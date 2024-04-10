Kenya has witnessed a surge in ransomware attacks targeting organisations of all sizes.

According to the Cybersecurity Report for October to December 2023 by the Communications Authority of Kenya (CA), there was a significant increase in cyber threat events during this period, reaching 1.2 billion, marking a staggering 943.01 percent rise from the previous quarter's 123 million.

Advanced Persistent Threats (APTs) have also been on the rise. These threats, often state-sponsored, infiltrate computer networks and remain undetected for extended periods. There have also been supply chain attacks involving the compromise of software or hardware of trusted vendors and suppliers to gain unauthorised access to targeted organisations.

Further, as most organisations move to the cloud, they will face challenges such as misconfigurations, insecure Application Programming Interface (API)s and data breaches in the cloud platforms.

It is recommended that boards should enhance their cybersecurity competencies and oversight capabilities. The board composition should include a member with relevant IT and cyber security knowledge to enable the governance body to discharge their fiduciary responsibilities in cyber risk management.

Key roles of the risk manager include positioning cyber security as a business value creation driver for internal teams. Risk managers should constantly communicate the value of these efforts to all the stakeholders within the organisation.

They should develop cyber risk frameworks which are guided by threat exposures identified through a cyber risk assessment; encourage a collaborative approach in risk management through decentralising cybersecurity management and involving non-technical business departments; and build and enhance threat detection and response capabilities through automation.

Risk managers can get threat alerts on a real-time basis, such as the location where the threats happened to enable them to make decisions quickly.

Risk managers should have in place an incident management process to respond to a service interruption and restore the service to its operational state. They should also institute controls to prevent the recurrence of the issue.

Cyber risk management is the responsibility of all and not the risk manager/IT. Organisations should move from a policing mindset to one that promotes an integrated, comprehensive cyber strategy powered by people, processes, and technology.

Regular refresher training should be organised to remind staff of their responsibilities.

Regular vulnerability assessments and penetration testing with focus on both identifying and remediating.

Ensuring that third parties (supply chains) systems are protected. Protecting a business partner’s ecosystem and supply chain is just as essential as building their own security infrastructure.

As part of responding to cyber risks, an organization could opt to transfer the risk to an insurance company through obtaining a cyber insurance policy.