Kenya Cyber Security Report 2015
Cyber Security Risk Ranking by Sector
Government
online services that facilitate easier access to money. These
new channels have opened new alternative targets for
1
1
The public sector (government and related
cyber criminals. Instead of targeting banks - cyber
parastatals) are adopting technology and
criminals are now targeting financial services (payment
automating processes. This includes
systems, mobile money) service providers to access bank
implementation of IFMIS system,
systems.
E-procurement, ITax and IPRS. These systems
hold huge volumes of ‘mwananchi’ confidential
Manufacturing
information and capabilities of approving payments and
funds transfer. The continued automation, centralization
of systems, limited investment in information security,
lack of defined processes and previous cases of fraud
4
For many years, manufacturing
organisations in Kenya have relied on
simple accounting or manual controls to
influenced our decision to rank the public sector as the
mitigate fraud. This has changed over the
sector facing the highest cyber security risk in Kenya.
past 5 years as these firms have
implemented ERP systems that automate
Banking
the entire manufacturing lifecycle. Unfortunately, majority
of these organisations have not implemented the requisite
2
The banking sector comes in at a close
controls to ensure they can detect and prevent system
second as a high value target to cyber
fraud. The lack of controls has led to a huge and sudden
criminals because they have money and
increase in system fraud targeting key financial processes
due to their increasing reliance on
in the manufacturing sector.
technology and third parties to perform and
enhance their management and transfer of
Sacco’s
money. Mobile and online banking channels carry with
them inherent risks as they expose previously closed
processes to the internet and the public.
Financial Services & Mobile
Money
3
Kenya is at the global forefront of mobile
money services as an alternative to
traditional banking. These innovations
are seen as new payment channels and
5
Historically, Sacco’s have relied heavily on
manual or basic transactional systems to
run their back-end operations. As the
sector has grown and transactional
volumes increased, Saccos are now
automating their back-end operations. Many Sacco’s are
now automating their back-end operations. Unlike banks,
Sacco’s lack skilled security personnel and anti-fraud
systems. This has lead them in becoming greener targets
and a higher chance of success for cyber criminals.
17