## I. INTRODUCTION The digital transformation and increasing development of applications within the Information Communication Technology (ICT) industry has been quite astronomical within the $21^{\mathrm{st}}$ Century, and so has been the risks, challenges and opportunities that have come along. The advancement in computing technologies, communications protocols, information processing, programming, telecommunications, aerospace, satellite, electronics, chips, artificial intelligence (AI), communications, avionics, electrical, power and fiber optics have in overall revolutionized modernization and thus globalisation of the world production, manufacturing, service, markets and public organization. (Kremling et al...2018) The advanced countries have continued to lead in scientific and technological inventions, innovations and economic exploitation of ICT in the conduct of business, commerce, trade and social life. However, the developing countries particularly in the Sub - Sahara Africa (SSA) still lag behind due to poor economies, redundant and low investments in research and development programmes, high asset acquisition costs, lack of infrastructure and largely poor and illiterate populations. This poor performances also affect some countries in parts of Latin America and East Asia. (Farina, 2019) In 2015, the United Nations (UN) rolled out the Agenda 2030 for sustainable development of the world following the purported achievement of Millennium Development Goals (MDGs). The International Governmental Organization (IGO), launched seventeen other agendas popularly known as the Sustainable Development Goals (SGDs). The aims of these goals are to improve lives of world population by the year 2030. Key among these objectives are; Elimination of poverty, improved quality education, access to affordable and clean energy, access to decent work and sustained economic growth, increased industry, infrastructure and innovations, sustainable cities and societies, responsible consumption and production, advanced life on land, build global partnership among many others. (UN, SDG, 2015). All these initiatives embraces the development of world knowledge economy framed on ICT. The UN as a global agenda setter through policy support initiatives continues to encourage states to embrace digital economies. The 2020 UN E-Government Survey observes tremendous efforts by various government in response to the influence of COVID-19 Pandemic that accelerated the implementation of e-governance programmes. (UN, 2020) At the continental level, the African Union (AU) Agenda 2063 framework, further seeks to consolidate the socioeconomic transformations of the continent. This African policy initiative mirrors largely on the UN SDGs. The policy agenda item that speaks to the focus of this study is the development of human capital, social assets, infrastructure and public goods. This sector has attracted major flagship programmes for implementation in e-governance; Integrated Transport Network (ITN), African Continental Free Trade Area (AfCFTA), Pan African E-Network (PAEN), African Passport (AP), Pan African Virtual University(PVU) and Continental Financial Institution (CFI) on integrated approach basis. This continental strategy seeks to establish a strong digital foundation for enhanced continental economic growth and inclusiveness within the continent. (AU, 2015) This will further be enabled through the ICT platform as a stimulant and as an enabler. At the local level, Kenya remains focused on enhancing growth of digital knowledge based economy. The Kenya constitution 2010 vests sovereign power in the citizens and provides the legal policy framework for progressive democratic governance embracing effective service delivery, transparency and accountable leadership. (GoK Constitution, 2010) The government has thus rolled out partial e-governance strategies and programmes embracing developments in both Science, Technology and Innovation (STI) and Information, Communication and Technology (ICT) sectors. These will speed up national transformations towards digital knowledge economy which is an important ingredient of Kenya's industrialization (GoK, 2015). The Kenya e-governance initiatives focuses on; e-tax, e-customs, one-border stop, e-citizen, e-passport, e-cities, e-health, among many other public services to be offered within central government and county devolved units with vision to reach about 5000 services in future. These saw the establishment of Huduma Centres in major towns for easy access of public services by the citizens. The government, leading telecommunication companies, banking institutions, citizens and other stakeholders have largely accepted and embraced modern technology in the conduct of official business making it easier for adoption and implementation of integrated digital services. This has further been made possible through the easy availability of cheap and affordable mobile telephone and computer devices, infrastructure