Dubbed ‘The State of Cyber security in Kenya 2015’ the study shows that despite the exposure, a majority of them remain ignorant of the vulnerabilities.
On average, most medium sized organisations with over 70 employees in Kenya have at least two vulnerable computer servers and up to fifteen infected computers that were already hacked into by cybercriminals.
The most vulnerable businesses and home owners are those that have installed low cost home routers, Closed Circuit Television (CCTV) systems and public email servers on their networks.
The State of Cybersecurity in Kenya study has been carried out by cyber security consulting firm Serianu, in partnership with PKF consulting and USIU Africa.
“The vast majority of private companies and public sector organizations also remain very exposed to cybercrime and internal IT fraud,” Serianu Managing Director William Makatiani noted.
On the other hand, more than 80 per cent of Kenyans connected to the Internet are vulnerable to cybercriminal attacks.
To counter this situation, the study recommends that Kenyans who are busy installing these internet access systems in their homes and office networks must work with cyber security experts to ensure that they are not exposed.
Similarly, companies need to raise their degree of vigilance with the IT teams required to invest more time and resources in auditing their entire systems and establishing modalities to reduce breaching incidences.
The study also reports that the annual cost of cybercrime to Kenyan companies is estimated to be Sh15 billion.
The study further breaks down the losses per industry, citing the public sector as the most affected having losing approximately Sh5 billion per year followed by the financial services sector at Sh4 billion and manufacturing and industrials at Sh3 billion in third place.
The telecommunications, media and technology and other sectors are estimated to lose t about Sh2 billion and Sh1 billion respectively.
The report warns that security breaches have become more sophisticated, with many involving attacks from staff.