Effective Cyber Incident Response Capability Framework for County Governments in Kenya: a Case of Migori County.

Abstract

The increased adoption of ICT in the Kenyan County Governments has led to increased cyber incidents within the counties. Response coordination and management of cyber incidents nationally and locally is the responsibility of the National Kenya Computer Incident Response Team - Coordination Centre (KE-CIRT/CC). However, county governments are often unaware of the risk because of the assumption that the management of information systems security and addressing the risks are the responsibilities of the national government. In addition, there are new cyber incidents faced locally due to the devolved ICT-enabled infrastructures that require a localized approach. This research was informed by the two factors; increased cyber incidents and threats at the county level due to the devolved ICT-enabled services and the lack of localized cyber incident response framework to respond to cyber incidents at the county level. To address the two mentioned concerns, this study sought to develop a localized cyber incident response capability framework from a study that targeted a total population of 121 Migori County Staff. Consequently, the study adopted descriptive approaches augmented by quantitative techniques to measure the variables. A sample size of 93 was obtained using Yamane’s formula out of whom 76 responded. The study analyzed the collected data using Microsoft Excel, Google Forms, and SPSS to derive descriptive statistics and to perform ordinal regression. The study found that all the four independent constructs; policies, risk management, resources, and training, had a positive correlation coefficient with the dependent variable effective cyber incident response capability. The developed framework can be used to guide and manage cyber incident response in the county governments in Kenya.