselves and take calculated risks.

We’ve focused on the customer and the market for the past two years. If we see big opportunities in a market, we look for a strong partner who knows the market dynamics.

ANTHONY SUBERO
PRESIDENT AND CEO OF HITACHI SYSTEMS SECURITY & COO OF HSTCM

Interesting. So there’s a lot of work to do in Africa, right?

We have experience expanding into new markets and developing customer relationships to optimise their resources. We entered the Caribbean market 19 years ago and grew significantly. We have a similar approach to driving success in new markets by understanding the customer’s needs and developing efficient processes. We recently launched a CISO program for customers and continue to innovate.

One issue we identified is that some of our clients may not have the necessary skills and knowledge to make informed decisions. Therefore, we provided them with training to address any knowledge gaps at all costs. We have a structured training program to ensure they can work with us effectively and bring greater value to their businesses when they return to their respective enterprises.

One of the CEOs once expressed concern that they might leave if we train new employees. However, I countered by saying that it could actually be worse if they stayed without proper training. This approach has been our focus in the last few years.

That’s good. It’s very interesting. I’m not sure why anyone would cross by Hitachi, though.

That’s the problem we have that needs addressing – a strange dynamic. Hitachi is one of the top 100 brands in the world, yet there’s little awareness of our cybersecurity expertise. Our brand is commonly associated with tractors, appliances, and engines, but not cybersecurity. This has led to doubts about our credibility, which must be addressed. To build credibility and relationships –that’s why we are adopting this new approach.

Many Western companies have attempted to enter the African market in recent years, using business models that have worked in their home countries or other markets. However, one major challenge they face is affordability. Services must be priced within the means of the local population, as it is a very price-sensitive market. Political considerations are also important in some countries, and corruption can further complicate matters. All of these factors make entering the African market a challenging prospect for many companies.

In my previous role, I spent about a year in various African countries, which has given me a unique insight into the region. During my time there, I learned two important lessons: the importance of establishing strong relationships and the necessity of packaging proposals. When presenting a proposal, it is crucial to outline the plan, financing, and expected outcomes. Ultimately, the customer has the final say and direction. This approach has been successful for me in Africa, and I have found that a similar model applies to the Caribbean.

Are you attending any other African events, or perhaps the Gitex?

No, this is us. One of the things is that when you lead a company, you realise how much we still have to learn. In particular, we’ve been struck by the variety and volume of activities and associations we encounter. We need to dedicate more time to analysis to understand these factors better. Our goal is to develop a solid approach and build strong partnerships. To that end, we are currently exploring opportunities to collaborate with Smart Africa and other potential partners.

An approach with Smart Africa in terms of the people you can reach, visit many events throughout Africa and the Middle East, but you rarely get this close, high levelness at any other event.

This event offers a unique level of intimacy with high-level individuals, which is difficult to find elsewhere. Here, you have the opportunity to meet ministers face-to-face in a more personal setting compared to other conferences where they simply participate in panels and leave. The environment fosters networking opportunities that are incredibly productive, as we have seen over the years.

I couldn’t agree more. In my 24 years of attending various conferences, this is the first one where I’ve experienced genuine networking. However, success ultimately depends on what happens afterwards. African leaders have demonstrated an interest and understanding of networking with a clear vision in mind. The challenge lies in executing that vision, and this is where we can add value.

Why is it important for Hitachi Systems to be part of this year’s Transform Africa Summit?

I wouldn’t say, “Why is it important for us to be in Transform Africa this year?”. The ideal should be, “Why is it important to be in Africa?” I mean, the potential of Africa is huge. It is no secret as to why global leaders are invested in Africa –It’s the future.

Africa has enormous potential, and global leaders recognise this fact, which is why investing in Africa is important. It’s a strange dynamic because I think it may have depleted their resources in their respective areas. Our objective is to increase our capacity for driving business development and align our focus with sustainability. We believe that the conversations we have had with African leaders have been aligned with our approach. Therefore, it is crucial for us to attend Transform Africa this year and move our business to where the future lies.

So you signed today’s MoU with Smart Africa. Can you tell us a bit more about it?

Our approach focuses on driving processes that lead to self-sustainability in our cyber innovation centres. We define success based on our own criteria, which revolve around proof of values and proof of value. We have structured our centres around three or four key components: incident detection and response training resources.

