The Central Bank of Kenya (CBK) has unveiled the Banking Sector Cybersecurity Operations Centre (BS-SOC), a landmark initiative aimed at safeguarding the financial sector against escalating digital threats. Positioned as a central defence hub, the BS-SOC reflects CBK’s proactive stance in protecting Kenya’s financial ecosystem while enhancing resilience against increasingly sophisticated cyberattacks.
This initiative forms a key pillar of the Computer Misuse and Cybercrime (Critical Information Infrastructure and Cybercrime Management) Regulations, 2024, and aligns with the CBK Strategic Plan for 2024–2027. By embedding the BS-SOC within its Cyber Fusion Unit, CBK is ensuring a coordinated approach to addressing threats while strengthening oversight of financial institutions’ compliance with new cybercrime regulations.
The BS-SOC will offer critical services including Cyber Threat Intelligence, Incident Response, Digital Forensics, and Cyber Investigations. These capabilities will equip Kenya’s banking sector with real-time monitoring and response mechanisms that are vital in countering sophisticated cyber threat actors. At the same time, the initiative underscores the regulator’s resolve to ensure financial institutions not only comply with regulatory requirements but also build robust defences for long-term sustainability.
Importantly, CBK has initiated work to harmonise the existing Commercial Banks Cybersecurity Guidelines of 2017 and Payment Service Providers Cybersecurity Guidelines of 2019 with the newly enacted 2024 regulations. In the interim, regulated institutions are required to comply with both sets of requirements concurrently, while ensuring that all cybersecurity incidents are reported to the BS-SOC within stipulated timelines. This dual compliance underscores the regulator’s firm approach in enforcing vigilance across the sector.
CBK has also stressed that the success of the BS-SOC hinges on industry-wide collaboration. The central bank has called on all stakeholders to play an active role, noting that shared responsibility and cooperation are critical in mitigating sector-wide risks. With cybercrime evolving at unprecedented speeds, collective action remains essential in protecting the integrity of Kenya’s banking ecosystem.
The launch of the BS-SOC marks a pivotal moment in Kenya’s financial landscape, positioning CBK as a leader in regulatory innovation and cybersecurity resilience in Africa. At a time when cyber threats are not only persistent but also increasingly complex, this initiative sends a clear message: the protection of Kenya’s banking sector is a national priority, requiring vigilance, compliance, and unity across the industry.
