With Cyber security threats to online businesses growing at an exponential rate, the Ministry of ICT has called upon stakeholders to prioritize cybersecurity and adopt a proactive approach when dealing with cybersecurity matters.
The call comes as Kenyans running online businesses and the increasingly ubiquitous payment portals, are the latest target by cybercriminals.
This revelation emerged during the inaugural Africa Cybersecurity Congress held in Nairobi, a development that has been fueled in part by the exponential growth in use of mobile payments.
The Ministry of ICT Director, Hesbon Malweyi, said there is a need to invest in cybersecurity capacity building, especially with boards and C-Suite level management.
This, Malweyi noted, will enable them to gain the fundamental knowledge and skills to investigate risk assessment and management frameworks that help mitigate dangers, as well as identify potential security gaps that could prove a liability to an organization.
The Director made the remarks, Monday, in a speech read on his behalf by the Principal Cyber Security Consultant, Felix Atandi, during the official opening of the Congress.
“Kenya’s global competitiveness and leadership in the region, including as an ICT hub will depend on its ability to deploy ICTs in all aspects and sectors of its economy. Further, internet penetration and the adoption of ICTs has increased in the country, leading to more sophisticated cybersecurity related incidents,” said Malweyi.
Nonetheless, the director noted the Communications Authority of Kenya reported a 47.3 percent increase in cybercrimes in the past year reaching 37.1 million separate attacks.
“The Government is taking steps to increase the security and resilience of its critical information infrastructure to protect citizens and corporations from cyber threats and to reap the social and economic benefits of cyberspace,” he added.
He highlighted that Kenya’s ICT Policy which came into effect in 2006, can be credited for providing the overall direction for the creation of an enabling environment for ICT growth and usage in Kenya. To achieve the Vision 2030 goal of Kenya as a regional ICT hub, the ICT sector was expected to contribute directly and indirectly an additional 1.5 percent to Kenya’s GDP by 2017/2018 Financial Year.
However, Malweyi said, it is important to note that the continued use of such platforms presents a growing sense of danger to the safety and security of such platforms. In fact, Kenya loses millions of shillings daily due to weak cybersecurity.
In this regard, he cited that the government developed the National Cybersecurity Strategy which supports the three pillars of the Vision 2030 and supports other national initiatives such as the National ICT Master Plan (2).
Agora Group Co- founder and CEO, Hadi Maeleb, said that more than 90 per cent of the business owners were unaware that their enterprises were at risk.
“Cybercriminals are now targeting small businesses more as they have realized that these enterprises do not believe they would be exposed due to their comparatively low turnovers, until they lose their data and payments are compromised,” said Maeleb.
He noted that there is no silver bullet to cybercrime and in addition to awareness about the threats, the business owners must go beyond to invest in cybersecurity tools.
Unfortunately for them, Maeleb cited that the business of cybercrime has evolved to a point where attacks like ransomware are now sold as a service.
Kenya, he pointed out, is a leading country in the use of ICT, with more than 1 million businesses running online, using both websites and social media platforms.
According to Maeleb, this is an attractive environment for threat actors, with reality only hitting business executives and owners the moment they become victims.