Kenya’s burgeoning financial technology sector has witnessed remarkable growth in recent years. However, recent media reports raise concerns that this rapid fintech evolution has attracted the attention of cyber criminals who have adopted increasingly sophisticated tactics, posing a significant threat to the industry’s continued success. Kenya is currently ranked 25th in the world as the most likely to be targeted for malware attacks according to Check Point Research’s October Malware Report.
Cyber attacks have become an imminent danger to businesses worldwide, and Kenya is no exception. Fintech companies in Kenya are grappling with a rising tide of intricate cyber-attacks. These range from phishing attempts and data breaches to the insidious scourge of ransomware campaigns.
The Communications Authority of Kenya reports that the nation has witnessed a staggering 860 million cyber incidents in the past year, with an additional 123.9 million recorded during the three months leading up to September. The increasing frequency, sophistication, and scale of these cyber threats are particularly concerning for Kenya’s critical information infrastructure.
The prevalent mobile-first culture in Kenya has led to the rapid development of income-generating applications. However, this focus on speed-to-market often comes at the expense of robust cybersecurity measures.
Recent cyber-attacks have targeted vital digital infrastructure in the country, impacting both public and private institutions. Entities such as Kenya Power and Lighting Company, Kenya Railways Corporation, and the National Transport and Safety Authority have fallen victim to these attacks.
According to John Paul Onyango, Country Manager: East Africa, Check Point Software Technologies, one significant challenge facing the sector is the separation between app development and cybersecurity teams, who tend to work in silos.
“Bridging this gap is imperative for a comprehensive approach to cybersecurity,” Onyango says.
To protect businesses and customers alike, Check Point recommends that firms adopt an integrated approach to cybersecurity and app development. Check Point advocates the “3C’s” approach – Convergence, Consolidation, and Context – to ensure a unified strategy that safeguards against
evolving cyber threats. Onyango explains, “As Kenya’s fintech sector continues its remarkable growth, it is imperative that cybersecurity remains a top priority. By breaking down silos between app development and cybersecurity teams and adopting a unified approach, businesses can effectively fortify their operations and protect their customers from the ever-present threat of cyber-attacks.”
While Kenya’s fintech sector is a driving force in the country’s economic transformation it faces growing challenges in securing its data centres and trading platforms, as well as migrating securely to the cloud. Solutions to address these problems should include ultra-scalable protection and compliance.
“As banking applications and APIs continue to grow and evolve, so does the attack surface for cybercriminals. The automated detecting and preventing attacks on web applications and APIs is critical for protection,” Onyango says
With the rise of remote work, securing all devices and connections is more crucial than ever. The protection of SD-WAN connectivity for branches is essential in mitigating risks associated with connecting directly to the cloud. IoT devices are a growing target for cyberattacks, and banks must be equipped to protect their networks too.
Onyango concludes, “Organisations need a comprehensive suite of solutions and services that empower financial institutions to navigate today’s complex threat landscape with confidence. By adopting a consolidated security approach, fintechs can pre-emptively protect against advanced attacks while optimising operational efficiency and reducing costs. Financial institutions worldwide are equipped to overcome their toughest cybersecurity challenges.”