As we become more connected to the internet day by day, cyberthreats increasingly go up the ladder. As our needs and expectations grow, so do the features and functionalities of cyber security tighten more. But are sure of what links you are clicking on? What does cybersecurity have to do with your day in day out connection over the internet? This is the narrative of John Musyoki, absolutely bright brains in the field of tech, who offers insight on cybersecurity.
Johnny Musyoki1
Can you tell us a bit about your background
My name is John Musyoki, a Bachelor degree holder in IT, specialized in security. Currently working at as a security engineer at Deloitte East Africa. My expertise spans across various domains, including network security, threat intelligence, and incident response. I have authored several articles on Medium on cybersecurity best practices and have been a keynote speaker at numerous industry conferences. My passion lies in developing robust security strategies that not only protect organizations but also educate individuals on the importance of cybersecurity in our increasingly digital world.
How did you grow an interest in cybersecurity?
I developed an interest in phones as I was growing and although they were not as advanced as they were as the moment, I could be able to access the internet and browse. I remember I would take my mother’s phone and subscribe her bonga points to convert them to data where I would download music on waptrick music downloader. With this realization, they enrolled me for computer packages when I was at around class 4 to learn the basics of computer. I later joined high school which offered computer science and at around form 2, while I was still deciding whether to pursue computer science or not, I got myself a smartphone.
I experienced bullying online and it got me wondering how I would shut the guy down and it led me to searching for a hacker.
I experienced bullying online and it got me wondering how I would shut the guy down and it led me to searching for a hacker. In the midst of my long desperate search I came across one who had advertised themselves and I decided to reach out and once in touch he sent me an application to install on my phone and as innocently, I installed not knowing that by this action the so called hacker could take control of everything that was happening on my phone, from my messages to call logs and he started threatening me to pay him around two thousand but I managed to bargain up to four hundred shillings. It challenged me to get to the roots of how one would be able to hack my phone and that is how I grew interest in cyber security.
What motivated you to pursue a career in this field and how was the experience?
After high school I got a scholarship in Westlands at a program known as Zalego where I got an opportunity to learn about building website application and later I joined Zetech University after pursuing political science at Multimedia University. I spent a lot of time in the library trying to google what hacking was, who were the top hackers in Kenya and what the nature of their work was. My interest grew more and more each day to feed my curiosity.
I remember at one point I managed to hack my own phone and I couldn’t keep calm. I contacted almost everyone on my phone to let them know that I had managed to hack my own phone and how I went about it. Then I realized that I could take it a notch higher since people were even paid to protect organizations from threats. I challenged myself to become better that I may make impact just like others who were in the cyber security profession.
Describe to us your current roles and responsibilities
I am currently a security analyst. It involves breaking into systems, networks and servers where afterwards we analyze the way we used in order to break into the systems, and come up with recommendations to our clients and show them the impact it could cause to their systems and advice on how they could keep a step ahead from bad guys.
Read: Insider Tips for Scaling Your Airbnb Rental Business in Nairobi.
Enlighten us on what cyber security is
Many people confuse cyber security to what they see on movies and it is never the same as how we see people pressing a button and after five minutes they gain access to something and save a whole world. Cyber security entails protecting information that is on transit from networks systems making sure that systems we develop are safe and making sure that companies have the right procedures and policies to be followed.
What are the most significant cybersecurity threats today?
Ransomware. If a ransom ware attacks your device, it encrypts all your data. That means that someone will hold your data and you will not be able to access your data.
How do you see the landscape of cybersecurity evolving over the next five years?
A lot of attacks will happen especially now that technology is advancing. With the emergence of Internet of things, (IoT), which one is able to automate some repetitive things and also emergence of smart houses and other many automated functionalities, there will be a lot of more advanced insecurities and threats. It will be advisable that as technology grows people may get more sophisticated means to protect their data.
What are the most common mistakes organizations make when it comes to cybersecurity?
Assuming that they are safe while they are really not safe. There is no organization that is a hundred precent free from cybercrimes. There is need to keep updating systems in order to divert attacks since attackers are always on the move.
