Kenya Cyber Security Report 2015
4
Third Parties require
mandatory and regular
VETTING
Outsourcing is not just a growing
trend but the new reality of today’s
rapidly evolving global economy, which raises a new
set of risk management concerns for companies in
every industry. Organisations are increasingly relying
on third parties to provide and enable more critical
services across the region. In fact there are cases where
some organisations have outsourced over 70 percent
of their operations and they rely on third parties to
provide mission critical services to their customers and
counterparties. Cyber criminals are frequently able to
exploit vulnerabilities in the third party’s networks to get
to the target company’s assets. Local organisations need
to hold third-party entities to the same Cybersecurity
standards and protocols that the organisation itself
follows internally. Otherwise, you unnecessarily put your
company’s reputation and financial health at risk.
5
are secured against attacks and potential security
breaches. In the past year, 10 different organisations
issued RFPs (Request for Proposals) for managed security.
Many organisations are looking at managed security
services as the most cost effective and efficient way to
maintain the competency of the organisations without
restraining the growth of an organisation against its
competitors. At Serianu we believe Managed Security
Services are necessary to manage the growing computing
complexities and increasing threats and cybercrimes,
without interrupting organisations’ business operations.
Local organisations need to identify key areas that can be
outsourced and seek out vendors to support their internal
security strategies.
Bonus Priority:
Vulnerability Assessment
and Penetration Testing is
not enough
Organisations need to implement holistic programs
that incorporate patch management, vulnerability
Organisation should
EVALUATE the need for
Managed Security services
management, continuous monitoring, and Incident
Response and remediation strategies to effectively
mitigate any vulnerability in their environment .
Many organisations are finding out that
they are ill-equipped to handle the complex
and multiple cyber threats posed to them. As a result
many organisations are looking at managed security
service providers to ensure that their IT infrastructures
10