KENYA CYBERSECURITY REPORT TOP ISSUES
CATEGORIES
The Serianu Cyber Security Framework
Cybersecurity
Program
Governance and
Strategy
Vulnerability &
Threat
Management
Failure to
identify all
possible risk
prone assets to
the organization
Inadequate
security
controls across
the business
User
Provisioning &
Access
Management
Insider
Threats
Lack of
monitoring
and incident
response
processes
Misconfigurations
Limited
budgets
Lack of
management
buy-in
Poor Identity
and Access
Management
Unauthorized
changes to
critical
systems
Lack of
vulnerability
and patch
management
Unauthorized
changes to
critical systems
Failure to
identify &
controls risks
inherent to the
organization
Use of stolen
user accounts
Port
Scanning
Mobile
Malware
Abuse of
privileged
accounts
Malicious
software
Network
Attacks
Password
sharing
Use of generic
accounts
Port
Scanning
Data
Exfiltration
Social
Engineering
Data
Exfiltration
Inappropriate
access to
systems
Email
Spoofing
Inability to
identify
common
threats with
industries
Unauthorized
changes to
critical systems
Network
Attacks
DDOs
Lack of
security
Awareness and
Training
Continuous
Monitoring &
Incident
Response
Inadequate
Database
Security
Failure to
resume
business
operations
Illegal use of
remote access
tools