Kenya Establishes National Cybersecurity Agency Amidst Escalating Cyber Threats
In a decisive move to fortify its digital economy, Kenya has officially established the National Cybersecurity Agency (NCSA). This autonomous body, approved by Parliament on June 22, 2026, is mandated to coordinate and regulate the nation’s cybersecurity efforts, a critical step in safeguarding critical infrastructure and enhancing responses to a rapidly growing volume of cyberattacks.
The establishment of the NCSA represents a significant milestone in strengthening Kenya’s digital security architecture, operating under the leadership of President William Samoei Ruto. The agency’s primary objective is to prevent, detect, and respond to cyber threats, including online fraud, ransomware attacks, and data theft, which pose increasing risks to economic security and public trust.
As reported by the Ecofin Agency, Kenya recorded a staggering 12.5 billion cyber threats in 2025, marking a substantial 247% surge from the preceding year. This alarming statistic underscores the urgent need for a centralised and robust cybersecurity framework.
The NCSA will play a pivotal role in fostering collaboration among government entities, industry stakeholders, academic institutions, and international partners. This collaborative approach is essential to ensuring that Kenya’s burgeoning digital economy remains secure, resilient, and trustworthy. According to Dr. Raymond Omollo, Principal Secretary at the Ministry of Interior and National Administration, the agency will “enhance collaboration between government, industry, academia and international partners, ensuring our growing digital economy remains secure, robust and trusted.”
Key responsibilities of the NCSA will encompass the implementation of national cybersecurity policies, the certification of critical infrastructure resilience, the oversight of the national cybersecurity operations centre, and the establishment of a dedicated centre of excellence for research and training.
This initiative aligns with the Kenyan government’s broader strategy to leverage digital technology as a catalyst for economic and social development. Kenya has already garnered international recognition for its cybersecurity efforts, ranking 21st globally and third in Africa in the 2024 Global Cybersecurity Index, with notable strengths in cooperation, capacity development, and organisational governance.
Despite these advancements, challenges persist, particularly in refining regulatory frameworks and bolstering technical capabilities. The Communications Authority of Kenya’s data highlights the severity of the threat landscape, with the 12.5 billion detected cyber threats in 2025 serving as a stark indicator.
In parallel, the Kenyan government launched the Kenya Cyber Resilience (KCR) project in January 2026. This initiative, supported by €454 million (approximately $3.5 million) in funding from the European Union, aims to enhance the security, resilience, and reliability of the country’s digital ecosystem. For legal and compliance professionals, investors, and corporate executives, the establishment of the NCSA signals an evolving regulatory environment and an increased focus on cybersecurity compliance, risk management, and the protection of digital assets within Kenya.
