The Government will continue to review
and implement the Cyber Security Strategy and
develop relevant legislation to achieve the
cyber security policy objectives.
It is the government’s objective to:
1. Recognise cyber security as a key pillar of
national security and foster a multi-agency
approach in the management of national
cyber security;
2. Establish an enabling legal framework,
aligned with Kenya’s constitutional
provisions, legislative and regulatory
environment, and consistent with regional
and global best practices build capacity
skills within law enforcement and the
judicial system on the prevailing legal and
regulatory frameworks;
3. Support the development of a new
generation of technologies that will lead to
measurable, available, secure, trustworthy,
and
sustainable
computing
and
communications systems, as well as
associated management and policy tools
that enable successful utilisation of the new
technologies;
4. Develop information security standards for
the ICT sector which are to be adopted and
applied by all government agencies and
recommended as best practices to private
sector business;
5. Sensitise and create awareness to enhance
the adoption of information security
approaches and new attitudes and culture
by citizens;
In support of this policy the government
will:
1. Implement Computer and Cyber Crimes
Legislation;
2. Promote confidence and trust in the use of
ICTs by requiring confidentiality of personal
information, integrity and availability of ICT
services in Kenya;
3. Enacting specific and effective legislative
instruments on privacy, security, cybercrimes, ethical and moral conduct,
encryption, digital signatures, copyrights
and fair trade practices;
4. Address any gaps in regulatory capacity,
especially in the face of convergence of
networks and services;
5. Leverage on the power of ICTs to assist law
enforcement agencies and defensive
agencies to secure our borders through use
of appropriate electronic tools as part of
national security;
6. Require ICT Service Providers to provide
facilities for emergency communication and
prediction, monitoring and early warning of
disasters; and
7. Identify institutions, organisations and
establishments that are of National strategic
importance and classify them as Critical
Infrastructure. These will be required to
demonstrate strict adherence to IT security
management
by
complying
with
requirements set out by the Government or
relevant regulatory authorities.
6. Ensure the efficient mitigation of cyber
threats in order to promote trust and
confidence with the objective of preserving
the openness of the Internet as a platform
for innovation and new sources of growth;
and
7. Put in place measures to protect vulnerable
groups such as children and ensure that
they are safe and derive value from
cyberspace.
8. Develop intelligence, defensive and
offensive capabilities in the cyber-spatial
dimension of the battle-space of today and
the future.
Ministry of ICT, Kenya
36/37
November-2019