The National KE-CIRT/CC

Incident Response

Report An Incident

Report A Vulnerability

Report a child online abuse incident

Automated Alerts

Loading RSS Feed

Incident Response

Our Mandate

The Kenya Information and Communications Act (KICA) of 1998, mandates the Authority to develop a framework for facilitating the investigation and prosecution of cybercrime offences. It is in this regard, and in order to mitigate cyber threats and foster a safer Kenyan cyberspace, that the government established the National Kenya Computer Incident Response Team – Coordination Centre (National KE-CIRT/CC) which was officially launched in 2014.

The National KE-CIRT/CC is a multi-agency framework that coordinates response to cyber security matters at the national level in collaboration with relevant actors locally and internationally. The National KE-CIRT/CC, which is domiciled at the Communications Authority of Kenya, comprises of technical staff from the Authority and various law enforcement agencies.

The National KE-CIRT/CC detects, prevents and responds to various cyber threats targeted at the country on a 24/7 basis. It also acts as the interface between local and international ICT service providers whose platforms may be used to perpetrate cybercrimes, and our Judicial Law and Order Sector which investigates and prosecutes cybercrimes.

The enactment of the Computer Misuse and Cyber Crimes Act (CMCA) in 2018 has further enhanced the multi-agency collaboration framework through the establishment of the National Computer and Cybercrimes Coordination Committee (NC4). Under the CMCA, and following the enactment of the Computer Misuse and Cybercrime (Critical Information Infrastructure and Cybercrime Management) Regulations in 2024, the role of the Authority has been enhanced to include the establishment and operation of the Cyber Security Operations Centre (CSOC) for the ICT and Telcom Sector.

National KE-CIRT/CC Functions

The functions of the National KE-CIRT/CC include the following:

      • Implementation of national cybersecurity policies, laws and regulations.
      • Cybersecurity awareness and capacity building.
      • Early warning and technical advisories on cyber threats on a 24/7 basis.
      • Technical co-ordination and response to cyber incidents on a 24/7 basis in collaboration with various actors locally and internationally.
      • Development and implementation of a National Public Key Infrastructure (NPKI).
      • Research and development in cybersecurity.

National KE-CIRT/CC Services

Untitled-5

Proactive Activities

  • Carrying out national cyber security awareness
  • Cyber threat data collection and analysis
  • Cyber threat warnings and advisories
  • Technical research and development in cyber security
  • Information exchange with local and global cybersecurity constituents
  • Technical research and development.
  • Carrying out national cyber security awareness
  • Cyber threat data collection and analysis
  • Cyber threat warnings and advisories
  • Technical research and development in cyber security
  • Information exchange with local and global cybersecurity constituents
  • Technical research and development.
Untitled-4

Incident Triage

  • Determining authenticity of cyber incidents
  • Assessing and prioritizing of cyber incidents
  • Determining authenticity of cyber incidents
  • Assessing and prioritizing of cyber incidents
Untitled-7

Incident Coordination

  • Determining organizations affected by the detected cyber threat incident
  • Contact and liaison with the affected organizations to investigate and respond to the cyber incident
  • Facilitating multi stakeholder contact and collaboration to address and resolve cyber incidents
  • Sharing cyber incident response to constituents such as local and other (national) CIRTs.
  • Determining organizations affected by the detected cyber threat incident
  • Contact and liaison with the affected organizations to investigate and respond to the cyber incident
  • Facilitating multi stakeholder contact and collaboration to address and resolve cyber incidents
  • Sharing cyber incident response to constituents such as local and other (national) CIRTs.
Untitled-6

Incident Resolution

  • Support technical teams to resolve cyber incidents
  • Follow up with local security teams
  • The National KE-CIRT/CC also collects national statistics about cyber incidents.
  • Support technical teams to resolve cyber incidents
  • Follow up with local security teams

*The National KE-CIRT/CC also collects national statistics about cyber incidents.

Members & Partners