NAIROBI, May 14 (Xinhua) -- Kenyan security experts on Tuesday called for cyber security investment to narrow the skills gap and avert the growing number of cybercrime related losses.
Joseph Mathenge, chief operating officer of Serianu, a cyber security company, said losses from cybercriminal activities in Kenya rose to 2.95 billion shillings (29.50 million U.S. dollars) in 2018, a scenario he attributed to a shortage of skilled personnel to deal with the perpetrators.
"Kenya recorded unabated losses from cybercrime in the year 2018, underpinned by lack of skilled professionals," he said.
"In order to keep up with what is a rapidly evolving environment, institutions must train their staff on the emerging ICT trends and equip them with the necessary tools and techniques to identify and deal with the hackers," said Mathenge said during the launch of a cyber security report in Nairobi.
According to the report, the demand for skilled personnel stood at 10,000 people while the total population of professionals countrywide was less than 20 percent, at under 2,000.
The report reveals a weak verification process that was caused by staff with inadequate technical skills, which was potential to exposing the systems to malicious hacking.
"Organizations within Kenyan public and private sector suffered a 40 percent higher financial damage from 2.1 billion shillings lost in 2017 even as they spent higher budgets on hiring more IT security personnel," added Mathenge.
The report further notes that cyber criminals continued to target financial institutions due to insecure system implementation and a shortage of technical personnel.
"The biggest target remained the financial services sector, with banks, Saccos and insurance firms leading the pack," the report further reveals.
Computer fraud, business email compromise and cheque fraud were the leading methods of cybercrime, losing 2.3 million dollars, 1 million dollars and 700,000 dollars respectively, with identity theft coming a close fourth at 660,000 dollars.
Auditor General Edward Ouko, who officially launched the report, called on the government to create a more structured legislative framework to improve its online defenses in the coming years.
"Fight against cybercrime cannot be left to information technology departments alone, it requires multispectral approaches both in government institutions and in the private sector," he said.
He added that most organizations are yet to appreciate the enormity of the need to protect their information assets and for institutionalizing of cyber security in academia to inculcate the good values in early stages.
"There is need to start spreading the skills early enough within our technical and vocational training institutions such as polytechnics," he said.