Kenyans call for a proactive cyber security policy
Analysts in Kenya generally agree that publicised cyber-attacks should act as a wake-up call for governments, organisations, and individuals to address cyber security.
Responding to a recent cyber-attack in Kenya that made news headlines, some analysts who spoke to ITWeb said it was time to improve defences and increase resilience against potential threats.
The largest economy in East Africa, Kenya, is on high alert following a huge cyber-attack that crippled sectors of the public sector and banking institutions.
Following the attack, even the Kenyan government concurred with the analysts that proactive measures were necessary.
The government urged the private sector to collaborate with the public sector to increase cyber-surveillance measures.
Analysts told ITWeb that collaboration, information sharing, and capacity-building efforts were key components of a comprehensive cyber security strategy.
They suggested Kenya must invest in comprehensive cyber security solutions to appropriately address hacker threats and protect people's data.
Anonymous Sudan - a group of Sudanese cybercriminals, claimed responsibility for the debilitating cyber attack.
Commenting on the attack, Stephen Nyumba, director of Intrepid Data System Limited, said: "Such incidences provide an excellent opportunity to assess an organisation's readiness to deal with such attacks".
He adds: "At some point, an attacker will attempt to compromise any system. There was no data loss, according to reports. As a result, the infrastructure should give us hope."
However, Nyumba added: “The government failed to demonstrate that it was ready to deal with such incidents.
"It took a long time for the government to communicate the issue."
According to Mark Makanga, a software expert, the incident was most likely a ruse for a greater financial aim.
He said: "Once you expose yourself, your systems become exposed; as a result, the first time is your best chance of establishing stealth.
"The attack's implication has demonstrated the vulnerability of an entirely digital government; I trust it will be taken seriously.
"This should result in improvements and a more comprehensive review of cyber security in organisations and the Kenyan government."
For technology analyst, Ernest John Ndugu the type of alleged attack, a DDOS, was an attempt to "show that whoever claims the incident can at any time try and reveal potential gaps in the areas involved".
Ndugu added: "The most important revelation was that we as a technical community in Kenya have yet to embrace advanced levels of resiliency, fault tolerance, and redundancy as equally as we do our systems' performance.
"The respective practitioners must identify risks in advance and provide continuous mitigation plans to account for edge cases such as cybersecurity scares or incidents."