The state of cybersecurity in Africa: Kenya

Thursday 5 October 15:00 - 15:30, Red room

Tyrus Kamau (Euclid Consultancy)

Over the last 10 years, cybersecurity has become a recurrent theme within the government and private sectors across the world. With an ever-increasing number of cyber attacks being waged against countries, financial institutions and individuals, it is no wonder that it has been postulated that the next world war will be waged in cyberspace.

In Kenya, Africa, there have been reports of cyber attacks in their infancy stages despite the country having been technologically advanced for only a very short time. The proliferation of connectivity through affordable Internet has predominantly driven innovation within the technology space and it's no wonder that Kenya is among the leading countries in Africa in terms of cybercrime.

The cyber threats Kenya faces range from basic hacking such as website defacements, financial fraud, social media account hijacking; theft of government documents and cyber espionage. The frequency of these attacks has increased, and the level of sophistication is also morphing with every incident disclosed. Moreover, Kenya has been a victim of global cyber attacks from APTs such as the Lazarus Group and the Equation Group.

A recent report ( indicates that banks and other financial services are the most sought after targets by hackers, closely followed by government institutions. Also of high interest are mobile network operators who also have a key role to play in the mobile money space, which is a popular method of remittance. The same report estimates the cost of cybercrime in Kenya to be USD 175 million in 2016, an increase from the USD 150 million reported in 2015.

This presentation will cover:

  • Early forms of cyber threats within the region, with a few case studies.
  • Direct correlation between the emergence of affordable Internet connectivity and cybercrime. 
  • The sophistication of threats within the recent past and how efforts have been put in place to curb cybercrime; case studies included.
  • Regional involvement through the African Union to address cybersecurity threats and the progress so far.





Tyrus Muya Kamau

Tyrus Muya Kamau is an information security professional with 10 years experience in the field. He is the founder of Euclid Consultancy Ltd, a cybersecurity company which he started three years ago and which he runs full time. He specializes in signalling security, penetration testing and research & development in cybersecurity.

Prior to starting his own company, Tyrus held various positions in the industry, including the Africa Head of IT Security at Airtel Money at Bharti Airtel, Group Head of IT Security at Cellulant Group and an independent consultant with the Ministry of Interior; Department of Defense.

Tyrus is also one of the founding members of the AfricaHackOn, an IT security collective which brings together skilled professionals to showcase various elements of cybersecurity. He was a key consultant in the development of the National Cyber Security Master Plan (NSCMP), working with Booz Allen & Hamilton and the former ICT Board. His input saw him work with various intergovernmental bodies in line with the country's Vision 2030. The Master Plan was launched by H.E Uhuru Kenyatta, in February 2014.

Tyrus is also a part-time lecturer at Strathmore University's iLab, where he instructs the Master's degree course in telecommunication, innovation & development. He lectures on web security, wireless & mobile security. In addition, he also conducts hands-on training in cybersecurity under his firm, usually with the mLab and iHub. Tyrus was also involved in a training course organized by Interpol on prosecuting cyber crimes, as well as ISOC's training on cybersecurity and Internet freedom.


   Watch video






Other VB2017 papers

Walking in your enemy's shadow: when fourth-party collection becomes attribution hell

Juan Andres Guerrero-Saade (Kaspersky Lab)
Costin Raiu (Kaspersky Lab)

Attribution is complicated under the best of circumstances. Sparse attributory indicators and the possibility of overt…

The state of cybersecurity in Africa: Kenya

Tyrus Kamau (Euclid Consultancy)

The cyber threats Kenya faces range from basic hacking such as website defacements, financial fraud, social media account…

XAgent: APT28 cyber espionage on macOS

Tiberius Axinte (Bitdefender)

This paper provides an in-depth analysis of the macOS version of the APT28 component known as XAgent. We will dissect the…

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.