expansion and internet connectivity. (KNBS, 2016). These successes are happening within a globalizing world that is already attracting security threats within the largely declining national sovereignty environment bring along ICT based threats arising from the global network connectivity and heavy dependency and reliance on imported technology and infrastructure support systems from leading world multinational corporations (MNCs) (Ciampa, 2018). The number of businesses that have experienced data breaches has grown exponentially during this $21^{\text{st}}$ Century. The number of recorded cases and financial losses have risen enormously. Illustrating the scope and potential severity of this issue are examples like the 2017 Equifax data breach that affected almost 148 million individuals and the 2013 Yahoo breach that affected three billion individuals globally. Similarly, a hacker accessed 106 million of Capital One's credit card customer and applicant accounts in March 2019. (Clement, 2019). For a government, the cost of data breaches can be significant. This study thus seeks to examine information security threats to e-government services in Kenya with the purpose of establishing appropriate security measures against the challenges. ### a) Statement of Research Problem Globalisation has been characterized by astronomical advances in Information, Communication and Technological (ICT) domain. These high value technological development have fundamentally revolutionized the conduct of international trade and commerce and delivery of public services by modern nation states (Dahlman et al., 2016). This new developments have been accompanied by information security management challenges to guarantee safety of data, accessibility, integrity, confidentiality and privacy. Some of these challenges include cybercrime, economic crimes, transnational crimes, systems and infrastructure intrusions, distributed denial of services (DDoS) data fraud, equipment destruction and disruption of services (Kimathi et al., 2019). The growth and proliferation of Artificial intelligence and destructive digital technologies continue to increase ideological competition among the world superpowers and emerging great powers. This has witnessed opening of new cyber warfare domains and military defence restructuring capabilities to guarantee preventive, defensive and offensive capabilities within the cyber space (Ella, and Woolley, 2020) Developing nations such as Kenya and mostly the fifth world lack the research and development capabilities for local production and thus remain heavily dependent on imported technological applications and software's from world leading MNCs abroad. These are accompanied with high acquisition costs, old technologies, poor implementation and adoption and mostly fragmented technology support legal framework (Shafqat, 2016). The adoption of cloud data storage infrastructure provides enormous cost advantage to institutions handling big data to capture, process, share and access information quickly. However, this has equally exposed them to heightened security risks and unauthorized access to classified information by criminals who may be state or non-state actors and have greater opportunity to intercept, deny, alter or steal institutional or country information and data for their own unlawful use. This study thus set to examine the information security threats to e-government services in Kenya as a modern developing state that heavily depends on foreign manufactured imported technologies with limited sovereign control and manipulation capabilities within the cyberspace. ### b) Objectives of the Study 1. To investigate the types of information security threats to e-government services in Kenya. b) Research Questions 1. What are the types of information security threats to e-government services in Kenya? c) Hypothesis of the study The study tested the following hypothesis: ## i. Types of Information Security Threats - H0: The types of information security threats have no effect on the quality on e-government services in Kenya. - H1: The types of information security threats have significant effect on the quality on e-government services in Kenya. e) Scope of the study The study examined the information security threats to the provision of e-government services in Kenya and was scoped with general objectives i.e. The Kenya government public services offered through the e-government platforms, the information security threats and the preventive measures necessary to safeguard the operations of the e-government services. The study independent variable was the e-government services while the dependent variables were information security threats and security measures. ## II. LITERATURE REVIEW The research study examined information from secondary sources and the listed concepts and scope was identified, summarized and analysed in the report as major literal studies within the stated study objectives as both empirical and theoretical