How important is it for organizations to invest in cybersecurity training for their employees?
Employees are most often the weakest link to gain access in any organization. It is advisable that a proper training is given to the employees.
There is no organization that is a hundred precent free from cybercrimes.
Can you walk us through a recent cybersecurity project you worked on?
Around last year I worked on a project where I helped a client automate some cyber security task where it involved people to come and intervene physically to attain his goal. Luckily my team and I were able to come up with a solution and tried to fine tune the solution to detect some of the attacks automatically and prevent them without the intervention of a human being. Though challenging, I was able to automate successfully after much consultation and it ended up being one of my biggest achievements in the cyber security space.
How do you stay updated with the latest trends and developments in cybersecurity?
I am part and parcel of communities within Kenya that majorly compose of guys majorly in the cyber space working in different areas and every time on such WhatsApp forums they are always sharing what is trending, people share articles they come across about Google and Microsoft and other huge companies that face threats and by these we are able to know of the possible and emerging threats in tech. I have also customized by LinkedIn on security matters and follow relevant people to keep on the know.
What advice would you give to individuals about protecting their personal information online?
Try to limit information your share online. Mostly with the advancement of Artificial intelligence it is very easy for one to be impersonated and be traced making it easy to conduct ills like abductions and spread of false information. Use two step verifications that will give hackers a hard time to access your accounts and use strong passwords that are not too predictable like dates of birth or years. Use complex passwords that no one can easily remember.
What innovations in cybersecurity excite you the most right now?
The recent development of artificial intelligence where we have numerous chat bots that have been used to automate Ai which have assisted in our daily lives where we do not have to struggle too much to get things done that are not easily possible by the normal human.
How can startups and small businesses effectively implement cybersecurity measures without a large budget?
We have of people who have opened up open source. Open source are solutions that are open to everyone and it is accessible to anyone that they have a liberty to even customize it. Before coming up with a startup it is advisable to come up with a plan on how they will integrate security.
What advice would you give to aspiring cybersecurity professionals?
Getting stuck is part of the process so get someone who will guide you through that you may be able to face challenges. Patience is also very vital and the fact that cybersecurity is wide, it takes time for people to know how systems and operations work and that cannot be learnt in a single day.
Can you share a particularly memorable or impactful moment from your career?
When I joined Zetech I started a community towards the end of 2021, where we got support from a company of women in technology known as She Hacks. We invited people from the industry to talk to us and share their experiences. I am glad that the club still lives on. I still get calls from time to time from students sharing how a particular tool or hack we taught has led them into achieving great things like jobs and huge opportunities and such moments I feel very humbled that I was able to impact a life.
Follow our WhatsApp Channel here to stay updated
What qualities do you believe are essential for someone to succeed in cybersecurity?
Being technical and huge jargons do not really help. Being able to communicate with people is what is key. Being able to interpret things in a way everyone is understanding is what is required.
What is one myth about cybersecurity that you would like to debunk?
Cyber security is just not as easy as it seems. It does not only entail sitting behind a computer and pressing on buttons. Just like any other form of work, a lot of effort is required in cybersecurity. People also think that you should be super technical to be in cyber security. Cyber security is wide and has areas like governance that do not need coding and technicality to operate.
In your opinion, what is the most underrated aspect of cybersecurity?
Reports. After doing work in cyber security, it is null and void without a report. The reports is needed to serve as evidence of works done and also for future reference.
Is there anything else you would like to share with our readers about the future of cybersecurity or your personal journey?
We need a lot of training when it comes to awareness. With the recent evolvement with Artificial Intelligence, we need to be more alert to discern what is fraud and what is not fraud on the internet. Realism is essential which causes ripple effect where you can teach someone on what happens if they click onto unsafe links and they go about and spread word to others.
How can people reach you?
- John Musyoki cybersecurity on Linked In.
- Johnie_Musyoki on Instagram and Twitter.
- John Musyoki on Facebook.
Wow this is quite amazing Kanji. I’m inspired 👏