The Kenya Information and Communications Act, 1998, mandates the Communications Authority of Kenya (CA) to develop a national cyber security management framework. It is in this regard, and in order to mitigate cyber threats and foster a safer Kenyan cyberspace, that the government established the National Kenya Computer Incident Response Team – Coordination Centre (National KE-CIRT/CC), a multi-agency collaboration framework which is responsible for the national coordination of cyber security as Kenya’s national point of contact on cyber security matters.
The enactment of the Computer Misuse and Cyber Crimes Act of 2018 has gone a long way in strengthening this multi-agency collaboration framework, among other key facets that support national cyber security resilience.
The National KE-CIRT/CC coordinates response to cyber security matters at the national level in collaboration with relevant actors locally and internationally. The National KE-CIRT/CC is based at the CA Centre and comprises of staff from the Communications Authority and law enforcement agencies.
The National KE-CIRT/CC detects, prevents and responds to various cyber threats targeted at the country on a 24/7 basis, having commenced round-the-clock operations in 2017. The National KE-CIRT/CC therefore acts as the interface between local and international ICT services providers whose platforms are used to perpetrate cybercrimes, and our Judicial Law and Order Sector which investigates and prosecutes cybercrimes. The functions of the National KE-CIRT/CC include the following:
- Implementation of national cybersecurity policies, laws and regulations. Cybersecurity awareness and capacity building and early warning and technical advisories on cyber threats on a 24/7 basis.
- Technical co-ordination and response to cyber incidents on a 24/7 basis in collaboration with various actors locally and internationally.
- Development and implementation of a National Public Key Infrastructure (NPKI).
- Research and development in cybersecurity. Promote and facilitate the efficient management of critical Internet resources