The government is about to introduce the Data Protection and Privacy Bill which will safeguard the data of Kenyan consumers according to ICT principal secretary Jerome Ochieng. The Bill will ensure that companies and third parties utilise user information in an appropriate manner.
At a time when user information is increasingly at risk from hackers, Ochieng said the Bill will hold companies responsible for data breaches. The recent Facebook data breach that affected 87 million users is a good example of how important it is for companies to protect user information and the implications such data breaches can have on a business.
The upcoming Bill will complement the Computer Misuse and Cybercrime Act which protects Kenyans against cyber espionage, interference, and unauthorised access. This law provides for up to Sh20 million or a ten-year jail term in an effort to curb cybercriminal activities.
According to the Serianu Cyber-Security Report, Africa lost Sh200 billion in cyber-related crimes in 2016. Serianu Limited is an IT services and business consulting firm based in Nairobi.
Serianu Limited CEO William Makatiani states in the report: “One of the most critical challenges facing Kenyan organisations is the lack of awareness among technology users. Many of these users – mostly customers and employees – have little knowledge of the level of risk they are exposing themselves and their organisations to.”
In order to protect their clients from cyber attacks, Serianu recommends that companies should invest in awareness and training, continuous monitoring and log analysis, continuous risk assessment, vulnerability and patch management, and independent reviews.
Kenya hosted the African Cyber Defence Summit 2018 last week, a gathering that brought together 400 delegates to discuss safety matters under the theme ‘Accelerating Africa’s Cybersecurity Dialogue.’