The National KE-CIRT/CC

Tel Hotlines: +254-703-042700, +254-730-172700
incidents@ke-cirt.go.ke

Functions & Services

The Kenya Information and Communications Act, 1998, mandates the Communications Authority of Kenya (CA) to develop a national cyber security management framework.

It is in this regard, and in order to mitigate cyber threats and foster a safer Kenyan cyberspace, that the government established the National Kenya Computer Incident Response Team – Coordination Centre (National KE-CIRT/CC), a multi-agency collaboration framework which is responsible for the national coordination of cybersecurity as Kenya’s national point of contact on cybersecurity matters. This in accordance with the provisions of the Kenya Information and Communications Act. The enactment of the Computer Misuse and Cyber Crimes Act of 2018 has gone a long way in strengthening the multi-agency collaboration framework by explicitly defining the institutions which should synergize to ensure a safer Kenyan cyber space, among other key facets that support national cybersecurity resilience.

The National KE-CIRT/CC coordinates response to cyber security matters at the national level in collaboration with relevant actors locally and internationally. The National KE-CIRT/CC is based at the CA Centre and comprises of staff from the Communications Authority and law enforcement agencies.

The National KE-CIRT/CC detects, prevents and responds to various cyber threats targeted at the country on a 24/7 basis, having commenced round-the-clock operations in 2017.

The National KE-CIRT/CC acts as the interface between local and international ICT services providers whose platforms are used to perpetrate cybercrimes, and our Judicial Law and Order Sector which investigates and prosecutes cybercrimes.

The functions of the National KE-CIRT/CC include the following:

  • Implementation of national cybersecurity policies, laws and regulations.
  • Cybersecurity awareness and capacity building.
  • Early warning and technical advisories on cyber threats on a 24/7 basis.
  • Technical co-ordination and response to cyber incidents on a 24/7 basis in collaboration with various actors locally and internationally.
  • Development and implementation of a National Public Key Infrastructure (NPKI).
  • Research and development in cybersecurity.

National KE-CIRT/CC Services

1. Reactive Services (Incident Response and Coordination)

Incident Triage

  • Determining whether an incident is authentic.
  • Assessing and prioritizing the incident.

Incident Coordination

  • Determining the involved organizations.
  • Contacting the relevant organizations to investigate the incident and take the appropriate steps.
  • Facilitating contact to other parties which can help resolve the incident.
  • Sending reports to constituencies and other (national) CIRTs.

Incident Resolution

  • Advising local security teams on appropriate actions.
  • Following up on the progress of the concerned local security teams.
  • Reporting back.

The National KE-CIRT/CC also collects national statistics about cyber incidents.

2. Proactive Activities (Technical Advisory and Capacity Building)

  • Raising security awareness nationally.
  • Collecting contact information of local cybersecurity teams.
  • Publishing announcements concerning serious cybersecurity threats.
  • Observing current trends in technology and distributing relevant knowledge to the constituency.
  • Providing results for community building and information exchange within the constituency.
  • Technical research and development.
Powered by ITU/IMPACT

UN ITU ITU IMPACT