Kenya Cyber Security Report 2015
Continuous Monitoring
and Response
Almost all organisations are not
prepared for cyber threats.
In our survey, we noted that majority of
the organisations are ill prepared to
monitor and respond to cyber attacks.
90% of Kenyan organisations have no
real-time insight on cyber risks, lacking
the agility, budget and skills to combat
rising cybercrime. Majority of these
organisations are unable to detect cyber
attacks using the existing systems and
processes.
6
7
Vulnerability and Patch
Management
The achilles heel of organisations
cybersecurity efforts.
Our study reveals that majority of
Kenyan organisations do not perform
regular vulnerability scans on their
network thus are unable to tell their
current security posture.
Security Awareness
Training
Ignore the weakest link at your own
risk.
Most organisations in Kenya spend a
significant amount of their annual
information technology budgets on
technologies and systems to harden
their infrastructure ignoring the
untrained, uninformed or unmonitored
users. Without training, most users in
Kenya don't have the skills and
knowledge they need to adequately
protect the organisations' infrastructure
and informaiton from cyber attacks.
8
9
port
Inadequate Budgets and
Management Support
Put your money where your risks are.
A great percentage of organisations in
Kenya are operating with little or no
budget or management support. In
most of these organisations executives
are not willing to dedicate funds
towards the purchase or engagement of
cyber security solutions or services.
Often these organisations are waiting
for a breach before they can react or
act.
Emerging Technologies and
ERP Automation
Automation minus controls equals to risks.
Many organisations in Kenya are
implementing Enterprise Resource Planning
(ERP) that automate and integrate a
company's core business and help them
focus on effectiveness and simplified
success. ERP systems are helping increase
productivity, efficiency and accuracy but
at the same time they are introducing
new risks to organisations.
10
13