Africa Business Communities
[Startup Interview] Ian Mutua, Managing Director, Vigil CyberSec Inc, Kenya

[Startup Interview] Ian Mutua, Managing Director, Vigil CyberSec Inc, Kenya

Ian Wambua Mutua  is the Chief Information Security Officer (CISO) at  Vigil CyberSec Inc. , a Kenyan based startup providing cybersecurity and consulting services across the region to protect organization's systems, programs and networks from cyber-attacks. A  report  released recently snow that cybercrime has become a disaster in Africa and is now the modern day threat to many business enterprises.

Ian talked to Africa Business Communities on his business journey and shed more light on cybersecurity and why it is important for organizations to be secured.

 Would you please introduce your company?

Vigil CyberSec Inc. is an upcoming and fast-growing Cybersecurity and consulting services provider in East Africa based in Nairobi, Kenya. Our goal is to help enterprises design and incorporate security into their IT infrastructure in a manner which supports the enterprises business strategy for Corporate Organizations, Government Institutions, Financial Institutions, Learning Institutions, Healthcare facilities, leading and upcoming Companies. Officially launched and commissioned in February 2018, operations begun on September 2017. Our major service being cybersecurity consultation and awareness training; we do offer vulnerability and penetration testing (VAPT), Computer and Mobile Forensics, cybersecurity risk assessment and analysis, finally CCTV & Integrated Video Surveillance systems solutions.

Where is your company located?

We are currently located in Development house 2 nd floor, Nairobi CBD, Moi Avenue Street, Kenya.

Where did you get the funding for your startup?

We as the company directors managed to acquire the initial startup capital from some of our savings acquired from our employment years albeit barely meeting the minimum threshold required. That together with a few monies acquired from various small cybersecurity services and projects that we did before officially launching Vigil as a wholly limited company, became our stepping stone in terms of funding for us.

What are some of the major challenges you encounter when you were starting and how did you overcome them?

As stated above, our savings were but only a bare minimum and incomplete to get things running especially ICT infrastructure which have quite the price tag but through God’s grace and favor, hard work and effort put, we succeeded in getting to our feet eventually.

Initially, we were 2 of us and this was quite strenuous as we both were every department in the company, be it marketing, HR, Support staff, procurement and Managing Directors. Over time however, we have managed to gunner 5 permanent employees and 2 casual employees and counting steadily as a result of increased work load and clientele.

Nearly all start-ups face the same challenge of acquiring new clients and specifically gain their trust and dealing with existing major industry players competition. It has and still is a challenge for us to get new clients especially basing the fact that we are a Cyber Security company and our job is mainly penetrating and securing client’s systems and infrastructure. Thanks to referrals from our already existing clients, we have managed and still managing to get new inquiries on a nearly day to day basis. 

In very simple terms, what is cybersecurity and why is it important for organizations / businesses to be secured?

It’s simply the practice of protecting systems, networks, and programs from digital attacks that are aimed at accessing, changing, or destroying sensitive information; extorting money from users; or interrupting normal business processes.

Everyone relies on critical infrastructure like power plants, hospitals and financial service companies, thus securing these and other organizations is essential to keeping our society functioning.

What motivated or inspired you to venture into the cybersecurity business?

My partner and Senior Security analyst and I having worked in this industry previously for over 5 years, were perturbed by literally how ignorant and unaware users and companies were with their security. Systems, mobiles, network and IoT were a means to an end in successfully and easily acquiring root privileges of their devices and manipulating them thus a growing and urgent need of someone to step up in that gap and enrich them on how to be cyber aware in this ever-growing unsecure cyberspace. With that, we were able to come up with our company slogan ‘care to be aware!’

Who are your clients and Partners? 

With Our Major Clients being Financial Institutions and Corporates, the following are some of our clients:

a) Nes Capital Financial Services Limited

b) Metropolitan Motor Vehicle Accessors Limited

c) Fig Tree Health Options- Kericho


e) Cytonn Investments limited


g) World Vision

Consulting and training services:

h) Kenya Railways

i) ICT Authority

j) LSK (Law Society of Kenya)


Our Partners:

a) Ataata - American Company

b) Kaspersky Labs

c) Symantec


e) Intel Security

What would you say is the reason for increased cybercrimes in Africa and what can organizations do to not fall victims?

