The government has rolled out a Ksh 453 plan to streamline operations and secure Kenya’s data and digital infrastructure amid rising cyber threats.
The Ministry of Information, Communications and the Digital Economy has announced the Kenya Cyber Resilience (KCR) project which will among others, strengthen existing policies and legal frameworks, improve coordination and response to cyber incidences, build a coherent national risk management approach and improve the country’s human capacity.
“Our country digital transformation has reached a level of maturity where cybersecurity is no longer a supporting issue, it is a foundational requirement. Our government platforms, financial systems, communications networks, data infrastructure, and digital public services now form part of the country’s critical national infrastructure. Their resilience, integrity, and availability are essential to economic growth, public trust, and national stability,” said John Tanui, ICT and Digital Economy.
Among policies which will be aligned to the project include the the National Cybersecurity Strategy and the Digital Master Plan.
Kenya is largely seen as prime target to cybercriminal due to increased internet use and digitization of government services. According to the ministry, Kenya has so far digitized at least 20,0000 services.
“Kenya’s digital transformation has expanded access to electronic services and online platforms, but it has also heightened our exposure to sophisticated cyber risks that are constantly evolving. Kenya is faced with a reality where fragmented governance, limited operational capacities, and low public awareness of cyber hygiene pose a direct threat to our national security and economic stability,” noted Stephen Isaboke, PS Broadcasting and Telecommunications
KCR project is also expected to support the establishment of the National Cybersecurity Agency (NCSA) already approved by the Cabinet to enhance Kenya’s response to cyber threats currently being handled by KE-CIRT/CC.
Between July and September 2025, KE-CIRT/CC detected 842.3 million cyber threats out of which 20 million advisories were issued.
The project will also aligns Kenya’s cybersecurity policy with European Union Network and Information Security (NIS2) and protect critical infrastructure by supporting the Critical Information Infrastructure (CII) designation process.
“Cybersecurity matters in Kenya because Kenya has emerged as one of Africa’s digital frontrunners. With growing 4G and 5G infrastructure, better access to smartphones, forward thinking innovations on broadband internet, Kenya is making significant strides,” said a representative of the French Embassy.
The KCR project was developed over a 36 month period with funding from the EU and implemented by Expertise France in partnership with the Estonian Centre for International Development (ESTDEV).
