Services – NC3

As information technology is increasingly being integrated with business processes, there is an increased range of risks that could disrupt essential services, causing harm to the health of Kenyan citizens and our economy. The dynamic nature of cyber threats, the ability of cyber threat actors to operate from anywhere in the world, and the linkage…

Cyber Hygiene Services

NC3 offers scanning and testing services to help organizations reduce their exposure to threats.

Information sharing

In order to protect our National Critical Infrastructure, there is a need for information sharing

Infrastructure Security

Critical Information Infrastructure (CII) sectors were published under the Gazette Notice of 31 January 2022.

Penetration Testing

Penetration testing, also called pen testing, is the simulation of real-world cyber-attack

Risk Assessment

A cybersecurity risk assessment is a process of identifying, analyzing, and evaluating risk. It is done to ensure that the cybersecurity controls you choose are appropriate to the risks your organization faces. Without a risk assessment to inform your cybersecurity choices, you could waste time, effort, and resources. There is little point in implementing measures…

Risk Management

Risk management is the ongoing process of identifying, assessing, and responding to risk. To manage risk, organizations should understand the likelihood that an event will occur and the potential resulting impacts. With this information, organizations can determine the acceptable level of risk for achieving their organizational objectives and can express this as their risk tolerance.…

Risk Mitigation

Cybersecurity threat mitigation refers to policies and processes put in place by companies to help prevent security incidents and data breaches, as well as limit the extent of damage when security attacks do happen. Threat mitigation in cybersecurity can be broken down into three components, or layers of mitigation: Threat prevention: Best practices and policies…