NAIROBI, KENYA: Lack of cyber security skillsets makes Kenyan businesses easy target for both local and international hackers, a report has revealed.

The latest report by cybersecurity firm Serianu shows the cost of cybercrime in Kenya in 2018 was Sh30 billion, but organisations could lose more in the coming years because, “With the cost of cybercrime increasing every year across Kenya, this is still a challenge to the nation”.

The report indicates only 1700 cyber security skilled professionals are certified in Kenya with 60 per cent of companies set to experience a shortage of cybersecurity professionals this year especially at senior and mid-management levels.

Impact of cybercrime: Corporate vs Individual. (Source: Serianu Report 2019)

It notes that firms recruiting cyber security professional face two key challenges, which are lack of solid experience among the recruits and high remuneration rates.

What is more, companies that hire security professionals tend to miss the mark.

“Some companies in Kenya who hire security skillsets fail to understand the strength of the skillsets hence confer all roles to an individual. For example, an IT administrator with little or no training on security is conferred the role of the security engineer in an application development company.” It reveals.

Moreover, there was an increase in organisational spend in cybersecurity from 2017 to 2018. The report indicates that 26 per cent of the respondents said they spend above a million shilling on the same.

However, the firm says, “Kenyan companies are reluctant to develop the skillsets of their security team through frequent training and certifications. This is due to the fact that information security is still seen as an expense rather than a return on investment”.

The report is based on feedback from over 300 IT and security professionals in the country.