NC4’s mandate is to ensure safe Cyberspace for Kenya and its people. To achieve this, NC4 provides strategic guidance, coordination, and advisory to both the public and private sectors in order to strengthen the security, resilience, and Cybersecurity capacity of the stakeholders.
NC4’s Role in Cyber Security
As information technology is increasingly being integrated with business processes, there is an increased range of risks that could disrupt essential services, causing harm to the health of Kenyan citizens as well as our economy.
NC4 role is to ensure strategic advisory, coordination, and guidance to MCDAs and private sector organizations on Cybersecurity issues such as treats, vulnerabilities, secure implementation of systems, creating Cyber hygiene culture, cyber incident response, information sharing, and Cyber-safety.
Critical Infrastructure is any physical, cyber systems and/or assets that are vital to the Kenyan Citizens that their incapacity or destruction would have a debilitating effect on our physical, economic, public health or safety.
Critical Information Infrastructure (CII) sectors were published under the Gazette Notice of 31 January 2022. Section 9 (1) & (2) of the Computer Misuse and Cybercrimes Act 2018 confers the NC4 Director with the powers to designate critical information CIIs in Kenya.
The identified CII Sectors are listed below.
- Telecommunication sector
- Electoral, judicial, education, health, food, water and land sector
- Energy, transport and industry sector
- Banking and finance sector
- Defence, security and public safety sector
Reducing the Risk of a Successful Cyber Attack
Adversaries use known vulnerabilities and phishing attacks to compromise the security of organizations. NC4 offers several scanning and testing services to help organizations reduce their exposure to threats by taking a proactive approach to mitigating attack vectors.
- Vulnerability Scanning: Evaluates external network presence by executing continuous scans of public, static IPs for accessible services and vulnerabilities. This service provides weekly vulnerability reports and ad-hoc alerts.
- Web Application Scanning: Assesses known and discovered candidly-accessible websites for potential bugs, backdoors, and weak configuration to provide recommendations for mitigating web application security risks.
- Cybersecurity Campaign Assessment: Provides an opportunity for determining the potential susceptibility of personnel to cyber attacks. This is a practical exercise intended to support and measure the effectiveness of security awareness training.
- Remote Penetration Test: Simulates the tactics and techniques of real-world adversaries to identify and validate exploitable pathways. This service is ideal for testing perimeter defenses, the security of externally-available applications, and the potential for exploitation of open-source information.
Risk management is the ongoing process of identifying, assessing, and responding to risk. To manage risk, organizations should understand the likelihood that an event will occur and the potential resulting impacts. With this information, organizations can determine the acceptable level of risk for achieving their organizational objectives and can express this as their risk tolerance.
With an understanding of risk tolerance, organizations can prioritize cybersecurity activities, enabling organizations to make informed decisions about cybersecurity expenditures. Implementation of risk management programs offers organizations the ability to quantify and communicate adjustments to their cybersecurity programs.
Organizations may choose to handle risk in different ways, including mitigating the risk, transferring the risk, avoiding the risk, or accepting the risk, depending on the potential impact to the delivery of critical services.
Information Sharing is an Essential Resource for Critical Infrastructure Security and Resilience.
In today’s interconnected world, every second can make a difference in either preventing an incident or responding to an event that affects the Nation’s critical infrastructure.
In order to protect National Critical Infrastructure, there is a need for information sharing. NC4 enables information exchange by establishing collaborations with MCDAs and various private sector organizations.
Information Sharing Enables Decision-Making
NC4 plays a vital role both directly and through a network of partners to enable informed decisions and timely actions among the infrastructure sectors as they execute security and resilience activities.
- Situational awareness in both normal, day-to-day operations and a crisis or event, including suspicious activity reporting, incident analysis, and recommended protective actions.
- Operational and tactical risk management actions in anticipation of and response to a threat to critical infrastructure at a specific location or across an entire sector.
- Strategic planning and investment to build capabilities that strengthen critical infrastructure security and resilience for the future.
Information sharing through:
- Alerts, threats, and warnings – Ensures situational awareness of potential and actual threats and catalyzes action.
- Effective risk management programs – Informs private sector investment decisions and government analysis and planning.
- Collaboration and coordination – Supports the development of plans, strategies, protective measures, preparedness, risk mitigation, and response and recovery efforts.
Information shared within a structured and secure information sharing environment helps critical infrastructure owners and operators guide investments, implement protective programs, and ensure an effective response to infrastructure threats as they arise.