reviews. ### a) Theoretical Framework The study was guided by Ludwig Von Bertalanffy, General System Theory (GST). This theory has inter-disciplinary application and adoption borrowing from biology, engineering, mathematics, sociology, philosophy, political science, organizational studies, communications and information science (Craig R. Scott and Laurie Lewis, 2018). The proponents of this theory observe that systems are unique and forms inter-dependent relationships among the components establishing patterns and structures in a hierarchical relationship and ordering (Montuori, 2011). This study takes view that the modern communication is a conglomeration of sub-systems that are quite unique and interdependent among each other through a fusion of people, infrastructure, technology and information (Poole, 2014). The research examined the potential security risks and threats to the e-government platform from within the approach of an independent system with potential interconnectivity or interdependence organized structurally and supporting each other within the networks. ### b) Empirical Literature Review The empirical review focused on the following major concepts and ideas within the information, communications, organizations, engineering, social sciences among many other disciplines on cross-cutting basis. ## i. Globalisation The concept of globalisation has been around for a few decades gaining popularity in the $20^{\text{th}}$ Century. In the $21^{\text{st}}$ Century, a number of scholars came up to elucidate differing debates on the concept for lack of acceptable common definition of globalisation. Some scholars observe that modernisation and technological transformations have made the world more connected and interdependent leading to improved movements, trade, commerce and communication. This has significantly reduced time and lowering associated costs (Wolf, 2014). Others argue that the physical geography of the world has never changed. The established international and national boundaries including populations continue to remain largely intact without any physical change (Albrow et, al...1990) This study borrows from the schools of thought that identify globalisation as that process of increased interconnectivity and interdependence in the world systems made possible through technological advances in science, information, communication, and technology that have made it easy for the world to trade, move, interact and communicate easily impacting significantly on their political, economic, cultural and social activities (James and Manfred, 2014). ## ii. Science Technology and Innovations (STI) The Science, Technology and Innovations (STI), has had magnificent impact on the world society. The major leading nations in science and technology have leaped into astronomical economic wealth and in the creation of high technology goods and services. They developed nations have registered big volumes of world commerce and trade. Their societies continue to enjoy high quality of life accessing superior goods and services comparatively. The Global Innovation Development Index (GIDI) rates above the industrialized world showing unequal imbalance between the North-South divide. The United States, Europe, and Eastern Asia lead the park in science and technology associated with big investments in Research and Development (R&D) programmes (Bergquist, Fink, & Raffo, 2018). ## iii. Information Communication and Technology Information and Communication Technology (ICT), sometimes referred to as Information Technology (IT) has been the main drive in collapsing global space and time enhancing a number of revolutions along the line. (Martin and Priscila, 2011.) The modern computing technologies, software, programming combined with communication advances such as mobile telephony, growth of internet communication technologies have been instrumental in most of the transformation witnessed in the sector (Wells, 2019). The society has transformed conduct of business and the locations nor do distances no longer matter as people are able to effectively and efficiently communicate, transact and interact widely from the palms of their hands without time limitations. These transformations have increased pressure on the state and business firms to adopt to new technology to keep pace with societal changes. These developments have given the modern state additional responsibility in the development of essential network infrastructure to support the provision of services (Anderson, 2019). ## iv. E-Governance E-Government refers to government agencies adaptation of science, communication and technology in the provision of public services to the citizens, businesses entities and outside organizations including foreigners and international agencies. The resulting benefits can be less corruption, speed, efficiency, effectiveness, increased transparency, greater convenience, revenue growth, and/or cost reductions (Wells, 2019). E-government initiatives