Our Services

Enterprise-Grade Security
for African Businesses.

Five core service areas designed to address the full spectrum of cybersecurity and compliance challenges facing Kenyan and East African organisations.

๐Ÿ‡ฐ๐Ÿ‡ช Kenya-Specialist Service
Service 01
Data Protection Act
Compliance

The Kenya Data Protection Act 2019 (DPA) is now actively enforced by the Office of the Data Protection Commissioner (ODPC). Non-compliance carries fines of up to KES 5 million or imprisonment. We help organisations achieve and maintain full compliance โ€” practically and efficiently.

Get DPA Assessment
ODPC Registration & Notifications
We manage the end-to-end process of registering your organisation as a data controller or processor with the ODPC, including ongoing notification obligations and licence renewals.
Data Mapping & ROPA
Comprehensive mapping of all personal data flows โ€” what data you hold, where it lives, who has access, how it moves, and where it is shared. Delivered as a living Record of Processing Activities.
Privacy Impact Assessments
Structured Data Protection Impact Assessments (DPIAs) for new projects, systems, and significant processing changes โ€” identifying and mitigating privacy risks before they materialise.
Privacy Policies & Notices
Legally compliant, plain-language privacy notices, data retention schedules, consent frameworks, and internal privacy policies โ€” all aligned to Kenya DPA requirements.
Data Subject Rights Management
Processes and procedures for handling data subject requests โ€” access, rectification, erasure, restriction, and portability โ€” within legally required timeframes.
DPA Compliance Programme
What You Receive
DPA Gap Assessment Report
Full assessment of your current data protection posture against Kenya DPA requirements, with prioritised remediation roadmap.
Data Mapping & ROPA
Complete record of all personal data processing activities across your organisation, updated and maintained.
Policy & Notice Templates
Complete suite of Kenya DPA-compliant privacy notices, retention schedules, and internal policies.
Staff Training Programme
Tailored DPA awareness training for all staff, with role-specific modules for HR, IT, and customer-facing teams.
Kenya DPA 2019 ODPC GDPR-aligned Data Mapping DPIA Privacy Notices
Service 02
Cybersecurity Awareness
Training

Human error remains the leading cause of security incidents โ€” responsible for over 90% of successful breaches. Our awareness programmes go beyond one-off training sessions to create lasting behaviour change across your entire organisation, from the boardroom to the front desk.

Start a Programme
Phishing Simulation Campaigns
Realistic, Africa-context phishing simulations โ€” including M-Pesa fraud attempts, KRA notices, fake HELB communications, and WhatsApp social engineering. We measure click rates, report rates, and improvement over time.
E-Learning Awareness Modules
Short (5โ€“15 minute) engaging training modules covering: password security, social engineering, data privacy, remote working, mobile security, and Kenya DPA obligations โ€” accessible on any device, in any location.
Social Engineering Awareness
Training on vishing (voice phishing), pretexting, physical security, and impersonation attacks โ€” with scenario-based exercises tailored to the specific risks facing your industry and organisation type.
Executive & Board Briefings
Tailored cybersecurity awareness sessions for board members and C-suite executives โ€” covering fiduciary duty around cyber risk, regulatory liability, incident response decision-making, and the Kenyan threat landscape.
Reporting & Progress Dashboards
Monthly reporting on phishing simulation results, training completion rates, knowledge assessment scores, and risk trend analysis โ€” demonstrating the ROI of your security awareness investment to leadership.
Security Awareness Programme
12-Month Behaviour Change Journey
Baseline Phishing Assessment
Initial campaign to measure your organisation's current susceptibility before training begins.
Monthly Training Modules
12 topic-specific e-learning modules delivered monthly โ€” one new topic per month across the programme year.
Quarterly Phishing Campaigns
Progressive phishing simulations at increasing complexity โ€” measuring improvement and targeting high-risk users.
Security Culture Report
Annual report measuring security culture shift, risk reduction, and programme effectiveness for board-level reporting.
Average Client Result
89% reduction
in phishing click rates within 90 days
Service 03
Governance, Risk
& Compliance (GRC)

Build a mature, integrated GRC programme that gives your leadership real visibility into cyber risk, demonstrates compliance to customers and regulators, and creates a sustainable security foundation for growth. We bring the structure, methodology, and expertise โ€” you bring the organisational knowledge.

