• Info@aganoconsulting.com
  • Call Us: +254 (20) 267-0743

Kenya: A Rough Ride towards a Knowledge Economy

Jan 26 2015

click here for a pdf version of this article.


On January 17th, 2012 Kenyans woke up to news of desecration of a number of government websites. A hacker has taken liberty to expose the weaknesses in the security of government systems, reportedly after a short tutorial. The hacker, coming from Indonesia, later even thanked Kenyan technical news sources for effectively covering the story of the hack!



Soon the blogosphere was aflame  with concerned, animated Kenyans and friends of Kenya as to how this would happen. They seemed even angrier considering the very basic nature of flaws that led to the security breaches. It is as if an untrained mechanic has been used to overhaul a car engine only for the engine to be fouled by the most amateur of mechanics.


This needs to be a wakeup call to all Kenyans, and especially those in leadership, to put in place solid processes, people and technology in defense of the motherland.


Kenya, the nation of M-PESA and other upcoming innovations, has taken major strides into the information age. Today, the country is perhaps one of the best wired on the African continent, what with a number of submarine cables that have docked on the Kenyan coast recently These, in turn, have availed cheap bandwidth and high-speed access both into and outside the country. There is a growing tech-savvy young generation perhaps best epitomized by growth of use of social media such as facebook and twitter. Even the Kenya Defense Forces communications realizes the power of such media and has made it an outlet for updates of such things as the war in Somalia!


The government on the other hand has led an onslaught on Internet providers to avail bandwidth at affordable prices. This would lower entry barriers and allow for equitable access by mwananchi who would reap attendant benefits.


These benefits are many and varied, including electronic commerce (e.g. being able to transact on the Internet), and government and private sector service delivery among others. Properly harnessed, connectivity can spur productivity, enhance effectiveness and generate economic growth. It is noteworthy that the Ministry of Information and Communications has targeted a 10% contribution to the country’s Gross National Product (GDP). .



At the launch of the first sub-marine cable Kenya lit cyberspace with substantial malicious activity as noted by leading security product company Symantec. It was akin to shining light into the darkest corner in a house where nobody had cared to clean!


In many respects, lack of high speed Internet connectivity had left the country as a safe haven where we could deploy systems without worrying whether they were secured or not. System owners didn’t have to incur added costs of security because of low risk of being hacked as the systems were largely out of reach for many a hacker on the Internet.


High speed Internet changed all this for, suddenly, a computer deployed in Nairobi can easily and quickly be reached by someone with high speed connectivity anywhere in the world. High speed Internet also means we can run more complex applications faster than we could do before such bandwidth came.


We need to realize that our commendable foray into the superhighway, presents its own risks that we appear not to be prepared for. These perils include the potential for unauthorized people to steal, alter or make unreachable information on computers that are not properly secured.


Stolen sensitive information can cause harm to the nation, business and individuals. Further risks include embarrassment in the face of the world and loss of reputation. It will not be a coincidence if, with the spread of the story on the Internet, we hear more of the same in subsequent copycat acts.


More risks are associated with fixing any security violations and damage caused by hackers.


When systems are hacked, the extent of loss can be immense not simply to companies or governments but also to countries and its nationals.



With the end of the cold war, cyberspace has become the new frontier for combat. Thus, we hear of information warfare between perceived adversaries intended for various objectives, including espionage, embarrassing target enemies and a means of staying ahead of the opponent.


The new cyber frontier has made industrial espionage easier than it was before. Why travel to distant countries seeking information from rival companies when one can “hit” several countries from a single location, targeting intended victims with a lapse in cyber defences? All one needs is some expect knowledge, exploit code and a gap in security on target systems.


In national warfare, we can take a contemporary example from our country’s foray into Somalia in search of Al Shabaab terrorists. The country is at war! And these would do anything to hurt the country and her people. They already bombed public places in Kenya, causing major damage, including taking lives.


Just imagine the Al Shabaab getting hold of information about our armed forces’ movements and attack plans! Picture further were the group able to alter the information and what subsequent confusion would ensue to well-laid out plans! And suppose further that they able to jam information access to make it impossible to communicate!


