Kenya’s cybersecurity agenda is expanding alongside the rapid growth of digital government services, with the government stepping up efforts to strengthen cyber resilience, regulate artificial intelligence and improve coordination across critical sectors.
The renewed focus comes as the country’s digital infrastructure faces a growing volume of cyber threats. According to the Communications Authority’s latest sector statistics, the Kenya Computer Incident Response Team Coordination Centre (KE-CIRT/CC) detected 3.37 billion cyber threat events during the quarter ending March 2026, illustrating the scale of activity targeting connected systems across the country.
Speaking at the opening of the Sixth Annual Information Security Management Systems (ISMS) Conference in Naivasha, Interior Principal Secretary Raymond Omollo said protecting digital infrastructure has become part of Kenya’s broader national security agenda as public services, financial systems and communications continue to move online.
Government Links Cybersecurity to National Security
Omollo said the country’s digital transformation has improved access to government services and created new economic opportunities, but it has also exposed public institutions, businesses and citizens to more sophisticated cyber threats.
He said the government is preparing amendments to the Computer Misuse and Cybercrimes Act, 2018, arguing that advances in artificial intelligence have exposed gaps in the current legal framework. The proposed changes are intended to address emerging forms of cybercrime while supporting a more secure digital environment.
Government data also shows the financial cost of cybercrime continues to rise. Kenya lost an estimated KSh29 billion to cyberattacks in 2024, nearly double the KSh15 billion recorded the previous year, underscoring the growing economic impact of digital threats.
Omollo added that national security now extends beyond physical infrastructure to include cloud platforms, digital payment systems, telecommunications networks and other critical information infrastructure that millions of Kenyans rely on every day.
The three-day conference has brought together government agencies, regulators, cybersecurity professionals, academia, development partners and private sector organisations to discuss current threats, international standards and practical measures for improving cyber resilience.
Digital Public Services Expand the Attack Surface
The government pointed to continued growth in digital public services as one reason cybersecurity has become a higher priority.
According to Omollo, the eCitizen platform now hosts more than 24,000 government services, serves over 15 million users and processes about 500,000 transactions every day.
Kenya’s reliance on digital systems now extends well beyond online government services. Banking, telecommunications, digital payments and other essential services depend on interconnected technology infrastructure, making cybersecurity an issue that affects both economic continuity and national resilience.
Communications Authority data illustrates the scale of that challenge. During the quarter ending March 2026, KE-CIRT/CC recorded 3.37 billion cyber threat events, including 68.7 million malware incidents and 46.4 million brute-force attacks, highlighting the sustained pressure facing organisations connected to the internet.
The government said it has strengthened its cybersecurity framework through implementation of the Computer Misuse and Cybercrimes Act, operationalisation of the National Computer and Cybercrimes Coordination Committee (NC4), and enforcement of the Critical Information Infrastructure Protection and Cybersecurity Management Regulations, 2024.
The regulations require organisations responsible for critical information infrastructure to identify digital assets, strengthen system security and continuously monitor potential threats.
National Cybersecurity Agency Gains Momentum
Omollo also welcomed Parliament’s approval of the National Cybersecurity Agency, saying the institution will improve coordination across government while strengthening the country’s preparedness against evolving cyber threats.
Kenya already has several institutions responsible for cybersecurity, including the National Computer and Cybercrimes Coordination Committee (NC4) and the Communications Authority’s KE-CIRT/CC, which coordinates the country’s national cyber incident response capability. The proposed agency is expected to strengthen coordination across government, regulators and operators of critical infrastructure as Kenya’s digital ecosystem continues to expand.
NC4 Director James Kimuyu said the committee has also prepared a draft National Cybersecurity Policy and reviewed the country’s National Cybersecurity Strategy, both of which are awaiting government approval. Together with the proposed agency, the measures form part of a broader effort to strengthen Kenya’s cybersecurity governance.
Government Prepares for AI-Era Cyber Threats
Artificial intelligence featured prominently during the conference, with the government warning that advances in AI are creating new security challenges alongside economic opportunities.
Omollo said preparations for the next General Election have heightened concerns over AI-generated deepfakes and the manipulation of public opinion online, adding that the technology has created new challenges that existing legislation was not designed to address.
He also cited misinformation campaigns, online fraud, identity manipulation and AI-enabled cyberattacks as emerging risks requiring coordinated policy and technical responses.
He urged government, industry and researchers to work together to harness artificial intelligence for cybersecurity while protecting sensitive information and maintaining public trust in digital systems.
Push for Home-Grown Cybersecurity Innovation
Beyond regulation, the government is encouraging greater investment in local cybersecurity expertise and technology development.
Omollo said Kenya should build the capacity to design, develop and export trusted cybersecurity solutions rather than depend entirely on imported technologies.
He called on participants to use the conference to strengthen collaboration and promote internationally recognised information security standards that support innovation while protecting citizens, institutions and critical national infrastructure.
Kenya’s latest cybersecurity measures also come as governments and private-sector organisations across Africa expand investment in cyber resilience through new threat intelligence partnerships, skills development initiatives and critical infrastructure protection programmes.
As Kenya expands digital public services and adopts artificial intelligence across more sectors, the government says building secure digital systems will remain central to protecting citizens, essential services and the country’s growing digital economy.
Go to TECHTRENDSKE.co.ke for more tech and business news from the African continent and across the world.
Follow us on WhatsApp, Telegram, Twitter, and Facebook, or subscribe to our weekly newsletter to ensure you don’t miss out on any future updates. Send tips to editorial@techtrendsmedia.co.ke





