The Current state of Cyber Security in Kenya.
The current state on Kenya in readiness to cyber security poses room for improvement, incidence response management and the ability to proactively, ensure business continuity after an attack. Data has been the one of the new organizations most valued assets and its loss may result to customer in-satisfaction and organizations such as the East Africa Recovery experts in Kenya has assured the ability to recover from such experiences. Organizations are incessantly gathering information and data across every element of their business transactions and its reliance is exponentially growing.
Cyber security has been a global issue and Kenya is not an exception. What drives to the conclusion of the weakest areas in cyber security is as a result, of the most affected areas by cybercrime activities. Hence, becoming an easy target. An easy target could be due to known vulnerabilities that are unpatched to the target organization leading to their exploitation and eventually resulting to an attack.
Technological users occupy majority of the Kenyan Cyber security threat stage. This is lack of awareness among technology users, concerning secure information handling and best practices. Many of these users mostly customers and employees have insufficient knowledge on the level of risk they are exposing themselves and their organizations to, while interacting with this technologies.
Kenya lost approximately Sh21.2 billion to cybersecurity in 2017, second only to Nigeria which lost Sh65.5 billion. This is according to the Cyber Security Report by Serianu that highlights the following:
- Numerous attacks on mobile money through social engineering, use of malware and account personifications.
- The largest contributor of direct losses in cybercrime in Kenya is insider threat.
- E-Commerce Platforms hit with more Online Scams, ATM Card Skimming and Identity Theft.
- Low levels of security awareness.
- Malware targeting critical mobile and internet banking infrastructure are on the rise.
- Insider threat is still the largest contributor of direct losses in cybercrime.
- Technical training of employees is insufficient.
- Lack of practical regulatory guidance from industry regulators and government.
- Only 3% of reported cybercrimes are successfully prosecuted
This has called for both the private and government sector in filling the cyber security gap. This has however lead to a global collaboration with the local Kenyan firms in capping the menace. Among this are the Microsoft. Microsoft estimates that cybercrime-related losses will cost the global economy over Sh600 trillion up from Sh300 trillion reported in 2016. Which has risen to 860$ trillion globally due online illegal markets in accordance to a survey done by Dr. Michael McGuire, Senior Lecturer in Criminology at Surrey University.
Kenya has however passed a bill in Computer and Cyber Crime into law known as the computer and cybercrime law. This law recently has been very effective in prosecution of fake news. This fake news are mainly spread through social media and local media firms through online publishing. This however has been hurdled by various challenges including its implementation during court trials but this is a big step in achieving a safer cyber space in Kenya.
The future of cyber security in Kenya shall characterize a representation of immense growth and collaboration between local and international firms. The integration of local cybersecurity firms acting in collaboration with the government. This also includes organizations taking to their agenda the need to secure their digital and information infrastructures, the need to educate their employees on secure computer/technological usage. However, in order to curb the cybersecurity skills gap in the country, higher learning institutions should have hands on training of their students on matters concerning the cyber security field and resolving issues on programs that suffer from take back curriculum to more programs that are specialized/current. This is possible by partnership with local cyber security firms such as the East Africa Recovery Experts.