Zero to One, An interview with Dr. Bright Gameli.Wachira John
The guest I’m about to present is one I honestly lack the words to describe, but here’s an attempt. At his age, his achievements thus far are a thing to behold. He is down to earth humble and very sociable. I don’t think there is a person he can’t interact with. He is a wizard with computers. If you thought computer geeks are unsocial, check again. I was thoroughly impressed and inspired by his story to where he is right now and I hope that you will too. On a personal note, his guidance and help since we met has led me to view him as a mentor.
Meet Dr. Bright, an embodiment of quintessence:
Who is Bright?
Bright is a very simple fella; a simple person who’s full of life and a people’s person. I love to joke around and work at computers. I’m also a hyper person, simple but hyper.
How are you so good at computers and be equally good socially?
I’m an outgoing person and that helps me stay calm. And the fact that I like talking to people; the more I talk to people, I get to know what they think, how they think and to know what their perspective of other things are. For instance, I can pick out a person randomly and I don’t necessarily have to know them and I can ask questions like why they’re wearing a blue tie and brown shoes. That person has his own reason and I learn from that. Basically, I tend to be outgoing because that’s how I get more knowledge, businesses, and connections.
Did you always know that Cyber Security was what you were going to do from a young age?
No, I was initially interested in programming. At age 7, I wrote my first virus program. I used to tinker with computers, put them apart then piece them back together. At some point, I went for a computer class that was supposed to take 8 weeks but I got bored within the first thirty minutes. I took the exam which I did and aced in 4 hours. I came to Kenya at age 14 and created my second virus out of frustration. It was just a simple thing I did because I couldn’t run fast to the only computer during lunch hours. The function of the simple virus was to block out everyone except me from using the internet. At University, that’s where I felt that the gap in security was a problem after a series of attempted hacks on the school’s network. There were vulnerabilities everywhere and I thought why not, securing systems can be the future. That was where I started getting a different perspective about Technology.
How was it that you were able to write programs at age 7?
My dad introduced me to computers. He had a briefcase computer which I decided to work with. He got a guy called Nelson to come teach us computers. Nelson showed us the command prompt and I fell in love with computers. Though at the time I wasn’t quite the reader, I read the entire MSDOS 6.0 book, back to back. We also had this neighbor, John and Mary Batholomew who used to go to my dad’s office when there was internet to surf at 6 in the morning. My parents especially my mom would wake me up to go join them to see how computers and the internet worked. Incidentally, I got to meet a cousin of theirs not knowing he was a co-founder of Bell Labs with Steve Wozniak, what we now know as UNIX. That formed the foundation for me and computers. I currently use UNIX every day for all kinds of work.
This virus you wrote, what was it about?
My teacher pissed me off so I wrote a virus which basically crashed and formatted her computer. She had to reinstall everything again more than twice.
Other than security, what else do you do?
I practice Martial Arts, I break dance and watch a whole lot of series.
How do you balance out the ton of stuff you’ve got going on?
I find the time and I try to balance them out. Sometimes, I’ll be doing two things at the same time like watching a series and reading a script. I read Twitter every day before I sleep. When I read anything that I feel is important, I retweet or send it to my email. I the morning, I check my LinkedIn when I get to work. During the day I go over what I’d sent the previous night. What I need to practice I practice but I still go on with my normal work. I also make sure that my company Foresight Tech Group is running. I also have AfricaHackOn, but I have help running it by other people and I have mentorship for a few people.
On mentorship, what do you hope that a mentee of yours would get from you?
That they become not exactly like me but better than me. I wish that my mentees would do way better than me. When I’m mentoring people, I want them to do something which they’ve never done to a point where they can teach me. A typical example is a guy called Charles Muiruri. He was an android developer. I talked to him for just 2 months, guided him on Security and he’s become a pro cyber security coder for Android. He is doing well.
How did you get a Ph.D. at 28 years?
That was a mistake.
How was it a mistake?
I worked as an intern for a year eight months before leaving for my masters in South Korea on scholarship. The masters required 24 credits but I didn’t know that. My professor was really good, he didn’t tell me. He kept me going on and on and I ended up doing 40 credits. He then advised that instead of wasting all those credits, I channel them to Ph.D. That’s what I did. It was really tough though. Living in Korea is not easy. It’s fun and nice but getting money is a problem. Koreans also read a lot. Their culture of studying is different from ours so I had to adjust. I persevered. A Ph.D. required 36 credits, having done 40 credits instead of 24, I was exempted from 6. I was able to finish all the entire 30 credits in one and a half years. Most people don’t do that; most people do 3 credits per semester; I did 10 per semester for 3 semesters. It’s also required that you write a research paper of which I started after the beginning of the course and not at the end. this enabled me to finish everything in the last semester of the 2 years.
But it’s paying off, right?
