Commvault’s SHIFT Roadshow made its East African debut in Nairobi this week, bringing together cybersecurity professionals, regulators and IT leaders to tackle the region’s growing cyber resilience challenge. The one-day forum focused on the risks facing Kenya’s rapidly digitalising economy and how enterprises can shorten recovery times, protect sensitive data, and make a financial case for stronger defences.
Kenya is one of Africa’s most connected markets, but the pace of its digital adoption is outstripping security readiness. The Communications Authority estimates local firms lost KSh 11 billion to cyberattacks in 2023, and detected 2.5 billion threats in the quarter to March 2025 — a 201% jump from the previous quarter. For companies running critical services online, such as airlines or banks, downtime of even weeks can cripple operations and erode trust.
SHIFT Nairobi drew on lessons from more than 40 events worldwide, with sessions exploring ransomware preparedness, AI-driven detection, regulatory compliance and boardroom-level risk conversations. Speakers warned that cloud adoption has left many firms overestimating the level of protection offered by hyperscale providers, creating a “shadow IT” gap that leaves sensitive data exposed.
Commvault’s regional VP Fady Richmany said many East African companies still take two to three months to recover from major breaches. The roadshow urged enterprises to invest in early warning systems, incident response plans, and resilience measures tailored for their sector.
Kenya’s experience reflects a wider shift across Africa: as economies digitalise, cybercrime is becoming a cost of doing business. The question for CIOs and boards is no longer whether attacks will happen but how quickly they can detect, contain and recover when they do.
