Training / Dar es Salaam · Jun 2026
Cohort 02 · Dar es Salaam

Defend the agents already running in East African finance.

A 3-day, hands-on programme for security teams, AI engineers, and red-teamers across Tanzania and the East African Community. Mapped to BoT supervisory expectations, TCRA cyber guidance, and the Personal Data Protection Act 2022. Mornings concept-led, afternoons in lab.

Format
3-day intensive · Hybrid
Dates
June 23, 24 & 26, 2026
Location
Dar es Salaam + Online
Seats
Capped at 40
Reserve a seat View curriculum
The threat surface, in numbers

The data your defence stack hasn't caught up to.

73%
year-on-year rise in Africa-targeted cyberattacks (Interpol AAR 2025)
$4.4M
global average cost of a data breach in 2026 (IBM)
TZS 100M
maximum per-violation penalty under Tanzania's DPA 2022
$240B
global cybersecurity spend in 2026 (Gartner)
Who it's for

Four roles. One room.

We curate cohorts so peer conversations land. If you ship security decisions for a real East African org — bank, mobile-money operator, telco, public-sector ministry — this room is for you.

Track A

CISOs & Security Leaders

Translate AI risk into board-level posture. Build the agent governance framework BoT and TCRA will start asking for.

Track B

AI / ML Engineers

Architect LLM systems that survive contact with adversarial prompts, shadow agents, and exfiltration attempts — including the ones that move via mobile money rails.

Track C

Red Team & SOC Analysts

Hunt for non-human identities across hybrid telco / banking / public-cloud estates. Detect agent drift, prompt injection chains, and tool-call anomalies in production traces.

Track D

Compliance & Risk Officers

Map NIST AI RMF, DPA 2022, and BoT IT-risk guidance to a single audit trail. Stop compiling evidence; start owning it.

Curriculum

Three tracks. Built around how attacks actually move.

Each track runs as a hands-on lab with a Blackbead.ai engineer. You leave with code, runbooks, and a deployment-ready threat model.

01

Protect Legacy Assets with AI Agents

Deploy intelligent agents to continuously monitor, assess, and harden existing infrastructure against AI-powered threats. No rip-and-replace. Mobile-money and core-banking case studies.

Continuous Monitoring Threat Detection Legacy Hardening
02

Secure the AI Agent Ecosystem

The security layer for agent architecture: identity management, least-privilege enforcement, behavioural anomaly detection, NIST AI RMF audit trails. EAC cross-border data flow considerations baked in.

Agent Identity Behavioural Monitoring Compliance Trails
03

LLM Design & Prompt Engineering

Architect LLM solutions end-to-end: model selection, fine-tuning, prompt frameworks, guardrails, and evaluation pipelines that hold up in production. Kiswahili-language adversarial testing included.

LLM Architecture Prompt Engineering Guardrails & Evals
Schedule

Three days. Zero filler.

Two days in-person at our Dar es Salaam venue, a self-paced reading day on the 25th (Eid al-Adha observance), then closing day on the 26th. Hybrid: every session also streams live for online attendees.

Day 01 · June 23 (Tue)

The new threat surface

09:00 – 10:30 EAT
Why legacy IAM breaks for AI agents
11:00 – 13:00 EAT
Lab: mapping non-human identity in your stack
14:00 – 16:00 EAT
Threat modelling autonomous agents (mobile money case study)
17:00 – 19:00 EAT
Cohort dinner · founder fireside
Day 02 · June 24 (Wed)

Defence in depth

09:00 – 10:30 EAT
Prompt injection and tool-call abuse
11:00 – 13:00 EAT
Lab: building behavioural anomaly detectors
14:00 – 16:00 EAT
Guardrails, evals, and red-team harnesses (Kiswahili adversarial set)
16:30 – 18:00 EAT
Live red team exercise · capture the agent
June 25 (Thu) · Break

Reading day & observance

Eid al-Adha public holiday in Tanzania — no live sessions. Cohort receives a curated reading list, the day-02 lab recording, and an optional async office-hours Slack channel with instructors.
Day 03 · June 26 (Fri)

Governance & the road ahead

09:00 – 10:30 EAT
NIST AI RMF, DPA 2022, and the audit trail
11:00 – 13:00 EAT
Lab: writing an agent governance policy (BoT / TCRA mapped)
14:00 – 16:00 EAT
Board-level reporting for AI risk · EAC cross-border considerations
16:30 – 18:00 EAT
Capstone presentations · certification
Compliance

Built for the regulations your board will ask about.

Global frameworks first. East African–specific guidance baked into the cohort labs.

NIST AI RMF
Govern, map, measure, manage — mapped to runtime controls.
OWASP LLM Top 10
Prompt injection, data leakage, supply chain — covered by design.
ISO 42001
AI management system — control mappings + audit evidence.
SOC 2 Type II
Security, availability, confidentiality controls.
DPA 2022 (TZ)
Tanzania's Personal Data Protection Act — data subject rights, consent, transfers.
BoT IT & cyber guidance
Bank of Tanzania supervisory expectations on IT governance and incident reporting.
TCRA cyber framework
Tanzania Communications Regulatory Authority — telco / digital-service obligations.
EAC cybersecurity harmonisation
East African Community draft framework — cross-border data flow implications.
AU Convention on Cyber Security
African Union Malabo Convention — regional baseline now ratified.
MITRE ATLAS
Adversarial threat landscape for AI systems.
Instructors

Practitioners. Founder-led.

Every instructor has shipped the technique they teach into production. No theorists, no resellers. Local practitioners-in-residence to be announced.

BB

Lead Instructor

Blackbead.ai · Tracks 01–03
TBA

Practitioner-in-Residence

CISO · East African BFSI · Track A guest
PM

AI Security Engineer

Agent identity & least-privilege enforcement
TBA

Red Team Lead · EA

Live capture-the-agent exercises · mobile-money scenarios
"AI agents are arriving on the same rails that move mobile money. Defending them needs the same operational seriousness — and it's local practitioners who'll write the playbook for our region."
Programme note · Venue and local partner organisation to be announced two weeks before the cohort.

Cohort 02 is open.
Apply for a seat.

Applications reviewed weekly. We respond within 5 working days. Hybrid attendance available across the EAC.