Enhancing Cyber Resilience through Adaptive Security Policies

• Thuranira Mark Linturi

  Kenyatta University

  Author

• Chemosit Nick William

  Kenyatta University

  Author

Rapid advancements in technology have led to increased cyber incidents and data breaches. This has made cyber resilience a crucial aspect of a comprehensive cybersecurity framework. Kenya has also seen a surge in cyberattacks targeting critical infrastructure and important government services. This underscores the need for a cybersecurity resilience framework based on adaptive security principles. The Directorate of Immigration and Citizen Services is crucial in providing efficient services and setting cybersecurity standards for all government agencies. This study investigates how adaptive security policies bolster cyber resilience within the Directorate of Immigration Services in Kenya while scrutinising the impact of organisational culture on both technical and non-technical aspects of cybersecurity resilience. The research design used a mixed-methods approach, including a systematic literature review and interviews with 73 cybersecurity professionals, system administrators, network engineers, and non-technical staff from the Directorate. Data collection methods included questionnaires, interviews, and forensic examination of past cyber incidents. Quantitative data was analysed using SPSS, while qualitative data underwent thematic analysis. The study reveals that the Directorate of Immigration Services uses advanced technologies and methods to address cyber threats. However, challenges remain in identifying, addressing, and recovering from these incidents. Organisational culture is vital in promoting cybersecurity awareness and practices among employees. To enhance cyber resilience in the Directorate of Immigration Services and throughout Kenya, a comprehensive strategy is needed. This strategy should include promoting awareness, providing targeted training, reviewing policies, and implementing cutting-edge technologies. The research also suggests developing a national cyber resilience framework, adopting an adaptive security approach, fostering a security-first culture, prioritising cyber resilience training, implementing a comprehensive risk management framework, and establishing standardised incident reporting and response mechanisms to ensure cybersecurity resilience in Kenya.

1. Thuranira Mark Linturi, Kenyatta University

   Thuranira Mark is a public sector professional and PhD student at Kenyatta University's Department of Public Policy and Administration.  His study focuses on "Managing the Commons and the Sustainability of Kenya's Blue Economy," which examines how policy and governance frameworks can protect marine and aquatic resources.  He has written for peer-reviewed academic journals and is dedicated to improving evidence-based approaches to environmental policy and sustainable development in Kenya.

2. Chemosit Nick William, Kenyatta University

   Nick Chemosit is a Ph.D. candidate in Public Policy and Administration at Kenyatta University who also works in the public sector.  His dissertation thesis, titled "Policy Networks and the Shaping of Climate Security in Kenya," looks into how inter-institutional collaboration affects climate-related security policies.  He has written in peer-reviewed publications and is dedicated to connecting academic research and public policy to increase Kenya's resilience to climate change.

• pdf

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.