Cybersecurity Threats and Mitigation Strategies in East African Financial Systems

Financial systems in East Africa, particularly Kenya, are increasingly vulnerable to cybersecurity threats due to rapid technological advancements and inadequate regulatory frameworks. A mixed-methods approach combining quantitative analysis of cyber threat reports from financial institutions and qualitative interviews with cybersecurity experts to understand current practices and challenges. Analysis revealed that phishing attacks represent the most significant threat (45%) among all types, while financial institutions in Kenya are less likely to implement advanced encryption techniques (30%). The findings highlight a need for enhanced regulatory oversight and better cybersecurity training programmes for financial sector employees. Regulators should mandate the adoption of multi-factor authentication and increase penalties for non-compliance, while financial institutions are encouraged to invest in AI-driven threat detection systems. Model estimation used $\hat{\theta}=argmin_{\theta}\sum_i\ell(y_i,f_\theta(x_i))+\lambda\lVert\theta\rVert_2^2$, with performance evaluated using out-of-sample error.