There is more!


Imagine through cyber violations they were able to track (say) the path of key security and government personnel, even the country’s leadership.


In the private sector, Kenyan banks have seen escalating losses lately. They suspect these are associated with increased use of technology. It is possible that some of these losses could be due to Internet-related security violations due hackers, be they in or outside Kenya.



All countries take seriously the risks associated with information protection. And they do so for many good reasons, including warding off information warfare and protecting the national economy.


On the economic front thinkers suggest that future economic competitiveness will be determined by how well countries use knowledge for advantage. Those that fully exploit knowledge, taking full advantage of the same, would have a competitive edge.


Knowledge is a creation from information which in turn is generated from data. It means that those that faithfully collect data, use methodical approaches to generate information and knowledge out of the date will stay ahead.


Therefore it is important that that information be accurate and authentic, that it be accessible to only those that need it and be available when required. Inaccurate data would generate false information and hence lead to misplaced decisions. Stolen information can give a competitor an edge.


Information protection remains a challenge to all countries, including developed ones. As one blogger mentioned, even some of the best protected systems like those of the US Department of Defence have been violated on more than one occasion. It is also conventional knowledge that most violations are never reported hence what we learn of may be a tip of the iceberg in cyber violations.


It is also true that no system can be 100% secure. An analogy is that of a house whose doors must be open to its residents for the house to be useful. Yet the same doors provide a vulnerability that could be exploited by burglars.



These facts should not deter action on information protection. The fact that others (and especially advanced countries) are also violated remains cold comfort for Kenya when it faces the embarrassment and potential negative impact from the desecrations of the kind reported in the press.


The practice of information protection has substantially matured. All the country and its private sector need is to take the matter seriously. Indeed, the country is lucky that it can learn from the mistakes of others whose experiences now form the body of knowledge for best practices.


At the very least an entity (a company or government) must establish what needs to be protected based on some security policy. The policy sets out governance and associated accountabilities in realizing security of the information. As well the entity must employ some best practice standards applicable to the practice of information protection and implement clear guidelines that realize the security of the information.


All people working for the entity must be trained to understand their roles in ensuring security of information. This starts with leadership, followed by everyone else. The required training must be commensurate with the roles of the people. It follows that technical people that install and maintain systems must have deep technical knowledge of security of the systems.


Like any live systems and processes, system s must be continually audited and any exposures fixed in a timely manner. Indeed, there must be ongoing monitoring for security violations (regardless of their magnitude and impact) and with necessary appropriate response. Incident management processes must be part of the security DNA of any enterprise.


For systems of interest to the public, a communication plan is always necessary. It is important that entities (be they public or private) continually keep stakeholders informed of breaches and assure the stakeholders that things are under control.



All this will not happen in a vacuum and required leadership. Today, our government has no designate information protection czar. Few companies have established the role of chief information security officer.


This leader would be a person with mandate for protection of an entity’s (government or private company) information assets. This leader would ensure there is a framework that assures the protection of information, with proper processes, and trained people assigned appropriate responsibilities; the right people in the right place.



The Internet presents opportunities for government and private sector in Kenya. The country landed cables even as it was not prepared for consequences of such connectivity. For instance, no information protection framework was in place. Information protection leadership is yet to be established, which leaves a situation where we have technical and non-technical players in the Internet space that are not prepared. It is akin to sending an untrained person to drive on the super highway, oblivious of rules of the road.


It isn’t too late but the urgency of the matter suggests prompt action.


© 2012 Matunda Nyanchama

Dr Nyanchama is an information security professional, he is the director and principal consultants at Agano Consulting Inc with offices in Canada and Kenya. He can be reached at This email address is being protected from spambots. You need JavaScript enabled to view it.. Check the 2012 Information Risk Management Course Schedule for 2012.

Read 48249 times
Rate this item
(0 votes)


  • Kendall
    Kendall Thursday, 03 March 2016 08:53 Comment Link

    Hey! Do yyou know if they make aany plugins to assist with SEO?

