Central Bank of Kenya Issues Guidance Note on Cybersecurity

The leveraging on technology by banks exposes them to increased cyber risks. In this regard, the Central Bank of Kenya (CBK) has issued a Guidance Note on Cybersecurity that outlines the minimum requirements for banks to enhance their cyber security.

The Guidance Note outlines the minimum requirements that institutions shall build upon in the
development and implementation of strategies, policies, procedures and related activities aimed
at mitigating cyber risk.

The purpose of the guidance note is to:

  • Create a safer and more secure cyberspace that underpins information system security
    priorities and promote stability of the Kenyan banking sector;
  • Establish a coordinated approach to the prevention and combating of cybercrime;
  • Up-scaling of identification and protection of critical information infrastructure;
  • Promotion of compliance with appropriate technical and operational cybersecurity
    standards;
  • Development of requisite skills, continuous building of capacity and promote a culture
    of fostering a strong interplay between policy, leveraging on technology to do business
    and risk management; and
  • Maintenance of public trust and confidence in the financial system.

Find more details on the Guidance Note here.