Kenya is facing a mounting cybersecurity crisis as global cybercrime costs are projected to soar to 10.5 trillion US dollars in 2025.
Locally, the country detected 4.5 billion cyber threat events between April and June this year, an 80 per cent jump from the previous quarter.
Speaking at the 2025 Cybersecurity Conference on Monday, October 6, in Nairobi under the theme “Cybersecurity: A Global and Urgent Priority,” NCBA Insurance Group (NCBA-IG) and industry leaders called for bold action to strengthen Kenya’s digital resilience.
They warned that cyber risks can no longer be seen as distant concerns but as immediate threats to businesses, economies and livelihoods.
“Cyber threats are no longer distant. They are real, immediate and affect businesses of every size and sector,” Stella Njunge, the Managing Director and Chief Executive Officer of NCBA Insurance Company Ltd said.
Njunge revealed that NCBA-IG had invested Ksh 542 million between September 2024 and September 2025 to strengthen systems protecting customer data and ensuring resilience against cyberattacks.
“We are proud to be Kenya’s only licensed cyber insurance underwriter, ensuring clients are protected, supported and resilient when incidents strike,” she said.
The conference brought together regulators, policymakers and business leaders to discuss how to integrate cybersecurity into corporate strategy and national priorities.
“Cyber risk must be treated as enterprise risk. Boards need to integrate it into their strategy and reporting to safeguard investors and regulators,” Willie Oelofse, Director at ALN Kenya, Anjarwalla and Khanna said..
Alice Njoroge, the Director of the Insurance Institute of Kenya, stressed that the threat landscape had evolved beyond traditional IT concerns.
“Cybersecurity is no longer an IT issue, it is a leadership imperative. Protecting trust means protecting livelihoods, businesses and economies,” she said.
Brian Ombui, the Assistant Manager of Enforcement at the Insurance Regulatory Authority, added that cyber resilience is fundamental for growth.
“In today’s digital economy, cyber resilience is not optional. It is the foundation of trust and growth,” he said.
Dr Ben Kajwang, the Director and Chief Executive Officer of the College of Insurance, described the moment as historic, highlighting the growing role of cyber insurance in managing risk.
“This conference comes at a defining moment. The discussions we are having today will shape how Kenya builds cyber resilience for the future,” he said.
“Across Africa, bold initiatives are underway to place cyber insurance at the heart of risk management for enterprises of all sizes. Just like motor insurance is compulsory, we foresee cyber insurance becoming essential for every business as digital risks continue to rise,” he added.
Cyber threats
John Gachora, the Group Managing Director of NCBA Group, emphasised the inevitability of cyber threats, urging firms to be proactive.
“When it comes to cyber risks, it is not a matter of if, it is a matter of when,” he said.
Gachora outlined NCBA’s customer-centric focus for the year.
“Our 2025 mission is clear: customer obsession. This means anticipating unseen threats, protecting futures and walking every step of the journey with you. We have made robust investments in our infrastructure to ensure our people and customers are fully equipped to face today’s cyber realities,” he said.
He added that combating cybercrime requires collective action.
“Hackers are getting smarter and exploiting vulnerabilities. This is why cyber resilience must be tackled as both a national and industry priority,” he said.
NCBA-IG has made cyber cover a core product, offering services such as 72-hour first response, forensic investigation, business continuity and crisis communications, as well as liability and regulatory compliance. These measures aim to give customers confidence in an increasingly digital world.
Leave a comment