    I\'m trying to get my blog to rank for some targeted keywords but I\'m not seeing
    very good success. If you know of any please share.
    Thanks!Precious lady´s and also males

    an individual look for a new boom bbeach hack? Need additional boom beach gems nevertheless don´t spent a real income?

    people eliminate just about every battle due to ones
    undesirable defense? A person dro each invasion?
    This Outdated boom beach hack usually are
    patched? Therefore we now have the modern boom beach generator made!!

    Witth the boom beach hack yoou can generate wood or rock or
    perhaps a few boom beach gold.
    This boom beach gold turbine woll be 100 % malware cost-free alpong with absolve to down load
    forr many.
    Tips on how to acquire the actual boom beach hack,
    the way to use the boom beach generator andd other Commonly asked questions with rregards to
    the particular boom beach hack you\'ll be able to entirely on the
    site http://www.boombeach-hack.net
    Or youu are able to identified all tutorials in Metacafe or perhaps
    watchever. In addition to the boom beach hsck tend to be and so
    giod that water and also the playstation 3 or xbox circle need to phblished the boom
    beach generator.
    Therefore yoou need tto provide us all some feedback along
    with testimonials concerning our own boom beach hack all
    of us set plenty of
    do the job and time for your boom beach generator
    and need some cooments throughh people.
    People endhre the particular boom beach hack?
    anyone can´t crank out no cost boom beach gems?

    You cann email us upon our own page http://www.boombeach-hack.net or you\'ll
    be able to contact us in facebook or myspace
    twitting orr even on various other social support systems.

    We all desire people a thrillingg time with all the boom beach hack as well as the totally free
    boom beach gems or the particular
    boom beach gold.
    Don´t work with various other boom beach hack
    due to the fact we\'ve got really thhe only legitiimate programm to
    help compromise boom beach gold and also boom beach gems.

    A minimum of we\'ve got different hacks as well available
    for you for exambel all of us generated the modern hearthstone compromise or maybe
    the brand new candies smas soft drinks fable chop though the almost all time period in our function there was put in in the
    boom beach hack.

    Your currenbt http://www.boombeach-hack.net Team.

  • Karla
    Karla Wednesday, 02 March 2016 20:54 Comment Link

    Thanks for sharing your thoughts on opinions.
    RegardsBeloved lady´s and also men

    anyone research a whole new boom beach hack? Have to hzve much more boom beach gems but don´t invested a
    real income?
    anyone eliminate every struggle because of your ownn
    awful security? Anyone drop just about every attack?

    The actual Outdated boom beach hack tend to be patched?
    Consequently we\'ve got the modern boom beach generator made!!

    While using boom beach hack you will generate lumber or even stone
    or a number of boom beach gold.
    Your boom beach gold power generator can be 100
    % disease no cost along with liberated tto obtain for those.

    The best way tto acquire the boom beach hack, the best way to utilize
    boom beach generator and also otfher Commonly askked questions in relation to
    the actual boom beach hack you\'ll be able too available on our own webpage http://www.boombeach-hack.net
    Or maybe you\'ll be able to discovered all course witth Vimeo or maybe watchever.
    In additikn to our own boom beachh hack are usually so
    excellent that heavy steam aand also the playstation 3 or xbox network wish
    to published the particular boom beach generator.
    Therefore you should offer us a few reviews andd evaluations concerning our own boom beach hack all of us set a lot of
    operate and also time with the boom beach generator along with will need a few cooments from an individual.

    An individual end up having your boom beach hack?
    anyone can´t generate totally free boom beach gems?

    It is possible to e maiil us about our own site http://www.boombeach-hack.net oor maybe you can e-mail uus about
    myspace or about another support systems.
    Most of us wish a person a lot of fun while using the boom
    beach hack as well as the cost-free boom beach gdms or this
    boom beach gold.
    Don´t employ various other boom beach hack duue to the fact we have really the only authorizwd programm to crack boom beach gold along with
    boom beach gems.
    A minimum of we haqve additional hacks also available for you regarding exambel we all created the newest hearthstonne
    hack iinto or even
    the revolutuonary candies smash pop fable hack but the most time period of our function we put iin inside
    boom beach hack.