are characterized by extensive use of web technologies which have transformed technology from pure information-sharing phase to interactive, transactional, and intelligent phases. Many states started making use of these technologies for web-based government services for improving government efficiency, transparency, and competitiveness in the global economy. Despite the increasing popularity and substantial growth in the development of e-government services on the internet, the e-government stumbles upon security and privacy threats. In general, the internet users have growing concerns of cyberspace identity thefts and privacy violations. The e-government sites become potential targets for cyber attackers and terrorists. Cyber intrusions into e-government network systems could harm e-government services any time if the e-government sites are not properly secured (Owigar and Omwenga, 2018). This study sought to examine information security threats to the e-government services in Kenya. ## v. Information Security This study focused on importance of information security to a state, organization or to the lowest level of an individual. The state is the major unit of analysis on matters national security to guarantee sovereignty and defence of national interests against externally generated threats (Krasner, 1978). There are many definitions of information Security popularly known as (infosec), for the purpose of this study, information security implies the mechanisms employed by governments, institutions and individuals to protect themselves against unauthorized or unintentional loss, destruction, access, denial or modification of information and data. Information is a major item of value for any organization or the state fundamental to key decision making and must therefore be protected viciously. (Joshi, and Kumar. 2017) Nations and Organizations employ various policy procedures and mechanisms for protecting their citizens, firms, employees, assets, critical infrastructure and data against unauthorized interference which may take many forms such as network security, infrastructure security, applications security, cyber security, cloud security among many other defence and protective measures (Michael, Jones, and Janicke, 2015). It is important for the organizations to observe the information principles of confidentiality, integrity and accessibility for effective management and achievement of organizational information goals and objectives to meet the demands of their customers or clients (Janine., Amanda, and Parker 2018). The modern time technology and economic wars between the world leading superpowers have led to escalations in cyber security threats where nations continue to build and restructure their national security architecture to take care of the cyberspace by building preventive, defensive and offensive cyber space coercive capabilities (Borghard, and Lonergan, 2017). ## vi. Gaps in the Literature The theoretical and empirical literature reviews established that implementation of the e-government services in Kenya is still an ongoing project where over 42 Counties with a total of 51 Huduma Centres have since been established and some are still in the pipeline. The ones established provide limited services on pilot basis with over 3000 different services on offer projected to rise to over 5000 by 2030. The information security threat to the services have not been fully scoped. The country just like many developing nations particularly in Africa lacks locally manufactured on developed technology and heavily relies on foreign imports and infrastructure from leading MNCs and holds limited or essential proprietary rights over them. The rising geopolitical competition, collaborations, conflicts and rivalry among the superpowers and world leading industrial nation exposes such installed national infrastructure into foreign cyberspace control and coercion by the technology advanced nations. Thus this study undertook this task to assess the potential information security threats together with their impact on the e-government services in Kenya. ## III. RESEARCH METHODOLOGY ### a) Research Design The research design constitutes the blue print for the collection, measurement and analysis of data. (Kothari, 2005). The study used a descriptive research design framework in the collection, analysis, presentation and analysis of data in response to the problem of the study. The mixed method cross sectional survey approach was further chosen. This allowed the collection of both qualitative and quantitative data during the months of October and November 2022. The study considered this objective, reliable and representative in enhancing validity and reliability of the study findings from the population drawn from Huduma Service Centres in Kenya. The study variables were; the government services, the information security threats, the consequences of information security threats and the preventive measures against information