Yeah, it paid off but there is a misconception that if you have a Ph.D. you must have money. When I came back to Kenya, people thought I’m rich. Ladies thought I could do stuff, buy a car, others telling me I should never take a boda-boda but I was like cmon, I’m a human being. It was also hard to get a job. People thought I was more academic than practical because I did not work for too long before I started school. But there was an opening at Cellulant, where I used to work and I came in to head the team. You can imagine coming from an intern to a Cyber Security group head of 11 countries. That’s a big deal to me.
What does your work involve?
It involves trying to secure the systems that we run. Basically, we become the hackers trying to stop other hackers.
Do you have a favorite hack?
Exploiting a system to gain full access to it
What hobbies do you have?
Watching series, kung fu…
Why Kung Fu though?
It’s a very good art. It took away my asthma during my difficult days. I used to be asthmatic but now I can run without having to feel like I’m choking. Although I still breathe hard, it took away a lot. It gave me discipline such as controlling anger and also relating to other aspects of life. People think it’s just an art to throw your legs and arms but it’s a tool that puts you to shape both mentally and physically.
What the state of Cyber Security in Kenya?
It’s really bad. The positive side is that people are getting to be aware and know that Cyber Security is needed but they’re still not convinced that they need it. It is time for people to understand that they need Cyber Security in their organizations. That’s going to take some time though but I think we’re getting there. We’re better off than most countries not just in Africa but globally.
How was AfricaHackOn born?
It started in 28th September 2013. It started because I wanted to go to DefCon and BlackHat in the United States but I couldn’t go because it was expensive and I didn’t have the funds. So I had to form something of my own because I knew we have skills in Kenya. So I met a guy called Lewis Ng’ang’a online, we talked, put a few minds together, looked for funding, and now AfricaHackOn is big. So we are trying to make sure that people are Cyber Security aware in a different way. We use hands-on demonstrations not just dull Death by PowerPoint presentations.
What’s your advice to anyone wanting to become a Cyber Security Engineer?
Get the basics right. Most people just want to hack but they forget they have to understand basic programming, basic networking, and basic computing skills. Understand Linux as an operating system; without it, you can’t do anything in Cyber Security. They also have to be dedicated, very passionate about security and willing to be guided. Apart from that, they should know people in the industry. According to LinkedIn, Cyber Security is among the top three jobs that are going to be in demand in the next one year. People should get out and pursue security.
Is the Curriculum sufficient to learn Cyber Security?
No, the curriculum is not strong enough. I’d say we need to revamp the curriculum and incorporate more Cyber Security topics in there.
The AfricaHackOn conference that’s coming up, why should anyone attend?
People should attend because they’ll see things they’ve never seen before. It’s going to be very practical. It’ll show people how vulnerable they are and how they can secure themselves.
Closer home, how are banking apps vulnerable?
Banking apps are vulnerable in the sense that somebody can find details about you from those apps. Someone can reverse engineer those apps and when they give you the reverse engineered app, you’re compromised. The hacker has access to your, call logs, messages, WhatsApp details, and the camera. They can record you when you don’t even know it. That’s invasion of privacy and the majority of apps do not follow the Secure Software Development Cycle.
Does this mean software developers should learn how to hack?
No, software developers should just be security conscious. They don’t have to be security engineers. The problem is that software developers’ focus only on functionality. If the app is working, they’re okay. They should be security conscious to avoid security loopholes.
Do you have mentors/role models?
Yeah, my parents are my mentors. I have another mentor called Wambura Kimunyu, Head of Cars at One Africa Media. She guides me a lot when it comes to career and then there’s one Linda Kamau; one of the co-founders of Akira Chix. I talk to her a lot when it comes to what I’m supposed to do in the tech industry. She’s a techie herself so she advises me a lot.
Where do you see yourself in the next 5 years?
From the way, I’m handling business and 9 – 5. I think I can continue for a while. But I do want to run my own company eventually. Just trying to weigh and test the waters of the country and see what works better. If not, I should be at a very high position where I’m sustainable.
Why Kenya? Why haven’t you decided to go back to Ghana?
Ghana is a bit slow when it comes to Cyber Security at the moment even though technology, especially mobile is moving at a fast pace as much as Kenya who seems to be ahead. If I stayed one more year before coming back to do Security in Kenya, it would have been flooded with everyone doing the same thing and possibly mediocre. Right now, it’s a flooded market so we need to dominate it. Better yet, it’s something that I’ve always wanted to do. The team I want to work with is here, the trust is here.
So you are in Kenya to stay…
For now yes. Possibly marrying a Kenyan so that’s another good reason to stay.
One step at a time.
AfricaHackOn is holding its annual conference in a couple of days. Ticket sales close tomorrow. Dr. Bright and other Cyber Security engineers will be present doing live demonstrations showing how you could get hacked and most importantly how you could secure and protect yourself.
Head over to www.africahackon.com for more details.