Book GRC Assessment
ISO 27001 Certification
Full end-to-end support from initial gap analysis through ISMS implementation, internal audit, and certification audit โ€” with an average time to certification of 6โ€“9 months for organisations working with SecureZaidi.
Cybersecurity Risk Assessments
Structured risk assessments using NIST CSF 2.0, ISO 31000, and FAIR methodologies. We quantify risk in financial terms that board members and CFOs can understand and act on.
Policy Management
A complete suite of security policies โ€” acceptable use, BYOD, data classification, incident response, business continuity, and more โ€” aligned to Kenya DPA, ISO 27001, and applicable industry regulations.
Third-Party Risk Management
Supplier and vendor security assessments, due diligence questionnaires, and ongoing third-party risk monitoring โ€” ensuring your supply chain doesn't become your weakest link.
Maturity Assessments
Cybersecurity maturity assessments against NIST CSF 2.0, CIS Controls v8, or custom frameworks โ€” giving your leadership a clear, honest picture of where you stand and a prioritised roadmap for improvement.
GRC Programme Outcomes
What organisations achieve
Risk Visibility Before โ†’ After
Board-level cyber risk reporting
Policy Coverage ISO 27001 Aligned
Security policies implemented and active
Compliance Readiness Audit-Ready
Controls implemented and evidenced
ISO 27001NIST CSFCIS ControlsKenya DPARisk RegisterFAIR
Service 04
Security Consulting

Access senior security expertise without the cost and complexity of a full-time executive hire. Our consulting services range from strategic advisory to hands-on technical engagements โ€” all delivered by certified professionals with real-world experience in the African enterprise context.

Speak to a Consultant
Virtual CISO (vCISO)
Fractional CISO services providing strategic security leadership โ€” board reporting, security programme governance, policy ownership, and regulatory liaison โ€” at a fraction of the cost of a full-time hire.
Cloud Security Consulting
Security architecture review and hardening for AWS, Azure, and Google Cloud environments โ€” covering IAM configuration, network security, data protection, and compliance posture for cloud-first African enterprises.
Security Architecture Reviews
Comprehensive review of your network, application, and cloud architectures against security best practices โ€” identifying design-level risks that traditional testing may miss, with actionable remediation guidance.
Incident Response Planning
Development of incident response playbooks, communication plans, and decision trees โ€” followed by tabletop exercises that test your team's readiness before a real incident occurs.
Security Programme Development
Building a security programme from scratch, or maturing an existing one โ€” defining strategy, governance structure, KPIs, and a multi-year roadmap aligned to your business objectives and risk appetite.
vCISO Engagement Model
Flexible, Scalable Security Leadership
Board & Leadership Reporting
Security Policy Ownership
Regulatory Liaison (ODPC, CBK)
Vendor & Procurement Advisory
Incident Response Leadership
Strategic Roadmap & Planning
Available as a monthly retainer (8โ€“20 hours/month) or per-project engagement. Remote-first, with on-site availability for Nairobi and East Africa.
vCISOCloud SecurityZero TrustArchitecture ReviewIR Planning
Service 05
Managed Security
Services

Continuous 24/7 security monitoring, threat detection, and vulnerability management โ€” without the cost and complexity of building an in-house Security Operations Centre. We act as your extended security team, watching your environment around the clock and responding to threats in real time.

Explore Managed Security
24/7 Continuous Monitoring
Round-the-clock monitoring of your network, endpoints, cloud infrastructure, and applications โ€” with real-time alerting and triage by our security analysts.
Threat Detection & Response
SIEM-powered threat detection with correlation rules tuned to African threat actors and attack patterns. When a genuine threat is detected, our analysts investigate and provide immediate containment guidance.
Vulnerability Management
Continuous scanning and assessment of your attack surface โ€” identifying vulnerabilities, tracking remediation, and providing monthly reports on your vulnerability exposure and risk trend over time.
Endpoint Protection
Managed endpoint detection and response (EDR) โ€” protecting laptops, servers, and mobile devices from malware, ransomware, and advanced persistent threats with automated response capabilities.
Monthly Security Reporting
Executive-ready monthly security dashboards covering threat activity, incidents detected and resolved, vulnerability status, compliance posture, and key risk indicators โ€” designed for board and leadership review.
Security Operations Dashboard
Live Monitoring Overview
Monitoring Status
ACTIVE 24/7
3
Alerts Today
0
Active Incidents
99.9%
Uptime
<15m
Mean Response
Vulnerability Remediation
Critical ยท High2 / 2 resolved
SIEMEDRThreat IntelSOC-as-a-ServiceVuln Mgmt
Ready to Start?

Not Sure Which Service
is Right for You?

Book a free 30-minute discovery call. We'll listen to your challenges, assess your priorities, and recommend the right starting point โ€” with no obligation.

Book Free Call View Compliance Services