The National KE-CIRT/CC

Incident Response

Our Mandate

In order to mitigate cyber threats and foster a safer Kenyan cyberspace, the Kenyan government established the National Kenya Computer Incident Response Team – Coordination Centre (National KE-CIRT/CC), which is a multi-agency collaboration framework that is responsible for the national coordination of cyber security as well as Kenya’s national point of contact on cyber security matters. This in accordance with the provisions of the Kenya Information and Communications Act 1998 (as amended), which mandates the Communications Authority of Kenya with developing a national framework for the investigation and prosecution of cybercrimes.

The National KE-CIRT/CC detects, prevents and responds to various cyber threats targeted at the country. The National KE-CIRT/CC commenced round-the-clock operations since August 2017 and currently runs operations on a 24/7 basis.

The National KE-CIRT/CC is equipped with state of the art systems that facilitate national cyber threat detection; prevention and cyber threat analysis; as well as cybercrime investigations including digital forensics and the preparation of digital evidence for prosecution.

National KE-CIRT/CC Functions

The functions of the National KE-CIRT/CC include the following:

      • Implementation of national cybersecurity policies, laws and regulations.
      • Cybersecurity awareness and capacity building.
      • Early warning and technical advisories on cyber threats on a 24/7 basis.
      • Technical co-ordination and response to cyber incidents on a 24/7 basis in collaboration with various actors locally and internationally.
      • Development and implementation of a National Public Key Infrastructure (NPKI).
      • Research and development in cybersecurity.

National KE-CIRT/CC Services

Untitled-5

Proactive Activities

  • Carrying out national cyber security awareness
  • Cyber threat data collection and analysis
  • Cyber threat warnings and advisories
  • Technical research and development in cyber security
  • Information exchange with local and global cybersecurity constituents
  • Technical research and development.
  • Carrying out national cyber security awareness
  • Cyber threat data collection and analysis
  • Cyber threat warnings and advisories
  • Technical research and development in cyber security
  • Information exchange with local and global cybersecurity constituents
  • Technical research and development.
Untitled-4

Incident Triage

  • Determining authenticity of cyber incidents
  • Assessing and prioritizing of cyber incidents
  • Determining authenticity of cyber incidents
  • Assessing and prioritizing of cyber incidents
Untitled-7

Incident Coordination

  • Determining organizations affected by the detected cyber threat incident
  • Contact and liaison with the affected organizations to investigate and respond to the cyber incident
  • Facilitating multi stakeholder contact and collaboration to address and resolve cyber incidents
  • Sharing cyber incident response to constituents such as local and other (national) CIRTs.
  • Determining organizations affected by the detected cyber threat incident
  • Contact and liaison with the affected organizations to investigate and respond to the cyber incident
  • Facilitating multi stakeholder contact and collaboration to address and resolve cyber incidents
  • Sharing cyber incident response to constituents such as local and other (national) CIRTs.
Untitled-6

Incident Resolution

  • Support technical teams to resolve cyber incidents
  • Follow up with local security teams
  • The National KE-CIRT/CC also collects national statistics about cyber incidents.
  • Support technical teams to resolve cyber incidents
  • Follow up with local security teams

*The National KE-CIRT/CC also collects national statistics about cyber incidents.

Members & Partners