Kenya’s digital infrastructure faces mounting threats, with the Communications Authority of Kenya (CA) reporting an alarming cyber threat incidents in the first quarter (Q1) of 2025.
During the period, the number of cyber threats detected by the National Kenya Computer Incident Response Team (KE-CIRT) surged by 201.7 per cent to 2.5 billion. Correspondingly, the number of cyber threat advisories issued during the period increased by 14.2 per cent to 13.2 million.
This sharp rise underscores the growing vulnerabilities in the country’s digital economy. Back in 2023, the CA recorded losses of $83 million due to cybercrime, ranking Kenya as the second most affected country in Africa after Nigeria, which reported a $1.8 billion loss.
Register for Tekedia Mini-MBA edition 19 (Feb 9 – May 2, 2026): big discounts for early bird.
Tekedia AI in Business Masterclass opens registrations.
Join Tekedia Capital Syndicate and co-invest in great global startups.
Register for Tekedia AI Lab: From Technical Design to Deployment (next edition begins Jan 24 2026).
Between April and June 2024 alone, the National KE-CIRT/CC identified over 1.1 billion cyber threat events, highlighting the persistent and evolving nature of cyber risks. Fast forward to October and December 2024, Kenya’s cybersecurity landscape saw a significant increase in cyber threats with over 840 million events detected. The most prevalent attacks during this period were brute force attacks (34.8 million), Malware attacks (33.9 million), and Distributed Denial of Service (DDoS) attacks (15 million).
The rise in cyber threats was attributed to the growing use of Artificial Intelligence (AI) and machine learning (ML) by cyber criminals, along with other factors.
Other contributing factors include;
Increased Digitalization: As more Kenyans access the internet and engage in online transactions, the attack surface for cybercriminals expands.
Inadequate Cybersecurity Measures: Many organizations lack robust cybersecurity frameworks, making them vulnerable to attacks.
Use of Legacy Systems: Outdated technology and poor security configurations contribute to the prevalence of attacks.
The economic impact of this cyber onslaught is significant. Businesses are now burdened with higher costs for cybersecurity defenses, face the constant risk of data breaches, and are contending with a decline in consumer trust. The financial sector remains a prime target, with cybercriminals exploiting digital loopholes to commit fraud and theft, thereby shaking investor confidence and impeding broader economic growth.
In response, the Kenyan government is intensifying its cybersecurity initiatives. The National Computer and Cybercrimes Coordination Committee (NC4) is currently implementing the 2022–2027 National Cybersecurity Strategy. This strategy promotes a multi-stakeholder approach, aiming to strengthen legal frameworks, enhance response mechanisms, and build international collaborations to fight cybercrime more effectively.
One such international partnership emerged during President William Ruto’s state visit to the United States in May 2024. Kenya and the U.S. agreed to co-host a regional cybersecurity symposium to promote cyber resilience and cross-border information sharing.
In a landmark move to bolster Kenya’s digital security landscape, the United States, Kenya, and global technology leaders Google, Microsoft, and Cisco announced a series of collaborative initiatives aimed at strengthening the country’s cybersecurity infrastructure and capabilities.
The centerpiece of this joint effort is the launch of a cybersecurity operations platform, a project spearheaded by the United States and Kenya with significant contributions from Google. The platform is designed to enhance the security of Kenya’s digital infrastructure, starting with a pilot project to improve the resilience of the country’s e-government services.
Notably, the cyberthreat landscape is also fueling the growth of Kenya’s cybersecurity industry. The sector is expected to grow at a compound annual growth rate (CAGR) of 10.54% through 2029, reaching a market value of $92.64 million. This growth is driven by increased demand for cybersecurity solutions across industries such as finance, healthcare, and government, with companies investing in cutting-edge technologies like artificial intelligence and machine learning for improved threat detection and response.
While the government’s ongoing efforts and industry growth are encouraging, sustained action is essential to secure Kenya’s digital future. This includes continued investment in cybersecurity infrastructure, skill development, and cultivating a national culture of cybersecurity awareness among individuals and organizations alike.