Why cybersecurity preparedness must be a national priority in Kenya

Kenya has witnessed a surge in ransomware attacks targeting organisations of all sizes. 

Photo credit: Photo | Shutterstock

Despite the widespread acknowledgment of the impact of the digital economy, a disturbing gap exists between awareness and action.

While 90 percent of CEOs recognise the transformative potential of the digital economy, for example, less than 15 percent are actively executing a digital strategy, leaving organisations vulnerable to cyber threats.

In Kenya, recent incidents have underscored the severity of the threat, with fraudulent activities and financial fraud emerging as persistent challenges. Between January and March 2024, the National Computer Incident Response Team-Cordination Centre detected over 900 million cyber threat events.

Mobile devices, despite driving digital penetration and access, have become the primary platform for financial fraud, highlighting the urgent need for enhanced cybersecurity measures. The prevalence of remote code execution as a favoured method by threat actors further underlines the sophistication of cyber threats facing the country.

Recent investigations have revealed alarming instances of bank fraud, with millions of shillings fraudulently disbursed and transferred to various accounts and financial institutions. These incidents not only highlight the financial impact of cybercrime but also the need for robust regulatory frameworks to combat such threats effectively.

In response to the growing cybersecurity challenges, the National Assembly passed the Computer Misuse and Cybercrime (Critical Information Infrastructure and Cybercrime Management) Regulations, 2024. These regulations, drafted by the National Computer and Cybercrimes Coordination Committee (NC4), aim to strengthen cybersecurity governance and enhance coordination among stakeholders.

The regulations outline measures to address cybercrimes, fraud, identity theft, and hacking, while also prioritising cybersecurity capacity building for public and private entities. By equipping organisations and individuals with the knowledge and tools to enhance their cybersecurity preparedness, the regulations seek to mitigate cyber risks and safeguard Kenya's digital future.

As Kenya embraces the opportunities of the digital economy, cybersecurity readiness must be elevated as a national priority. Organisations and individuals must proactively adopt cybersecurity best practices, while policymakers must continue to strengthen regulatory frameworks and promote cybersecurity awareness.

The writer is a researcher at Kenya School of Government.

PAYE Tax Calculator

Note: The results are not exact but very close to the actual.