At the Safaricom Cybersecurity Summit 2025, Safaricom’s Chief Corporate Security Officer Nicholas Mulila delivered a forceful call for organisations to move beyond prevention-only mindsets and embed security into every stage of digital transformation. Addressing industry leaders, partners and government representatives, Mulila stressed that rising threats demand collaboration, continual customer education and operational readiness.
Mulila opened by framing the scale of the problem: recent sector reporting showed roughly 4.6 billion cyber incidents last year, an 80% year‑on‑year increase, and Safaricom sees “millions” of attempts across its systems daily. He argued many breaches still stem from avoidable lapses: weak passwords, delayed patching and developing products without security in mind. Those simple failures, he said, compound as organisations accelerate innovation.
The core of Mulila’s message was practical and strategic. First, “secure by design” must be non‑negotiable: security considerations must be embedded from product conception through deployment. Second, zero trust is no longer optional, it is a baseline posture. “Don’t trust anyone,” he said, urging stricter identity controls and least‑privilege access across systems. Third, resilience must be prioritised alongside prevention. Mulila reframed success as reducing impact and accelerating recovery after incidents, not simply attempting to prevent every attack.
Collaboration and customer education were recurring themes. Mulila cited Safaricom’s multi‑year cooperation with financial institutions as an example: coordinated controls and joint public awareness campaigns helped reduce certain types of fraud by as much as 90% over four years. He reiterated that cybersecurity is an ecosystem problem requiring shared responsibility among telcos, banks, regulators and vendors.
On capability and readiness, Mulila highlighted Safaricom’s investments in a 24/7 managed Security Operations Center and services to monitor and support partners’ systems. He encouraged organisations to leverage such shared capabilities rather than operate in isolation.
Mulila ended his speech by framing cybersecurity as a pillar of national development: protecting digital infrastructure preserves trust, enables adoption of new services and supports inclusive growth.
For these and more stories, follow us on X (Formerly Twitter), Facebook, LinkedIn and Telegram. You can also send us tips or reach out at [email protected].
Also Read: Safaricom Business Showcases Cybersecurity Capabilities Ahead of 2025 Summit
