This Guidance Note outlines the minimum requirements that institutions shall build upon in the development and implementation of strategies, policies, procedures and related activities aimed at mitigating cyber risk.
The purpose of guidance is to:
- Create safer and more secure cyberspace that underpins information system security priorities and promote stability of the Kenyan banking sector
- Establish a coordinated approach to the prevention and combating of cybercrime
- Up-scaling of identification and protection of critical information infrastructure
- Promotion of compliance with appropriate technical and operational cybersecurity standards
- Development of requisite skills, the continuous building of capacity and promote a culture of fostering a strong interplay between policy, leveraging on technology to do business and risk management
- Maintenance of public trust and confidence in the financial system.