Cybercrime is no longer just an IT problem; it has evolved into a national crisis. Rapidly expanding across Kenya, it targets individuals, the private sector, fintechs, and government institutions alike, resulting in significant financial loss and the erosion of consumer trust.
Smartcomply, a Nigerian-founded cybersecurity and compliance firm, recently hosted The Secure Horizon Executive Breakfast in Nairobi. During the event, the company unveiled a new report developed in collaboration with TechCabal titled AI and the Cyber Frontier: Securing East Africa’s Digital Future.
The report explores the growing impact of Artificial Intelligence (AI) on the cybersecurity landscape. it highlights emerging risks to the economy, assesses the current state of preparedness, and identifies gaps in execution and regulatory compliance. Furthermore, it provides forward-looking insights into how the ecosystem will evolve as AI continues to reshape digital infrastructure and threat dynamics.
Kenya’s Cybersecurity Trends and Challenges
In Kenya, where digital payments, national identity systems, and public services operate at population scale, a cyber failure is more than a technical disruption; it is a macroeconomic risk. Such failures threaten financial stability, public trust, and essential service delivery.
According to the report, more than 4.5 billion cyber threat events were recorded nationwide between April and June 2025. During the same period, an estimated KES 29.9 billion (USD 230 million) was lost to cybercrime, underscoring how persistent threat activity translates into tangible economic losses.
Kenya’s exposure is intensifying as digital adoption accelerates. The Kaspersky Africa Cyberthreat Landscape Report 2025 noted that the continent recorded 131.5 million web-based threat detections and 66 million phishing link clicks in 2024. Africa now ranks third globally for ransomware exposure, with password-stealer detections surging 26% year-on-year. Kenya remains among the most affected countries, highlighting the risks facing a society deeply reliant on digital payments and connected platforms.
The Paradox of Connectivity
These breaches drain vital capital from the economy. In 2023, Kenya recorded losses of $83 million due to cybercrime, a figure that has only climbed as systems become more integrated. This is particularly significant for East Africa, where mobile money and digital banking prioritize speed and convenience. Ironically, the same efficiency that drives financial inclusion creates windows of vulnerability for attackers to exploit rapid transactions.
Kenya illustrates a defining paradox of the global digital economy: the more advanced and connected a nation becomes, the more exposed it is to risk. A highly integrated ecosystem built on API-enabled financial services has unlocked scale, but it has also significantly deepened the country’s “attack surface.”
Recent data from the Communications Authority of Kenya reinforces this, recording over 842 million cyber threat events between July and September 2025. Experts note that this exposure is driven by continuous, automated hostile activity rather than isolated, headline-grabbing breaches. In this environment, resilience is not just about prevention; it is about strengthening detection, improving cross-sector coordination, and ensuring faster response mechanisms.
Restoring Trust and Closing Gaps
As the economy digitizes, trust has become a critical—yet fragile—asset. Every attack costs institutional credibility, making consumers hesitant to engage with digital banking.
“For SMEs and households, any interruption can translate into real hardship. Once trust is lost, people retreat to cash. Ultimate success is when you find a grandmother in Africa with no fear, trusting her hard-earned cash in a digital system.” Tim Theuri, CISO, M-PESA, said.
Execution remains a primary hurdle, often hampered by underreporting. While official figures are high, many serious incidents, such as SIM-swap fraud and insider data misuse, often go unrecorded. Mugambi Laibuta, Chairperson of the Data Privacy and Governance Society of Kenya (DPGSK), noted that opaque data brokerage and account takeovers are significant risks that frequently bypass official reports.
The Road Ahead
As Kenya prepares for the next phase of AI-powered services and digital trade, the challenge is no longer just about awareness, but about managing risk at the speed of evolving technology.
Gbemisola Osunrinde, CEO of Smartcomply, emphasized a shift in strategy: “Resilience improves when organizations plan for failure instead of assuming stability.”
Cyber resilience in Kenya will ultimately be measured by the ability to maintain public trust, provide effective remedies, and hold repeat offenders accountable. As AI systems become more automated, the margin for error will shrink, making deliberate, system-wide resilience essential for Kenya’s digital future.
Go to TECHTRENDSKE.co.ke for more tech and business news from the African continent and across the world.
Follow us on WhatsApp, Telegram, Twitter, and Facebook, or subscribe to our weekly newsletter to ensure you don’t miss out on any future updates. Send tips to editorial@techtrendsmedia.co.ke
