Critical Infrastructure is any physical, cyber systems, and/or assets that are vital to the Kenyan Citizens that their incapacity or destruction would have a debilitating effect on our physical, economic, public health or safety.

Critical Information Infrastructure (CII) sectors were published under the Gazette Notice of 31 January 2022. Section 9 (1) & (2) of the Computer Misuse and Cybercrimes Act 2018 confers the NC4 Director with the powers to designate critical information CIIs in Kenya.

The identified CII Sectors are listed below.

  • Telecommunication sector
  • Electoral, judicial, education, health, food, water, and land sector
  • Energy, transport, and industry sector
  • Banking and finance sector
  • Defence, security, and public safety sector