Kenya has witnessed a surge in ransomware attacks targeting organisations of all sizes.
According to the Cybersecurity Report for October to December 2023 by the Communications Authority of Kenya (CA), there was a significant increase in cyber threat events during this period, reaching 1.2 billion, marking a staggering 943.01 percent rise from the previous quarter’s 123 million.
Advanced Persistent Threats (APTs) have also been on the rise. These threats, often state-sponsored, infiltrate computer networks and remain undetected for extended periods. There have also been supply chain attacks involving the compromise of software or hardware of trusted vendors and suppliers to gain unauthorised access to targeted organisations.
Further, as most organisations move to the cloud, they will face challenges such as misconfigurations, insecure Application Programming Interface (API)s and data breaches in the cloud platforms.
It is recommended that boards should enhance their cybersecurity competencies and oversight capabilities. The board composition should include a member with relevant IT and cyber security knowledge to enable the governance body to discharge their…
