Kenya’s fintech sector has been booming, but it’s facing a new challenge; cyber threats. Cyber criminals are using advanced tactics to target businesses, especially in the financial sector and digital infrastructure.
In the past year alone, Kenya experienced a staggering 860 million cyber incidents, with 123.9 million threats in the three months leading up to September. Fintech companies are dealing with sophisticated attacks like phishing, data breaches, and ransomware campaigns.
The attacks not only hit digital infrastructure but also affected public and private institutions, including Kenya Power and Lighting Company, Kenya Railways Corporation, and the National Transport and Safety Authority, impacting digital banking and mobile services.
As financial institutions increasingly rely on technology, they become more vulnerable to manipulative trading practices. The use of wealth management apps on mobile and cloud-based services has led to a rise in attacks like Distributed Denial of Service (DDoS), ransomware, and phishing.
To tackle these threats, fintechs are implementing strategies like two-factor authentication and awareness campaigns. However, the skills gap in cybersecurity remains a challenge, making it difficult for organizations to find and retain experienced professionals.
Businesses are taking measures such as installing firewalls, creating backups, encrypting data, and providing regular employee cybersecurity training to minimize the risk of cyber-attacks.
In response to the growing threats, Kenyan fintech firms are strengthening their defenses. The government is also taking steps, partnering with organizations, implementing cybersecurity laws, and establishing a data protection office to safeguard data privacy.