security threats to e-government services in Kenya. The study further issued a pilot survey that was used to pretest and correct the information used in the conduct of final field survey. ### b) Target Population Target population in statistics is the specific population about which information is desired. (Creswell and Creswell, 2017) A population is a set of people, services, elements, events, group of things or households that are being investigated. This definition ensures that population of interest is homogeneous. (Creswell, 2007) The population of this study were all potential users of Kenya government services from the 51 Huduma Centres targeting both Kenyans and foreigners. Individuals, companies and international agencies. The target population for this study was 12000 respondents being both service providers and users who sought Kenya government services on Wednesday, 2 November 2022 from ten (10) service Centre/ categories purposively chosen across the country out of the existing 51 Centres in Kenya including foreign segment. The study would have benefited more by conducting a national survey to cover all service Centres which however could not be viable due to limited time, resources and complex nature of conducting such research beyond the researcher's resources. ### c) Study Sample and Sampling Techniques The study adopted purposive simple random sampling techniques. This is a procedure of selecting a subject to be included for a study by allocating equal chances to the elements in the population. (Creswell, 2017) Sampling frame was used by allocating numbers to potential respondents from the target population. The purposive sampling allowed the study to access respondents that had the required information with respect to the objectives of the study. (Creswell and Creswell, 2017) The research considered this approach because the sample population was easily accessible, informative and knowledgeable on government services and aspects of information security that relate to electronic governance. The sample must be as big enough to provide representative results of the population. The sample size of $10\%$ was considered sufficient and representative (Mugenda and Mugenda, 2003). The study targeted 1200 respondents from a target population of 12000 people drawn by the sample frame from 9 regions in Kenya and 1 segment representing foreigners (Non-Kenyans) as tabulated under. Table 1: Target Population and Sampling <table><tr><td>Population Location</td><td>Population Description</td><td>Target Population</td><td>Sample Size (%)</td><td>Sample Size (Nos)</td><td>Cum (%)</td></tr><tr><td>Embu Town</td><td>Service Providers/Users</td><td>1000</td><td>10</td><td>100</td><td>10</td></tr><tr><td>Foreigners</td><td>Service Users</td><td>1000</td><td>10</td><td>100</td><td>20</td></tr><tr><td>Garissa Town</td><td>Service Providers/Users</td><td>1000</td><td>10</td><td>100</td><td>30</td></tr><tr><td>Kakamega Town</td><td>Service Providers/Users</td><td>1000</td><td>10</td><td>100</td><td>40</td></tr><tr><td>Kisumu Town</td><td>Service Providers/Users</td><td>1000</td><td>10</td><td>100</td><td>50</td></tr><tr><td>Mombasa Town</td><td>Service Providers/Users</td><td>1000</td><td>10</td><td>100</td><td>60</td></tr><tr><td>Nyeri Town</td><td>Service Providers/Users</td><td>1000</td><td>10</td><td>100</td><td>70</td></tr><tr><td>Nairobi GPO</td><td>Service Providers/Users</td><td>1000</td><td>10</td><td>100</td><td>80</td></tr><tr><td>Nairobi, City Sq</td><td>Service Providers/Users</td><td>1000</td><td>10</td><td>100</td><td>90</td></tr><tr><td>Nakuru Town</td><td>Service Providers/Users</td><td>3000</td><td>10</td><td>300</td><td>100</td></tr><tr><td>Totals</td><td></td><td>12000</td><td></td><td>1200</td><td></td></tr></table> ### d) Data Collection Instrument The research study used structured questionnaires that were administered and filled by the respondents. The questionnaires had both closed and open ended questions on a five point likert scale for the respondents to record their answers. The instrument was used to collect primary quantitative data and found to be suitable for this study because the researcher had the potential to reach a big number of respondents in a short period of time, provide respondents with adequate time to respond, anonymous and objective since the instrument does not result in biases of personal characteristics. (Creswell, 2011). The research questionnaire was organized in according to the major objectives of the study and comprised four sections covering demographic information, government services, information security threats and the preventive measures to safeguard information security threats against the e-government platform. ### e) Piloting The researcher undertook a pilot study with a tenth of the sample population in the neighboring Kiambu County region with a sample that was considered homogeneous to the target population of the study. This was very important to test the validity