Parliament nod for regulations on cybercrime protection

Friday, April 12th, 2024 06:10 | By

Image used for representational purposes. PHOTO/BBC

The National Assembly has approved the regulations that will provide a framework to monitor, detect and respond to cybersecurity threats within Kenya’s cyberspace and ensure the protection of the critical information structure.

The Computer Misuse and Cybercrime (Critical Information Infrastructure and Cybercrime Management) Regulations, 2024 was approved after it was subjected to months of public participation exercise.

Referenced as Legal Notice No. 44 of 2024, the regulations were drafted by the National Computer and Cybercrimes Coordination Committee (NC4) to operationalize the Computer Misuse and Cybercrimes Act, 2018.

According to the Internal Security Principal Secretary Raymond Omollo the key aspects the CMCA Regulations address include protection measures for critical information infrastructure supporting critical economic sectors including telecoms, banking, transport and energy sectors; cyber-security operations management using cybersecurity operations centres; and cybercrimes management.

The regulations also stipulate how to deal with issues of scams, identity theft, hacking and internet fraud and also address the cybercrime capacity and capability building for public, businesses, government institutions, and private entities to enhance their cybersecurity preparedness and prioritize cybersecurity.

It also provides for recovery plans in the event of a disaster, breach or loss of national critical information infrastructure or any part of it.

They require that cybercrime desks be established at all police stations and the National Police Service will organize specialized training for select officers who will be deployed to these desks.

“The personnel deployed to the cybercrimes desk contemplated under regulation 67 shall undergo specialised training in cybersecurity and digital forensics to enable them to effectively respond to cyber threats or incidents,” the regulations read.

As a constitutional prerequisite, the Ministry of Interior in September last year published a public participation and consultations notice inviting institutions, organizations and individuals to review and submit their comments on the draft regulations.

NC4 also held sectoral meetings with industry stakeholders of various sectors impacted by the Regulations including ICT and Telecommunications, energy, transport, manufacturing, industry, banking, insurance, finance, electoral and judicial.