It’s Simple and straight-forward:

  • Ignorance being the major point from both vendors and clients/users
  • Lack of user creation awareness programs and trainings in place
  • Inadequate Cyber security sensitizations campaigns in place
  • Lack/inadequate funding to purchase high end equipment for companies as observed from the more developed countries thus resulting to second-hand outdated devices vulnerable to all sorts of attacks.


Suggested Solutions:

  • It’s high time the general public start paying more attention to what is trending currently in the cyberspace and observe safety methods however minor it may seem like e.g. it will not cost a user much to purchase a proper premium antivirus software solution for both mobile and desktop; with that ‘small’ act, a secure and free cyberspace for all plus avoiding attacks such as identity theft, ransomwares, viruses, trojans, worms, malware etc.
  • It’s mandatory that user awareness and sensitization campaigns are enhanced via all possible platforms, be it social media, print media, audio-visual media and industrial user-training platforms (as offered here at Vigil CyberSec Inc through our ‘Ataata Platform’). Organizations are objected to conduct such programs and policy trainings internally to their relevant ICT staff who will in turn train the rest of the staff in readiness to combat Social Engineering and phishing tactics.
  • If organizations lack the relevant funds to acquire high-end secure devices e.g. routers, Mainframe PC’s, firewalls … then, they should ensure the devices owned are regularly updated and patched, serviced, maintained and monitored frequently.


How has the market respond to your services?

We have had a steadfast and surprisingly rapid growth response and self-awareness observed over time as more and more users continue to be cyber aware albeit the alarming increase of cyber-attacks observed in Kenya and Africa as a whole. As challenging as the market has been, more and more cyber security companies continue to emerge, cyber-security conferences and summits have also played a key role in making the market formidable to its key plays.  

There are many ICT companies that offer cybersecurity services, what would you say gives your company the competitive edge?

We believe that we offer the best custom-made, interactive and fun user awareness training platform out there, which gives us a great competitive edge over the rest of the ICT cybersecurity companies.

What is your current business threat?

The need for hiring local Specialized, talented and skilled personnel relevant to the cybersecurity field continues to be a challenge for us thus proving to be a major business threat in terms of growth of the company. We have to apply for international assistance at hefty costs in matters of cyber security.   

What is the latest news from your company?

We are currently in preparation with one of the biggest and leading international cybersecurity companies in the world early or mid-2019. This will be a major partnership on our part that will see us as one of the leading industry players in cyber security in East Africa and Africa.

We are also set to relocate offices to a more spacious and conducive environment in Westlands, Nairobi by the beginning of 2019.

What are the ambitions of the company going forward?

We are keen in developing clear frameworks and policies that will help us in cyber security planning and assessment, technology deployment, workforce management, training and change management in Africa.

Across the entire ambit of Cyber-defense spectrum, we are keen on developing and making the most of advanced security tools to be used in Africa and ultimately the entire World. 

Last but not least, what would you say is the future of cyber security in Africa?

Cybersecurity in Africa is on the exponential rise as more and more people embrace cybersecurity awareness via numerous seminars, trainings and boot camps in Africa; also, institutions offering cyber-related courses; organizations, companies, Hospitals and Governments investing heavily in matters cybersecurity and finally, rapidly emerging ICT cybersecurity companies in Africa indicating that the future is not bleak at all for the Cybersecurity sector.


Also Read:

[Startup Interview] Jonathan Kgatshe, CEO Myteksonic, South Africa

[Startup Interview] Kennedy Mwaura, CEO, EWYN, Kenya

[Startup interview] Mary Mwangi, Founder and CEO, Data Integrated Limited, Kenya

[Startup Interview] Tomiwa Majekodunmi, CEO, NASPA, Nigeria

[Startup Interview] Fredrick Kirui, Director, AfricaSokoni, Kenya 


Africa Business Communities is conducting a series of interviews with startup businesses in Africa.

Are you a startup in Africa and interested in an interview? Great! Send an e-mail to



Share this article