of the data collection and measurement instrument to enable effective and efficient roll out of the field study. The pilot study was conducted after obtaining research authorization from the National Commission of Science, Technology and Innovation (NACOSTI) and the National Defence University - Kenya (NDU-K). The pilot study gave the researcher the opportunity to improve the quality of the research instrument and correction of data collection errors. ### f) Data Analysis and Presentations The completed study questionnaires which were received back from the respondents were sorted and checked for errors, omissions and biases. The data was further classified, categorized using tables. The researcher used both quantitative and qualitative statistical analysis using the Statistical Package of Social Science (SPSS) data processing tool. The results were presented in tables, pie-charts, frequency and percentages. Content analysis was further used to process the qualitative data collected by the open ended questions which were converted into quantitative data through the ordinal scale for ease of analysis and interpretation. The study used chi-square test and tables to validate the hypothesis Analysis of Variance was used to test the level of significance of the variables on the dependent variable at $95\%$ confidence level (Creswell and Creswell, 2018). ### g) Ethical Considerations The study strictly adhered to research ethics and standards as outlined in the NACOSTI and the NDU-K research policy. The questionnaire was explicit and gave complete assurance of the respondents' confidentiality. Other than voluntary participation in the study, the questionnaires remained anonymous and the researcher upheld the highest integrity in the collection of the data and adhered to all the statutory requirements and policy guidelines. ## IV. RESULTS AND DISCUSSION ### a) Field Questionnaires issued and responses The target population of the study was 12000 people and through purpose sampling the study targeted a sample size of $10\%$ of the population and a total of 1200 questionnaires were sent out to the potential respondents in the 10 regions identified by the study. 966 respondents filled and returned the questionnaires making a response rate of $80\%$. The research response rate of $50\%$ is considered adequate, rate of $60\%$ is considered good and any rate above $70\%$ is considered excellent. (Kothari & Garg, 2014) Other writers consider a response rate of $50\%$ to be adequate for analysis and reporting; a rate of $60\%$ as good and a response rate of $70\%$ and above is excellent. (Tahira and Mugenda, 1999) Based on the above assertions, the response rate of $80\%$ returned by this study was thus excellent to make credible deductions from the data collected and analysed by the study. ### b) Information Security Threats to E-government Services The study sought to find the nature and types of information security threats that predisposes challenges and risks to the e-government services in Kenya from the study population. There exist in Kenya a number of legislative framework and regulations to protect Kenyans and official government information from the dangers of internet based cybercrimes. Table 2: Information Security Threats Respondents by Numbers <table><tr><td></td><td>Type of Security Threat</td><td>Strongly Disagree</td><td>Disagree</td><td>Neutral</td><td>Agree</td><td>Strongly Agree</td><td>Totals</td></tr><tr><td>1.</td><td>Unauthorized access, denials (ddos) and interference</td><td>66</td><td>83</td><td>127</td><td>428</td><td>262</td><td>966</td></tr><tr><td>2.</td><td>Illegal devices</td><td>76</td><td>107</td><td>156</td><td>378</td><td>249</td><td>966</td></tr><tr><td>3.</td><td>Unauthorized codes and passwords</td><td>93</td><td>76</td><td>191</td><td>370</td><td>236</td><td>966</td></tr><tr><td>4.</td><td>False publications</td><td>59</td><td>113</td><td>154</td><td>372</td><td>268</td><td>966</td></tr><tr><td>5.</td><td>Computer frauds and forgery</td><td>81</td><td>58</td><td>85</td><td>335</td><td>407</td><td>966</td></tr><tr><td>6.</td><td>Cyber espionage terrorism and squatting</td><td>66</td><td>66</td><td>160</td><td>342</td><td>332</td><td>966</td></tr><tr><td>7.</td><td>Phishing</td><td>79</td><td>71</td><td>156</td><td>392</td><td>268</td><td>966</td></tr><tr><td>8.</td><td>Identity theft and impersonation</td><td>66</td><td>66</td><td>122</td><td>372</td><td>340</td><td>966</td></tr><tr><td>9.</td><td>Interception of electronic messages and money transfer</td><td>74</td><td>66</td><td>158</td><td>328</td><td>340</td><td>966</td></tr><tr><td>10.</td><td>Fraudulent use of electronic data</td><td>71</td><td>66</td><td>97</td><td>392</td><td>340</td><td>966</td></tr><tr><td>11.</td><td>Employee irresponsibility, aiding or abetting offences</td><td>97</td><td>70</td><td>119</td><td>356</td><td>324</td><td>966</td></tr><tr><td>12.