+254 716148341
info@nc4.go.ke
Follow us:
NC4 Kenya - National Cyber Security Agency

FEATURED CYBER ALERT

Alert: Critical Endpoint Vulnerability in Widely Used Enterprise Software

A high-severity vulnerability is being exploited in the wild. Urgent patching is advised.

View Full Alert

Alert: Critical Endpoint Vulnerability in Widely Used Enterprise Software

Open alert
NC4 Logo

Cyber Incident Response Playbook Resources

Detailed operational guidance and context for this resource.

PLAYBOOK · March 12, 2026
Cyber Incident Response Playbook Resources

The National Computer and Cybercrimes Coordination Committee develops resources to support government institutions, critical infrastructure operators, businesses, and the public to prevent, prepare for, respond to and recover from cyber security incidents.

Cyber Incident Response Resources

The National Computer and Cybercrimes Coordination Committee develops resources to support government institutions, critical infrastructure operators, businesses, and the public in preventing, preparing for, responding to, and recovering from cyber security incidents.

These resources contribute to strengthening national cyber resilience and support the implementation of the Computer Misuse and Cybercrimes Act 2018, as well as Kenya’s broader national cybersecurity framework.

National Cyber Incident Response Plan

The National Cyber Incident Response Plan outlines Kenya’s national arrangements for coordinating responses to significant cyber security incidents.The plan provides a framework for managing cyber incidents that may have national security, economic, or societal impacts.

It complements national cybersecurity strategies and technical incident response arrangements coordinated by KE-CIRT/CC, which serves as the national technical coordination centre for cyber security incident response.

Sector Cyber Security Playbooks

The NC4 Cyber Security Playbooks provide high-level guidance on coordinated response to cyber incidents affecting critical sectors of the economy.

Under the Computer Misuse and Cybercrimes (Critical Information Infrastructure and Cybercrime Management) Regulations, Kenya identifies eleven Critical Information Infrastructure (CII) sectors. These sectors form the basis for coordinated cybersecurity preparedness and incident response across essential services, with NC4 providing technical assistance to support containment and response during cyber incidents affecting CIIs.

The playbooks outline:

  • how CIIs coordinate responses to cyber incidents
  • consequence management activities following an incident
  • how government institutions support affected organisations and sectors
  • coordination mechanisms between government, industry, and regulators

These playbooks are designed to support organisations experiencing cyber security incidents that:

  • meet the threshold of national significance or national interest
  • affect critical infrastructure or essential services
  • impact government systems or national digital platforms
  • affect multiple sectors or jurisdictions
  • have the potential to cause significant economic or societal harm

The playbooks are living documents developed in consultation with government institutions, sector regulators, and industry stakeholders. They are periodically reviewed and updated to reflect evolving cyber threats, lessons learned from incidents, and outcomes from national cybersecurity exercises.

Sector Playbooks coming soon
- Government Services
- Defense and National Security
- Banking and Financial Services
- Energy (Electricity, Oil, Gas)
- Information and Communications Technology (ICT)
- Transport and Logistics
- Water and Sanitation
- Health Services
- Manufacturing and Industry
- Agriculture and Food Supply
- Education and Research

Resource Snapshot

Category: playbook

Published: March 12, 2026

Related resources

Credential Theft Campaign Advisory

advisory

Ransomware Containment Cyber Playbook

playbook

Q1 National Cyber Threat Report

threat report
View all resources