[Column] Tunde Abagun: Securing Kenya’s Digital Superhighway
In the heart of the Kenyan digital revolution, a disquieting reality looms: the rising tide of cyber threats relentlessly targeting the nation's critical data infrastructure. It's a concern that transcends borders, leaving no entity or individual untouched, for in this era of interconnectedness, a digital security threat facing one is an attack on all.
The aftermath of the high-profile cyber-attack, attributed to the Anonymous Sudan hackers, still resonates through Kenya's digital landscape. Additionally, recent cyber incidents, notably distributed denial-of-service (DDoS) attacks, affected the country's internet and mobile payment platforms and temporarily rendered digital public services on eCitizen unavailable. They occurred at a time when the government was ramping up digital public service offerings. Not even M-Pesa, a leader in digital payments which saw a staggering Sh1.3 trillion in transactions in the last financial year, was spared.
As Kenyan Citizens and residents increasingly turn to digital channels for services, they demand a digital backbone they can trust, one resilient in the face of relentless cyber assaults.
The Security Threat to Kenya
The scale of the threat is astonishing. Reports from the Communications Authority of Kenya reveal a staggering 123,899,936 cyber threat events detected between July and September 2023. These attacks came in various forms - 7,514,964 were malware threats, 106,603 web application attack attempts, 5,101,538 brute force attacks, and 111,149,684 system attacks.
No sector or entity is safe, with Government, cloud and infrastructure service providers, education institutions, and end-user devices all caught in the crosshairs. What is clear is that, the responsibility for Kenya's cybersecurity should be an all-encompassing one, taken on by government, business, and individuals.
At Nutanix, we believe that technology complexity creates vulnerability. Complexity can be the foundational enemy of information security in modern data centres. As a software company, we must make it imperative that businesses and governments globally trust us to create infrastructure and clouds invisible, which means boosting cyber resilience to run apps and data anywhere securely.
Simplify your Platform, Adopt Security by Design
But what do we mean by this? Thanks to digital transformation, data explosion, an avalanche of new applications, and the increasing push to develop innovative products and get them to market as quickly as possible—IT landscapes have become infinitely more complex. Traditional, siloed operating models and tools can't keep up. They're slow, complicated, expensive and require specialised skills. What enterprises need today is a consistent operating model that delivers a unified approach to managing disparate environments.
For example, Nutanix pioneered hyperconverged infrastructure (HCI) to break down legacy silos by merging compute, storage, and networking into a single, easy-to-use datacentre platform. Now, as the cloud has emerged as a critical component of IT infrastructure, we are breaking down silos again, this time between on-premises, cloud, and the edge. We call this the hybrid multicloud.
Security in the hybrid multicloud begins with a robust infrastructure foundation. This is where the right technology platform can provide operational and financial value and aid in improving security posture and preventing data breaches by supporting a defence-in-depth approach for hybrid cloud security.
For us at Nutanix, we address this by making security a foundational aspect of product design, starting with security hardening practices (like data-at-rest encryption, comprehensive access controls, etc.) built into our enterprise cloud platform. Industry best practices and government standards are incorporated into an automated configuration monitoring and self-healing process that supports compliance goals. Conducting strict tests for common vulnerabilities and delivering frequent patch releases minimises the risk of data breaches. Further, inconsistencies are logged and reverted to the baseline, ensuring consistency of security configuration.
Automate Platform Software Updates
The automation of updates is paramount as it ensures that patches are applied non-disruptively as soon as they are released so they can help resolve specific software vulnerabilities. This can be achieved with a system that supports one-click patching across your distributed storage platforms, hypervisors, critical OS, and databases and lets users upgrade software and hardware components easily and from anywhere without downtime.
A recent survey found that 46% of on-premises databases worldwide contained known vulnerabilities due to a lack of patching. That leaves databases - and the data they manage - at risk of infiltration and ransomware attacks. Organisations can't afford to overlook database patching, no matter how time-consuming the process may be.
Zero Trust Security Architecture
Zero Trust is a security design philosophy that assumes that any network, application, server, or user could be compromised versus designating trusted and untrusted categories of assets; therefore, we must design our security protocols around that assumption. At Nutanix, we believe this must be delivered through advanced network security inside the data centre, providing application visibility and protection from the spread of cyber threats like ransomware.
Notably, networks and applications can easily be segmented via a software-defined policy without any additional hardware or complex network configurations. Native network microsegmentation functionality provides a discovery, visualisation, and policy enforcement model that simplifies and automates the application of granular network policy (microsegmentation) between VMs.
Policy is the new network security perimeter. And microsegmentation is the key to applying "Zero Trust" at the network level. A fine-grained network policy limits applications and users to access ONLY needed resources - preventing the spread of malware or ransomware. With this, you gain a centralised security view where you receive alerts to vulnerabilities in your VMs and help with future planning.
Maintain Regular System Backups
Another aspect to consider is that unplanned outages can result in losses of over $9,000 per minute, loss of productivity and negatively impact business and national reputation. The problem is that disparate backup and DR solutions lead to greater complexity, higher costs, and reduced reliability.
To ensure business continuity, CIOs must adopt simple yet highly resilient systems with efficient snapshot, cloning, and replication capabilities to provide a higher level of protection at a lower cost. Data protection and disaster recovery solutions can't be a one-size-fits-all. To achieve your RPO and RTO objectives, you need to ask your tech provider to help you tailor your system. Working within this remit and deploying our technologies to help combat these challenges, we have helped customers restore operations 67% times faster and deliver uninterrupted operations.
In addition, Nutanix believes it is imperative to help customers protect business-critical apps. We achieve this by slashing downtime events by as much as 85% and keeping applications online during planned or unplanned events.
Real-time Data Security and Visibility with Compliance, Audit, and Reporting
Notably, security is never one layer in your business. For real hybrid multicloud security, you must rely on systems that offer visibility, assist with policy management, perform configuration audits, and validate compliance.
This can be achieved through automated security audits to detect and fix infrastructure security vulnerabilities and configuration errors, enabling security admins to create automated policies to remediate vulnerabilities in real time. From a compliance point of view, ensure your system can validate compliance levels within regulatory guidelines such as PCI-DSS, HIPAA, NIST, etc.
And check your data by analysing what you have stored, how it’s consumed and how it grows over time. Also, always set up systems to define and detect usage anomalies, receive real-time alerts and execute automated responses when anomalies occur while putting audit trails in place. Real-time analytics will help security teams tier, analyse, and find frequent/infrequent/rarely accessed data to lower your object storage cost.
Getting Security Right
If we look at all these proposed strategies, they perfectly align with Kenya's National Computer Incident Response Team, Coordination Centre Cybersecurity guidelines. In short, with the right systems in place, the country can avoid and mitigate future threats and safeguard the National Brand.
But you don't just need systems for a vendor to assist Kenyan governments and businesses in improving their security posture throughout the cloud and the datacentre - you need boots on the ground. With this, we have recently launched our in-country operations in Kenya so we can be part of the solution, and provide a local team to support Kenya in its journey to cyber resilience. Ultimately helping the country to anticipate, withstand, recover from and adapt to cyberattacks.