Kenya's education sector raises alarm over cyber insecurity

Kenya's education sector raises alarm over cyber insecurity

Stakeholders in Kenya's education sector have expressed concern over increasing cases of cyber insecurity and fraud.

During a forum to discuss security matters in Nairobi on Friday, stakeholders from various learning institutions spoke of an increase in the number of incidences.

Philip Obondy, channel manager at Cyberoam Kenya said that most institutions do not take cyber security seriously until they are hit.

"Another challenge that faces institutions is that you want to do so much but the budget again is limited," he said, while pointing out the issue of budget allocations to the ICT departments in learning institutions.

Additional challenges facing learning institutions include access to unauthorised sites, hacking of grades database, breach of online payment and accounting and cyber bullying.

Some panellists said that tech savvy students represent a problem because they hack into school systems, either to change grades or even adjust fees balances.

The 2014 Kenya CyberSecurity Report identified students as perpetrators behind security breaches at schools.

Commenting on the report, Paula Kigen, research associate director, Centre for Informatics Research and Innovation (CIRI) said, "There is a growing population of tech-savvy youth who are not gainfully employed and are seeking to make a quick buck, live lavishly and drive the latest cars."

"As they discover the vulnerabilities in our information systems and see ways of making money; we are only likely to see more information security threats and bigger losses for organisations and the economy," she added.

Bernard Omuony, unified communications/ network engineer, said at the forum that the biggest problem is institutions refusing to share their information on how they have experienced cyber security.

"Most institutions don't want to share that they have been hacked," he told the forum. "Knowing how one has been hacked helps the sector know the trends."

The stakeholders urged the ministries of Education and ICT to establish regulations that would legally compel learning institutions to have a minimum of protection for their systems.

Obondy also revealed that 60% of cyber threats and issues are targeted at small and medium enterprises, which include the majority of learning institutions.

Kaspersky Lab recently launched a security product, Kaspersky Small Office Security aimed at this sector for companies which have less than 50 employees.

"Running a small business can be very exciting and fun, but being small doesn't mean being less noticeable by cybercriminals. It's very important for businesses to pay more attention to ensuring their cybersecurity...," said Bethwel Opil, channel sales manager for Kaspersky Lab, East Africa said.

Beyond installing software, stakeholders reiterated the need to have qualified security experts in the IT department who would help prevent and curb such incidents.

Read more