Logo
Blog
Opinions

The Private Intelligence Agency

Opinions

CYBER & DIGITAL RISKS IN KENYA

Why Companies Must take CyberSecurity Seriously?


Cyber-attacks have become prevalent today with research showing that one occurs every 39 seconds and the news media are always awash with one cyber-attack on a company after the other. The latest data from Communication Authority (CA) show that for the quarter that ended December 2020, Kenya experienced over 56 million cyber threats, a 59% rise from the previous quarter when 35.2 million threats in the previous quarter.

The data from the National Computer Incident Response Team Coordination Centre shows that the country experienced 46 million malware attacks, 7.8 million application attacks, and about 2.2 million Distributed Denial of Service (DDOS) attacks. The rise is due to the increased online activities as a result of the COVID-19 pandemic that has forced most businesses to take their operations online making them vulnerable and susceptible to malicious online attacks. 

What is Cyberthreat/Attack?


A cyber-attack is a targeted attack that is mounted against digital devices that an individual or company uses within cyberspace, with the aim of stealing data, damaging data, or disrupting the digital operations of a business or an individual’s life.

Given that most businesses today store their customers’ data online and use the digital space to conduct their day-to-day operations, it is thus imperative that business in Kenya and Africa take their cybersecurity seriously to avoid the following consequences of a cyber-attack:

1. Disrupts the daily operations of a business

2. Result in loss of revenue to the company from the disruption of business activities and payment of a ransom in case of a ransomware attack.

3. Tarnish the reputation of a company. Data breaches compromise the security of private and confidential information that customers give to companies hence they became afraid of identity theft when cybercriminals get access to their highly sensitive data such as bank accounts number and passwords.


Two fronts are exploited by cybercriminals to disrupt business operations and they include:

Indiscriminate Attacks

Cybercriminals launch indiscriminate attacks not caring who becomes the victim as they seek to gain control of their digital devices. They use the internet to gain access using the following techniques:

Water holing- The technique allows cybercriminals to set up fake websites or compromise legitimate websites to exploit visitors.
Phishing- The technique involves randomly sending emails to a large number of people in which sensitive data is asked or recipients are asked to visit fake or compromised websites.
Ransomware- This access is achieved by sending disk encrypting extortion malware that denies users access to their files until the demanded ransom is paid via cryptocurrency. Some famous ransomware attacks include Bad Rabbit, Cryptolocker, Locky, and Petya.

Targeted Cyber Attacks

Cybercriminals in targeted attacks single out your organization due to their own interest or having been paid to target your business.

A targeted attack is more disrupting and damaging to a company as the malware attack is specifically tailored for your personnel, systems, and process and is executed using:

Spear-phishing- involves sending emails with malicious software or links to malware downloads to the identified individuals in an organization to gain control of the system or their personal information for blackmail and extortion.
Distributed Denial of Service (DDOS) Attack- Involves deploying a botnet that renders your website inaccessible to your legitimate users.

Adjustment of national cybersecurity frameworks

Countries have adopted an agile approach that enables them to update their national cybersecurity accordingly to keep pace with the ever-evolving world of cyber risks. Governments have adopted a multi-stakeholder approach by establishing legal and regulatory frameworks while also setting up agencies or units such as National Computer Incident Response Team Coordination Centre that allows businesses and individuals to report cyber-attacks threats and incidences.

Increased International Cooperation

Safety in cyberspace requires constant international cooperation. Kenya has joined the rest of the world in safeguarding cyberspace by enabling collaboration through policy, law enforcement, and technical level to curb and thwart cyberattacks in their infrastructure and operations.

Awareness Campaigns

Latest cyber-attacks such as the Facebook data leak of 533 million users and the SolarWinds Hack are proof that no country or company in the digital space is immune to a cyber-attack as that one “bad click” that can disrupt a company’s business operations and breach customers’ sensitive data. As such, governments have launched awareness and educational campaigns that empower children and vulnerable demographics on the measures to take to ensure they are safe while online.

Collaboration with the Private Sector

Cybercrime is an evolving phenomenon hence governments must be ready to collaborate with private companies to gain new insights, share intelligence, and for benchmarking purposes to keep pace in thwarting new threats.


Cyber Security Training

Businesses need to secure proprietary and sensitive information. Therefore, to understand, implement and maintain cybersecurity, Somo Group provides training to employees to ensure they have the right skills to thwart cyber-attacks and threats that an organization may experience. The training to an organization can range from Linux training, End-user Cyber Security Awareness Training, network security training to secure application development training

Penetration Testing

Somo Group checks organizational infrastructure and systems to identify vulnerabilities that can be exploited to launch a cyber-attack. PEN-TEST involves simulating a hacker’s activities when seeking to discover vulnerabilities in a website, application system, and network.

Information Security Audit Services

Private security firms are keeping organizations safe in cyberspace through IS audit which is a technical and systematic assessment of their security status. The aim is to evaluate the efficiency of existing security policies in meeting the requirements and expectations of the company. The scope is wide and includes the following:

Application Security Audit

Access Control Audit

Compliance Audit

Information systems development or acquisition and maintenance Audit

Physical Security Audit

Data Center Security Audit

Incident and Business Continuity Audit

Digital Forensics and Investigation Services

Private security firms have a role in seizing digital evidence, handling it, preserving it, and using it to conduct an investigation and make a report that is admissible in the court of law. In the aftermath of a cyber-attack, they can help organizations retrieve deleted, encrypted, or damaged data or detect violation of the company’s cyber policy.

Development of Cyber Security Policy

Private security firms provide consultancy services to businesses in Kenya during the development, implementation, and monitoring of a cybersecurity policy. The policy describes an organization’s security control and protocols in handling confidential data, incident management, password requirement, handling of removable devices such as USB Flash disks and Email Standards.

The Weak Link in Digital Security

People especially your employees are the weakest link in digital security as 39% of the cyber-attacks are due to human factors. Threats posed by employees or insiders affect 34% of global businesses. Often these employees intentionally act to hurt the company or do so accidentally due to negligence or ignorance of cybersecurity policy. As such, as remote work increases, companies need to seek the services of cybersecurity companies such as Somo Group to train their employees on the best practices to secure their systems, networks, and data to eliminate possible vulnerabilities.


Best Practices & Emerging Solutions in the Fight Against Cyber Attacks


Preventing and stopping cyberattacks is essential for all businesses that operate online. In light of this, the following best practices are recommended in maintaining cybersecurity today in Kenya.

Conduct Cybersecurity Training for your employees

Ensure Endpoint Protection for devices on the company’s network

Keep your systems and software up to date

Backup your data

Install a Firewall on the network to block brute force attacks

Control Access to your systems

Ensure WIFI Security

Require Unique Passwords across different applications and websites

Leave A Comment