KICTANet Thought Leadership Series.
Policy Dialogue on Cybersecurity and Data Protection in Kenya.
Date: 26th June 2024.
Introduction
The Kenya ICT Action Network (KICTANet) in partnership with the Slovak Agency for International Development Cooperation (SAIDC) are pleased to host a thought leadership roundtable “Policy Dialogue on Cybersecurity and Data Protection in Kenya”.
Background and Context
The cybersecurity and data protection landscape are constantly evolving hence necessitating continuous monitoring and knowledge exchange among key experts. In Kenya, the ever-evolving nature of cybersecurity and data protection has led to the enactment and amendment of key laws and regulations, the creation of regulatory authorities, and creation of new opportunities in the workforce. For instance, in 2019 Kenya enacted the Data Protection Act, 2019 (DPA) to give effect to Article 31 of the Constitution 2010 which provides for the right to privacy. Subsequently, the Office of the Data Protection Commissioner (ODPC), which is the office mandated to enforce and oversee the implementation of the DPA, enacted regulations in 2020 and 2021 to give effect to sections of the DPA and continues to issue guidance on compliance with the DPA.
On the cybersecurity front, some milestones hit include the enactment of the Computer Misuse and Cybercrimes (Critical Information Infrastructure and Cybercrime Management) Regulation in 2024, to operationalize the provisions of the Computer Misuse and Cybercrimes Act, 2018 and to strengthen the role of the National Computer and Cybercrime Coordination Committee (NC4) as the leading entity in coordinating cybersecurity matters in Kenya. The establishment of the National Kenya Computer Incident Response Team – Coordination Centre (National KE-CIRT/CC), which is a multi-agency collaboration framework that is responsible for the national coordination of cyber security as well as Kenya’s national point of contact on cyber security matters is another step in the right direction.
However, despite the strides made, the cybersecurity and data protection landscape in Kenya is still marred with challenges that cut across government departments and services, organizations and personal levels. For instance, in July 2023, a DDoS attack was launched against Kenya’s e-citizen portal rendering the system inaccessible for several hours. Moreover, the National KE-CIRT/CC reported to have detected over 855 million cyber threats aimed at the heart of Kenya’s critical information infrastructure between July 2022 and June 2023. The suspension of Worldcoin operations introduces new challenges to the enforcement of the DPA and the nexus between personal data protection and AI development.
In light of the opportunities and challenges presented by cybersecurity and data protection, key stakeholders must engage in this knowledge-sharing session to share best practices, advice, recommendations, and information on opportunities and raise awareness to foster decisive and strategic intelligence and insights.
Objectives of the Roundtable Series
The objective of the roundtable is to provide a platform for key stakeholders to dialogue, engage, share best practices, and advice and make recommendations on cybersecurity and data protection. It shall also be an opportunity to strengthen networks among stakeholders to facilitate future collaboration and knowledge sharing as well as identify areas for future research and investment in cybersecurity and data protection initiatives.
Expected Outcomes
- Identification of priority policy actions and development of actionable policy recommendations that enhance cybersecurity and data protection practices in Kenya;
- Facilitation of collaboration, knowledge sharing and networking opportunities for stakeholders from different sectors hence fostering coordinated and collective approaches to address cybersecurity and data protection challenges in Kenya.
Expected Output
It is expected that the meeting shall result in a policy brief outlining the key policy issues and proposed recommendations to various stakeholders moving forward.
Format of the Event
The event shall be in the form of a half a-day roundtable meeting with a keynote speech followed by expert presentations, panel discussions and plenary sessions among the stakeholders present.
Attendees
The roundtable session targets 30-40 participants and will include relevant local actors drawn from government, including relevant agencies and departments, the private sector, the technical community, academia, media, development partners, civil society and other non-governmental actors.
About the Organizers
The Kenya ICT Action Network (KICTANet) is a non-profit organization, which acts as a multi-stakeholder platform for ICT policy and regulation. KICTANet’s guiding philosophy encourages synergies for ICT policy-related activities and initiatives. As such, the network provides mechanisms and a framework for continuing cooperation and collaboration in ICT matters among industry, technical community, academia, media, development partners, and Government.
KICTANet Thought Leadership Roundtable: Policy Dialogue on Cybersecurity and Data Protection in Kenya
Date: 26th June 2024 | Time: 0800 –1430 | Venue: Nairobi
| Programme | ||
| Time | Session | Facilitators |
| 0800 – 0830 | Arrival and Registration | KICTANet |
| 0830 – 0845 | Welcome and Introductions | Dr Grace Githaiga, KICTANet
Representative, Slovak Embassy |
| 0845 – 0900 | Overview of Workshop Objectives | Victor Kapiyo, KICTANet |
| 0900 – 0915 | Keynote Address | |
| Session 1: Confidence Building Measures
Linda Gichohi, KICTANet, Moderator |
||
| 0915 – 0930 | Government | Experts
Communications Authority, KE-CIRT Representative, National Cyber Crime Coordination Committee Centre (NC4) Representative, ICTA |
| 0930 – 0945 | Academia | Representative, USIU-Africa
Representative, Strathmore University |
| 0945 – 1000 | Telecommunications Sector | Representative, Huawei
Representative, TESPOK Representative, Safaricom Representative, Microsoft |
| 1000 – 1015 | Financial Services | Representative, Digital Financial Services Association of Kenya (DFSAK)
Representative, Kenya Bankers Association |
| 1015 – 1030 | Technical Community | Representative, Information Security Consultant
Representative, Serianu |
| 1030 – 1045 | Civil Society | ISOC Kenya
Cherie Oyier, KICTANet |
| 1045 – 1100 | Development Partners | Representative, Team Europe
Representative, GIZ |
| 1100 – 1130 | Plenary Session | Moderator |
| 1130 – 1145 | Health Break | |
| Session 2: Strategic Actions and Actors in 2024
Barrack Otieno, Moderator |
||
| 1145 – 1215 | Moderator
Stakeholder Groups |
|
| 1215 – 1230 | Group Presentations | Stakeholder Groups |
| 123 – 1300 | Plenary Session | Moderator, KICTANet |
| 1300 – 1315 | Recommendations, Next Steps and Sustainability | Victor Kapiyo |
| 1315 – 1330 | Closing Session | KICTANet, Slovak Embassy |
| 1330 – 1430 | Networking Lunch | |
| End of Event | ||