    Ones http://www.boombeach-hack.net Group.

  • Refugio
    Refugio Wednesday, 02 March 2016 14:29 Comment Link

    I do not evern know the way I ended up right here, however I assumeed this submit was
    once good. I do not recognise who you aree however definitely you\'re going to a well-known bloggeer in the event you arre not already.

    Cheers!Expensive lady´s and also guys

    an individual search a fresh boom beach hack? Need to have a lot more boom beach gems but
    don´t spent actual money?
    a person lose just about every combat on account of your poor protection? You lose each aand every strike?

    This Old boom bedach hack tend to be patched?
    Therefore we\'ve the newest boom beach generattor produced!!

    While using the boom beach hacck you can generate wpod or even jewel or perhaps many boom beah gold.

    Your boom beach gold turbine can be 100 % malware free and
    liberated to get for many.
    Tips on how to acquire the actual boom beach hack, how you can utilizee the boom beach generator
    and also other Common questins regarding
    the particular boom beach hack it is possible to entirely on the web site http://www.boombeach-hack.net
    As well aas it is possible to discovered almost all lessons upon Facebook or
    watchever. Along with your boom beach hack are consequently
    very good that will water and the ps3 network would like to released the boom
    beach generator.
    Therefore make sure you give all of us many reviews
    in addition to testimonials regarding each oof our
    boom beach hack we placed a lot of
    operate and time period to the boom beach generator as well as need several cooments from a person.
    You end up having the particular boom beach hack?
    you can´t generate free of charfge boom beach gems?
    Yoou possibly can contact us in our own webpage http://www.boombeach-hack.net or
    itt is possible to call us upon zynga
    twitting or about another support systems.
    Most of us want an individuzl a thrilling time while using boom
    beach hack and also the no cost boom beach gems or
    the actual
    boom beach gold.
    Don´t usse different boom beach hak because we\'ve got the sole authorized programm
    to help hack into boom beach gold and boom beach gems.

    No less than we have now other hacks way too foor you personally forr exambel
    all of us developed the new hearthstone comppromise or
    thee new chocolate grinnd soda pop saga hack into
    however the the majorityy of time your work we invested within the
    boom beach hack.

    Ones http://www.boombeach-hack.net Team.

  • Mahalia
    Mahalia Wednesday, 02 March 2016 04:26 Comment Link

    Neat blog! Is your theme custom made or did you download it from somewhere?
    A theme like yours with just a few simple adjustements would actually make my blog shine.
    Please let me know where you got your theme. Bless you

  • Lenard
    Lenard Monday, 29 February 2016 20:52 Comment Link

    It\'s nearly impossible to find experienced people about this subject, but you seem like you know what
    you\'re talking about! Thanks

  • DuNemeqoh39
    DuNemeqoh39 Monday, 29 February 2016 16:02 Comment Link

    [url=http://prednisolone.top/]buy prednisolone 5mg[/url]

  • TiPagvz4l0
    TiPagvz4l0 Monday, 29 February 2016 12:50 Comment Link

    [url=http://zithromax.space/]order zithromax online[/url]

  • Jim
    Jim Saturday, 27 February 2016 11:31 Comment Link

    I’ve been surfing online more than 3 hours today, yet I never found any interesting article like yours.
    It’s pretty worth enough for me. Personally,
    if all webmasters and bloggers made good content as
    you did, the web will be much more useful than ever before.

  • asmex3bu9vl
    asmex3bu9vl Thursday, 25 February 2016 18:39 Comment Link


  • asmexl9bj8u
    asmexl9bj8u Thursday, 25 February 2016 13:47 Comment Link


Login to post comments

We are proud to be a leading in consulting and ICT training company. We are happy to serve you. Follow us on:

Our Firm

  • What we do
  • About us
  • Opportunities
  • Opinions & News
  • Contact
  • Partners
  • Awards
  • Experience
  • Events Calendar
  • Media Gallery

Contact Info

Ufundi Plaza,
Moi Avenue
Nairobi, Kenya 00200


This email address is being protected from spambots. You need JavaScript enabled to view it.

8.00 am to 5.00 pm