Our presentation emphasizes the importance of people in managing incident response, detection, and trust. We have developed clear roles, responsibilities, and competencies for each capability. While technology is important, we believe that building capacity and capability is crucial.

Our goal is to develop a solid approach and build strong partnerships. To that end, we are currently exploring opportunities to collaborate with Smart Africa and other potential partners.

ANTHONY SUBERO
PRESIDENT AND CEO OF HITACHI SYSTEMS SECURITY & COO OF HSTCM

Our approach involves a tiered system with tier one, two, and three components. We train people to be competent in tier one and support them in tiers two and three. We build capacity at tier two, support it at tier three, and then build on it further. Eventually, we aim to make our centres self-resilient.

How will you collaborate with Smart Africa to develop and promote digital confidence, services, and solutions?

This brings me back to one of the questions you asked me –there are two dynamics at play: the user and the support. We need to work with Smart Africa to define these platforms clearly and ensure their effective functioning, not just from an IT perspective but also from a process and people perspective. To drive digital trust, we need to develop awareness programs that address security and consumer awareness, emphasising the value that adoption can bring. This is the first dynamic.

The second dynamic that we need to be careful about is sustaining competencies in the Riveras countries. To achieve this, we plan to work with academia to understand specific programs that can be customised to produce a group of people who can support these types of centres. We have learned the hard way that some people come out with degrees but lack practical experience, while others with technical experience lack theoretical context. We need to strike a balance between the two, ensuring that people have both theoretical knowledge and practical experience. To this end, we are working with Concordia University in Canada to develop programs specifically focused on OT security.

So is there an educational scheme one can follow then through this?

Exactly. It could be beneficial if we bring that opportunity to Africa through Concordia. However, it’s not confirmed yet, as we still need to discuss it.

Despite the relatively new Cybersecurity Innovation Center in Cote d’Ivoire, have you already learned any valuable lessons or gained any experiences you could share?

I couldn’t share any lessons other than in discussing the project with our CISO and VP of Strategic Initiatives, Yannick Berneron, who led this project and brought it to fruition; we were struck by the level of acceptance we received. However, when we went to get resources, we found an oversubscription. It was an exciting experience.

Moving forward, we need to develop a training structure that can accommodate 30 people at a time, aiming to train 100 individuals. These trained individuals will then be able to pass on their knowledge to others and improve risk outcomes.

The main lesson we learned from this project is the importance of understanding the dynamics and political context of the environment in which we operate. This is true regardless of the country in question. Nonetheless, we were pleased with how well our efforts were embraced, which motivated us to continue our work.

How can cybersecurity digital transformation help promote economic growth and development in Africa?

My view is that social innovation brings improved socio-economic development for countries through four main components: improving communities and relationships, optimising regional resources, protecting those resources, and ensuring sustainability. Additionally, social innovation should aim to reduce or remove systemic inequity and inequality, which is where it brings its true value. Digital transformation is just one component of this broader social innovation context. While digital transformation enables the movement of data, eServices, cross-border transactions, and more trade, it is important to understand that the social division is wider and more complex.

Why is cybersecurity essential for digital transformation?

Yannick and I use the term cyber security when we speak, but I prefer the term cyber resilience. Moving into the digital space means moving into a virtual context, where you use the software as a service and cloud environments and involve third parties and users.

For example, eServices refer to moving a customer to make payments online and back, which expands your top service. Imagine a house with four external doors and then expanding that to include third parties and customers, each with four doors. Attackers will check every door for vulnerabilities. Weak controls and vulnerability management in third-party contexts can impact the entire ecosystem.

In Africa, cross-border trade, movement of data, and ePayments rely on strong platforms with cyber resilience. Cybersecurity brings structure and resilience to prevent offensive attacks and quickly bring services back up if an attack occurs. This is the value of cybersecurity.

As a first-time exhibitor at the Transform Africa Summit, what is your feedback about the event?

Excellent, Akim. I think the conversation about Africa’s position in ICT is real, particularly from a leadership and thinking perspective. The need for cybersecurity and cyber resilience is understood. However, the concern is how to execute and achieve a transformational state. Capacity and skill are keys, as well as clear collaboration beyond politics.

The level of awareness and commitment the heads of state communicates is refreshing. We no longer feel the need to educate them on the matter. Now, the focus is on finding the right solution and approach to implementing the necessary structures and promoting learning

More News