Resources & Insights

Cybersecurity Knowledge
Built for Africa.

Guides, blog posts, awareness materials, and practical tools - all grounded in the African regulatory environment and designed to help your organisation make informed security decisions.

Blog & Insights
Threat Intelligence
Kenya Cybersecurity Trends: What CISOs Need to Watch in the Next 12 Months
Kenya's threat landscape is shifting fast — from ransomware crews exploiting fintech APIs to ODPC enforcement actions reshaping compliance budgets. Here are the cybersecurity trends Kenyan enterprises cannot afford to ignore.
May 2026 4 min read →
Awareness & Training
Why Cybersecurity Awareness Is the Cheapest Control Your Business Isn't Taking Seriously
Most breaches in East African enterprises start with a single click, not a sophisticated exploit. Cybersecurity awareness training is the lowest-cost, highest-impact control you can deploy — yet most Kenyan businesses still treat it as a tick-box exercise.
May 2026 4 min read →
GRC & Compliance
GDPR vs Kenya Data Protection Act 2019: Key Differences Every Compliance Officer Must Know
Kenyan enterprises handling European customer data face a dual compliance burden — and confusing the two regimes can cost you millions in fines. Here's a direct comparison of GDPR and the Kenya Data Protection Act 2019, covering scope, penalties, consent rules, and cross-border data transfers.
May 2026 5 min read →
GRC & Compliance
DORA Compliance for Kenyan Banks: Why an EU Regulation Now Sits on Your Risk Register
The EU's Digital Operational Resilience Act (DORA) came into force in January 2025, and Kenyan banks with European correspondent relationships, fintech partnerships, or shared service arrangements are already feeling its weight. Here's what DORA actually requires, why it reaches across borders, and how to align it with the CBK Guidance on Cybersecurity.
May 2026 4 min read →
Awareness & Training
Security isn't a product, it's a culture
Most organisations spend heavily on security tools yet still suffer breaches. The reason is almost always the same: they bought security rather than built it. Here's what a genuine security culture looks like — and how to start building one.
May 2026 6 min read →
Weekly Security Tips

Security Awareness Posters
for Your Workplace.

A new security awareness poster every week. Print them, share them on Slack, or post them on your office wall. Click any poster to view it in full, then download it free.

Compliance Guides

In-Depth Guides for
Compliance Decision-Makers.

Comprehensive PDF guides produced by SecureZaidi's compliance specialists. Download or read them directly in your browser — free, no sign-up required.

Kenya DPA 2019 · PDF
The Kenya Data Protection Act Compliance Guide (2025 Edition)
Comprehensive guide covering ODPC registration, lawful bases for processing, all nine data subject rights, DPO obligations, breach notification, cross-border transfer rules, enforcement penalties, and a practical compliance checklist. Essential reading for compliance officers, legal teams, and IT leaders operating in Kenya.
View PDF Download
ISO 27001:2022 · PDF
ISO 27001 Implementation Guide for East African Organisations
Step-by-step guide to implementing ISO 27001:2022 — covering gap analysis, ISMS scope definition, risk assessment methodology, Statement of Applicability, all four control themes, mandatory documentation, internal audit, and the certification audit process. Includes realistic timeline and budget guidance for East African organisations.
View PDF Download
Security Awareness · PDF
Building a Security-First Culture: A 12-Month Programme Guide
How to design and run a security awareness programme that genuinely changes employee behaviour. Covers month-by-month planning, phishing simulation methodology, departmental deep dives, the Security Champions model, and key performance indicators. All examples are grounded in the East African threat landscape.
View PDF Download
GRC · Risk Management · PDF
Cybersecurity Risk Assessment Guide: From Identification to Board Reporting
A practical guide to conducting structured cybersecurity risk assessments — from asset inventory and threat identification through likelihood/impact scoring, risk treatment options, and maintaining your risk register. Includes a dedicated section on translating technical risk into financial language for board-level reporting.
View PDF Download
Glossary

Cybersecurity Terms
Explained Simply.

A plain-language glossary of key cybersecurity and compliance terms - useful for non-technical stakeholders, board members, and anyone new to the field.