Kenya:
: Reference Data : CERTs & Information Sharing
National Strategy & Capabilities
Service Provision
Professional Development
Cyber Security Information Sharing
CERTs & Information Sharing in Kenya
CERTs & Information Sharing in Kenya
Assessment Commentary
The National Kenya Computer Incident Response Team Coordination Centre (KE-CIRT/CC) was formed in 2012 and is a member of FIRST; its responsibilities cover the Government, public sector and private sector. Two further sector-specific CERTs cover the technology industries and academia. Overall, the provision of CERT services within Kenya is very encouraging. Potential informal banking sector information sharing via the Kenya Bankers Association.
| Company / Organisation | Services / About | Market Sectors (where specified) | Website | |
|---|---|---|---|---|
| National Computer Security Incident Response Team (KE-CIRT/CC) | Communications Authority of Kenya| Multi-agency collaboration framework which is responsible for the national coordination of cybersecurity as Kenya’s national point of contact on cybersecurity matters. Detects, prevents & responds to various cyber threats on a 24/7 basis. Responsible for formulating, administering, managing, and developing the information, broadcasting, and communication policy | Includes the ICT Authority, tasked with rationalising and streamlining the management of all Government of Kenya ICT functions | All Sectors | https://www.ke-cirt.go.ke/index.php/about-us/ | |
| Tespok-iCSIRT | iCSIRT is the Industry Computer Security and Incident Response Team (iCSIRT) for TESPOK (a professional, non-profit organization representing the interests of Technology service providers in Kenya) | Incident handling & response | Network activity and monitoring| Vulnerability analysis and reporting | Cybersecurity awareness building and training | Technology Service Providers | https://www.tespok.co.ke/?page_id=12751 | |
| Kenya Education Network CERT(KENET-CERT) | Cybersecurity Emergency Response Team and Co-ordination Center operated by the National Research and Education Network of Kenya | Works closely with KE-CIRT/CC as a sector CIRT for academic institutions | Academic Institutions | https://cert.kenet.or.ke/ | |
| AfricaCERT | Assists African countries in establishing and operating Computer Security and Incident Response Teams (CSIRTs)| Providing expertise and advice in formulating initiatives, programs and projects related to the launch of CSIRTs in African countries | Encourage and support cooperation among teams in the Africa Internet Service Region | Information Sharing | Supporting education and outreach | Promoting collaborative research. Kenyan membership organisations: National KE-CIRT / CC. ICIRT Tespok, KENET-CERT | Regional CERTs | https://www.africacert.org/ | |
| Forum of Incident Response Teams (FIRST) | Provides services to Bangladesh, Ethiopia, Indonesia, Nigeria, Tanzania, Uganda, Kenya | FIRST is a premier organization and recognized global leader in incident response. | Membership in FIRST enables incident response teams to more effectively respond to security incidents by providing access to best practices, tools, and trusted communication with member teams. | Services include: Specialist Interest Groups | Incident Response | Threat Analysis and others | Internet Governance | Training | Members include: The National Kenya Computer Incident Response Team - Coordination Centre (National KE-CIRT/CC) | All Sectors | https://www.first.org/ | |
| Cybersecurity Alliance for Mutual Progress - CAMP Initiative. | Mission: CAMP will serve as a network platform to lift up the overall level of cybersecurity of the members. 59 members from 45 countries. CAMP launched in July 2016 |Building a global human network to create an interactive international community| Sharing information on cybersecurity issues to track the latest cybersecurity trends and strategic national policies| Responding in a collective manner on cyber issues to enhance political leveraging power at global stage| Members: Bangladesh | Ethiopia | Ghana | Indonesia | Kenya | Nigeria | Rwanda | Tanzania | Uganda. | Events such as regional forums and annual meetings to discuss strengthening cybersecurity. Kenyan member organisations: Information Communication Technology Authority (ICTA) | National | https://www.cybersec-alliance.org/camp/index.do | |
| Kenya Bankers Association | The KBA has an extensive research capability. Whilst there is no publicly-available evidence that the KBA provides a cyber security threats/vulnerabilities information sharing function, we are led to believe that it carries out such activities informaly. | Banking | https://www.kba.co.ke/ | |
| East Africa Communications Organisation | EACO was established in 2012, as a regional autonomous organization with international legal personality and is headquartered in Kigali, Rwanda. EACO brings together national ICT regulators, operators, services providers (in the telecommunication, broadcasting and postal sub-sectors), ICT training institutions and other stakeholders in the communication sector within Burundi, Kenya, Rwanda, South Sudan, Tanzania and Uganda. The broad objective of EACO is to strengthen and promote cooperation among the six EAC Countries in the development and provision of postal, telecommunication and broadcasting services in East Africa. EACO's Working Group 3 (WG3) deals with ICT Applications, Consumer Protection Issues and Cybersecurity. | Telecommunications, broadcast and postal | http://www.eaco.int/pages/home |