Thought Leadership Roundtable: Policy Dialogue on Cybersecurity and Data Protection in Kenya 

KICTANet Thought Leadership Series.
Policy Dialogue on Cybersecurity and Data Protection in Kenya.
Date: 26th June 2024.


The Kenya ICT Action Network (KICTANet) in partnership with the Slovak Agency for International Development Cooperation (SAIDC) are pleased to host a thought leadership roundtable “Policy Dialogue on Cybersecurity and Data Protection in Kenya”

Background and Context

The cybersecurity and data protection landscape are constantly evolving hence necessitating continuous monitoring and knowledge exchange among key experts. In Kenya, the ever-evolving nature of cybersecurity and data protection has led to the enactment and amendment of key laws and regulations, the creation of regulatory authorities, and creation of new opportunities in the workforce. For instance, in 2019 Kenya enacted the Data Protection Act, 2019 (DPA) to give effect to Article 31 of the Constitution 2010 which provides for the right to privacy. Subsequently, the Office of the Data Protection Commissioner (ODPC), which is the office mandated to enforce and oversee the implementation of the DPA, enacted regulations in 2020 and 2021 to give effect to sections of the DPA and continues to issue guidance on compliance with the DPA. 

On the cybersecurity front, some milestones hit include the enactment of the Computer Misuse and Cybercrimes (Critical Information Infrastructure and Cybercrime Management) Regulation in 2024, to operationalize the provisions of the Computer Misuse and Cybercrimes Act, 2018 and to strengthen the role of the National Computer and Cybercrime Coordination Committee (NC4) as the leading entity in coordinating cybersecurity matters in Kenya. The establishment of the National Kenya Computer Incident Response Team – Coordination Centre (National KE-CIRT/CC), which is a multi-agency collaboration framework that is responsible for the national coordination of cyber security as well as Kenya’s national point of contact on cyber security matters is another step in the right direction.

However, despite the strides made, the cybersecurity and data protection landscape in Kenya is still marred with challenges that cut across government departments and services, organizations and personal levels. For instance, in July 2023, a DDoS attack was launched against Kenya’s e-citizen portal rendering the system inaccessible for several hours. Moreover, the National KE-CIRT/CC reported to have detected over 855 million cyber threats aimed at the heart of Kenya’s critical information infrastructure between July 2022 and June 2023. The suspension of Worldcoin operations introduces new challenges to the enforcement of the DPA and the nexus between personal data protection and AI development.

In light of the opportunities and challenges presented by cybersecurity and data protection, key stakeholders must engage in this knowledge-sharing session to share best practices, advice, recommendations, and information on opportunities and raise awareness to foster decisive and strategic intelligence and insights.

Objectives of the Roundtable Series

The objective of the roundtable is to provide a platform for key stakeholders to dialogue, engage, share best practices, and advice and make recommendations on cybersecurity and data protection. It shall also be an opportunity to strengthen networks among stakeholders to facilitate future collaboration and knowledge sharing as well as identify areas for future research and investment in cybersecurity and data protection initiatives.  

Expected Outcomes

  1. Identification of priority policy actions and development of actionable policy recommendations that enhance cybersecurity and data protection practices in Kenya;
  2. Facilitation of collaboration, knowledge sharing and networking opportunities for stakeholders from different sectors hence fostering coordinated and collective approaches to address cybersecurity and data protection challenges in Kenya.

Expected Output

It is expected that the meeting shall result in a policy brief outlining the key policy issues and proposed recommendations to various stakeholders moving forward. 

Format of the Event

The event shall be in the form of a half a-day roundtable meeting with a keynote speech followed by expert presentations, panel discussions and plenary sessions among the stakeholders present. 


The roundtable session targets 30-40 participants and will include relevant local actors drawn from government, including relevant agencies and departments, the private sector, the technical community, academia, media, development partners, civil society and other non-governmental actors. 

About the Organizers

The Kenya ICT Action Network (KICTANet) is a non-profit organization, which acts as a multi-stakeholder platform for ICT policy and regulation. KICTANet’s guiding philosophy encourages synergies for ICT policy-related activities and initiatives. As such, the network provides mechanisms and a framework for continuing cooperation and collaboration in ICT matters among industry, technical community, academia, media, development partners, and Government.

KICTANet Thought Leadership Roundtable: Policy Dialogue on Cybersecurity and Data Protection in Kenya 

Date:  26th June 2024 | Time: 0800 –1430 |  Venue: Nairobi

Time Session Facilitators
0800 – 0830  Arrival and Registration KICTANet
0830 – 0845 Welcome and Introductions Dr Grace Githaiga, KICTANet

Representative, Slovak Embassy

0845 – 0900 Overview of Workshop Objectives  Victor Kapiyo, KICTANet
0900 – 0915 Keynote Address
Session 1: Confidence Building Measures

Linda Gichohi, KICTANet, Moderator

0915 – 0930 Government Experts

Communications Authority, KE-CIRT

Representative, National Cyber Crime Coordination Committee Centre (NC4)

Representative, ICTA

0930 – 0945 Academia Representative, USIU-Africa

Representative, Strathmore University

0945 – 1000 Telecommunications Sector Representative, Huawei

Representative, TESPOK 

Representative, Safaricom 

Representative, Microsoft 

1000 – 1015 Financial Services Representative, Digital Financial Services Association of Kenya (DFSAK)

Representative, Kenya Bankers Association

1015 – 1030 Technical Community Representative, Information Security Consultant

Representative, Serianu

1030 – 1045 Civil Society ISOC Kenya

Cherie Oyier, KICTANet

1045 – 1100 Development Partners Representative, Team Europe

Representative, GIZ

1100 – 1130 Plenary Session Moderator 
1130 – 1145 Health Break
Session 2: Strategic Actions and Actors in 2024

Barrack Otieno, Moderator

1145 – 1215 Moderator

Stakeholder Groups

1215 – 1230 Group Presentations Stakeholder Groups
123 – 1300 Plenary Session  Moderator, KICTANet
1300 – 1315 Recommendations, Next Steps and Sustainability Victor Kapiyo
1315 – 1330 Closing Session KICTANet, Slovak Embassy
1330 – 1430 Networking Lunch
End of Event



Translate »