Safaricom Cybersecurity Summit: Telco Calls for Fundamental Shift to Cyber Resilience
Kenya’s cybersecurity strategy must fundamentally evolve from a focus on prevention to one of active “cyber resilience,” Safaricom’s Chief Corporate Security Officer, Nicholas Mulila, said today.
Speaking at the 2025 Safaricom Cybersecurity Summit, Mulila warned that the traditional mindset of trying to prevent every breach is no longer sustainable amid rapidly evolving threats.
“The future demands cyber resilience,” Mulila stated, defining it as “the ability to anticipate, withstand, and recover” from attacks, rather than simply trying to build an impenetrable wall.
This strategic pivot is driven by an explosion in cyber threats, with Kenya recording 4.6 billion attacks in the fourth quarter alone, an 81% surge. Mulila noted that even as attacks like AI-crafted scams and massive DDoS attacks grow, 97% of breaches still exploit basic hygiene gaps like unpatched systems and weak passwords, making a purely preventative strategy futile.
Outlining the new security model, Mulila explained that the focus must move to detection and response.
“Zero Trust is now the baseline,” he emphasized, “and identity, human and machine, is the new perimeter. We must detect, heal, and respond at speed.”
This shift requires organizations to assume that threats are already inside their network and to verify every interaction, rather than trusting anything by default.
Mulila positioned this new approach as critical to Kenya’s economic progress, which is increasingly built on digital platforms, from mobile money for farmers to government e-services. “Progress without security is fragile, and growth without trust is unsustainable,” he said.
Safaricom, which Mulila described as a custodian of Kenya’s digital ecosystem, is already implementing this resilient model. He cited the company’s 24/7 Managed Security Operations Centre and the integration of “security by design” into major projects like the recent M-PESA platform upgrade as examples of this new strategy in action.
He argued that adopting a resilience-based approach, in line with Kenya’s National Cybersecurity Strategy, is not just a defensive measure but an engine of growth. He linked this modern security posture directly to building investor confidence, protecting the vital fintech sector, and safeguarding critical infrastructure.
As Safaricom marks 25 years, Mulila concluded with a call for shared responsibility, stating that the nation’s limitless potential can only be achieved by collectively adopting this more durable and responsive security mindset.
Go to TECHTRENDSKE.co.ke for more tech and business news from the African continent.
Follow us on WhatsApp, Telegram, Twitter, and Facebook, or subscribe to our weekly newsletter to ensure you don’t miss out on any future updates. Send tips to editorial@techtrendsmedia.co.ke
