The Central Bank of Kenya (CBK) has launched the Banking Sector Cybersecurity Operations Centre (BS-SOC), a national hub to strengthen cyber defense within the financial industry.
The BS-SOC is a core part of the implementation of the Computer Misuse and Cybercrime (Critical Information Infrastructure and Cybercrime Management) Regulations, 2024, and aligns with CBK’s Strategic Plan 2024–2027.
Also read: Kenya Detected 2.5 Billion Cyber Threats in Q1 2025
The centre, operating under CBK’s Cyber Fusion Unit, will deliver advanced cybersecurity functions including cyber threat intelligence, incident response, digital forensics, and cyber investigations. According to CBK, the move addresses mounting threats from increasingly sophisticated cyber actors targeting critical financial systems.
In parallel, CBK has started harmonizing the Commercial Banks Cybersecurity Guidelines 2017 and the Payment Service Providers Cybersecurity Guidelines 2019 with the new 2024 regulations.
Until the alignment is complete, all regulated institutions must continue complying with both sets of requirements. They are also mandated to report cybersecurity incidents to the BS-SOC within the timelines outlined in the CMCA Regulations.
Also read: Kenyan Authorities Accused of Planting Spyware on Filmmakers
CBK emphasized that the success of this initiative hinges on full cooperation between financial institutions and regulators. “Collaboration across the ecosystem is critical to safeguarding Kenya’s banking sector from persistent and evolving cyber risks,” the regulator noted.
The establishment of the BS-SOC signals a decisive step in strengthening resilience of Kenya’s financial infrastructure against cybercrime, reinforcing regulatory oversight while boosting operational preparedness.
About Author
