The Kenyan government is making significant investments in cybersecurity centers of excellence to unify efforts in protecting cyberspace and foster collaboration between government agencies, the private sector, and global partners. Internal Security Principal Secretary Raymond Omollo emphasized the importance of building robust cybersecurity capabilities, especially as Kenyans increasingly rely on technology and face more sophisticated cyber threats.
During his remarks at the Cyber Week Africa 2024 Conference and Expo held at the University of Nairobi, Omollo highlighted the diverse sources of cybersecurity threats, including state-sponsored actors, hackers, and individuals misusing their skills for malicious purposes. The four-day conference aims to raise awareness about cybersecurity, build capacity, and deepen understanding of associated risks. Government agencies and industry leaders will share crucial information to enhance the protection of Kenya’s cyberspace.
Omollo articulated Kenya’s cybersecurity strategic vision, which is focused on creating a safe and secure cyberspace for all. He noted the necessity of ensuring that defenders maintain an advantage, protecting Critical Information Infrastructures (CIIs), and maintaining resilience against potential cyberattacks. He warned that cyberattacks on CIIs could jeopardize national security, public safety, and economic stability, given the heavy dependence of both the government and private sectors on ICT for service delivery.
Furthermore, Omollo stressed that the nation’s future relies on strengthening its cyber education system and expanding the national cybersecurity workforce. He pointed out that no technical solution would be effective without skilled professionals to implement them. He also called for coordinated efforts, response structures, and regulatory clarity in an environment where innovation and cybersecurity intersect.
Recently, Kenya has seen an increase in abnormal global internet traffic targeting several CIIs, aiming to disrupt essential services. This trend underscores the urgent need for enhanced cybersecurity measures to protect the nation’s digital infrastructure.
The telecommunications, banking, and education sectors in Kenya are currently facing significant cybersecurity threats, with Distributed Denial of Service (DDoS) attacks becoming increasingly powerful and sophisticated. In response to this growing concern, the Kenyan government has reinforced its legal framework with the enactment of the **Computer Misuse and Cybercrime (Critical Information Infrastructure and Cybercrime Management) Regulations, 2024. These regulations, developed by the National Cybersecurity Coordination Committee (NC4), operationalize the **Computer Misuse and Cybercrimes Act, 2018**.
For the second consecutive quarter, the telecommunications industry has been identified as the most targeted sector in Africa, closely followed by the Banking, Financial Services, and Insurance (BFSI) industry. Most attack traffic is reported to originate from Asia (35%) and Europe (25%), highlighting the global nature of these threats.
The Principal Secretary, Raymond Omollo, stated that these regulations, along with other legislative measures, form a foundational framework for protecting Kenya’s Critical Information Infrastructures (CIIs). This legal reinforcement aims to enhance the country’s resilience against cyberattacks, ensuring that essential services in key sectors can continue to operate securely amid rising cyber threats.
