Joe Mucheru, the ICT Ministry Cabinet Secretary has urged the private sector to bolster investment in cybersecurity to curb the growing incidences of cybercrime targeting Kenya’s digital economy.
Though a recent report by Jumia Business Intelligence and GSMA Mobile showed that Kenya is leading Africa in internet penetration with over 30 million having access to the internet, the positive trajectory has seen a sharp rise in cybercrime targeting financial instutions and mobile money transaction platforms.
Mucheru urged the private sector to invest in cybersecurity infrastructure to complement ongoing Government efforts to curb the vice, citing investment opportunities for players in the internet security space to ensure security infrastructure matches current threat trends.
“We have the Computer and Cybercrimes Bill, 2016 which is headed to parliament. We want to introduce stiffer penalties for cybercrime and online corporate espionage,” said Mucheru when he presided over a funds drive to improve the infrastructure of Lenana School.
The Kenya Cybersecurity Report 2016 published by Serianu Limited, estimates that about 44% of financial institutions run on a paltry cybersecurity budget of US $1-1,000 annually, whilst about 33% of financial institutions in Kenya have US $0 spend on all matters cybersecurity.
“With more than 75.3% of Kenyan citizens formally included in financial services, one would logically expect a correspondent increase in cybersecurity investments in the financial services sector. Regrettably this is the opposite in the case of Kenyan banks,” said Teddy Njoroge the ESET East Africa Country Manager during the recent Connected Summit 2017.
Mucheru said jobs were moving online with the freelancing economy in the United States clocking US$1 trillion and about 34 percent of Americans working online.
“The very essence of introducing Ajira Digital in partnership with Rockefeller Foundation and the
Kenya Private Sector Alliance was to tap online job opportunites for the youth. We will not relent on this initiative because of challeges posed by cybercrime,” he added.
Over one-third of organizations that experienced a breach in 2016 reported substantial customer, opportunity and revenue loss of more than 20 percent, this is according to the Cisco 2017 Annual Cybersecurity Report.
In the report, Chief Security Officers cited budget constraints, poor compatibility of systems, and a lack of trained talent as the biggest barriers to advancing their security postures. Business leaders also revealed that their security departments are increasingly becoming complex environments with 65 percent of organizations using between six and 50 security products, thus raising the potential for security effectiveness gaps.
The CS urged local businesses to focus on opportuntines in addressing potential challenges around Internet of Things (IOT) and mobile communications that are fast becoming new targets of attack by cybercrimials
“In the next one year we expect that over 40 million new devices, mainly smart phones will be imported into the country, all these are potential new targets especially if users are ot aware of the cyber risks,” he explained.
ESET East Africa, that specilises in internet security notes that effective infrastructural cybersecurity measures come at a budgetary cost which must be respected by C-Suite executives if organisations are to tame the constantly evolving cyber threat landscape.
While it is laudable that up to 63% of financial organisations in Kenya have an in-house cybersecurity department, the Serianu report 2016 indicates that only 29% of the employees within in-house cybersecurity departments in financial organisations are cybersecurity trained certificate holders.