</td><td>Child pornography</td><td>151</td><td>111</td><td>214</td><td>267</td><td>223</td><td>966</td></tr><tr><td></td><td>Sub Totals</td><td>979</td><td>953</td><td>1739</td><td>4332</td><td>3589</td><td></td></tr></table> Table 2 is a summary of respondents who identified common information security threats to the provision of e-government services in Kenya. They identified 12 categories of threats tabulated above. 3589 responses strongly disagreed, 953 responses disagreed, 1739 responses neither agreed nor disagreed, 432 responses agreed and 3589 responses strongly agreed. The data indicates that 966 respondents returned 3671 negative responses at $32\%$ and 7129 positive responses at $68\%$. This was relatively good response because any response above $60\%$ is considered good for decision making. The normative framework regulations include; National ICT Survey Report (2010), Government of Kenya Cyber Security Strategy (2014), Kenya Information and Communications Amendment Bill (2019), The Kenya government Data Protection Act (2019), Digital Economy Powering Kenya's Transformation (2019), National Information and Communications Technology Policy 2019, Data Protection Act Civil registration Regulations (2020), National Elections Single Window systems Act 2022, Registrations of Person (NIIMS), Regulations 2020. The sector has seen a number of the proliferation of legislations, policies and strategies all intended to protect Kenya and its citizens against the many internet based cybercrime threats and activities orchestrated by both individual criminals or state and non-state actors. The study originally identified twelve categories of information security threats that were subjected under investigation from the population. The study found out the following: i. The unauthorized access, service denial (DDoS) and interference with system networks The study found that $6.83\%$ Strongly Disagreed, $8.59\%$ Disagreed, $13.15\%$ Neither Agreed nor Disagreed, $44\%$ Agreed and $27.12\%$ Strongly Agreed. The study further made a finding that summative $28\%$ largely disagreed and $72\%$ equally agreed that unauthorized system access remained a significant security threat to government e-government services. According to Tahira and Mugenda,(1999) any findings above $70\%$ is considered excellent. Similar studies by Khisa, Odima and Wafula, (2020) identified unauthorized network access and system interference as substantial threat to e-government services with the potential to cause data loss, system capture, phishing, data loss, alterations, disruptions and possible system destructions. (Khisa, Odima and Wafula, 2020) ## ii. Illegal Devices The study found that $7.87\%$ Strongly Disagreed, $11.08\%$ Disagreed, $16.15\%$ Neither Agreed nor Disagreed, $39.13\%$ Agreed and $25.78\%$ Strongly Agreed. The study further made a finding that summative $19\%$ largely disagreed and $81\%$ equally agreed that illegal devices remain a significant security threat to e-government services. According to Tahira and Mugenda, (1999) any findings above $70\%$ is considered excellent. (Tahira and Mugenda, 1999) The study thus deducts that illegal devices are potential security threat with the potential to cause system and service disruption and the organization must have a good policy procedure for handling and application of external inter-connected devices. ## iii. Unauthorized Codes and Password The study found that $9.63\%$ Strongly Disagreed, $7.87\%$ Disagreed, $19.77\%$ Neither Agreed nor Disagreed, $38.30\%$ Agreed and $24.43\%$ Strongly Agreed. The study further made a finding that summative $18\%$ largely disagreed and $82\%$ equally agreed that unauthorized codes and passwords remain a significant security threat to e-government services. According to Tahira and Mugenda, (1999) any findings above $70\%$ is considered excellent. The study deducts that use of unauthorized codes and passwords are potential security threat which can cause system malfunction and services disruption. ## iv. False Publications The study found that $6.11\%$ Strongly Disagreed, $11.70\%$ Disagreed, $15.94\%$ Neither Agreed nor Disagreed, $38.51\%$ Agreed and $27.74\%$ Strongly Agreed. The study further made a finding that summative $18\%$ largely disagreed and $82\%$ equally agreed that False Publications remain a significant security threat to e-government services. According to Tahira and Mugenda, any findings above $70\%$ is considered excellent. The study deducts that false publications are potential security threats which can cause harm or mislead internet digital technology users because of disinformation and misinformation. ## v. Computer Frauds andForgery The study found that $8.39\%$ Strongly Disagreed, $6.0\%$ Disagreed, $8.80\%$ Neither Agreed nor Disagreed, $34.68\%$ Agreed and $42.13\%$ Strongly Agreed. The study further made a finding that summative $14\%$ largely disagreed and $86\%$ equally agreed that computer frauds and forgery remain a significant security threat to e-government services. According to Tahira and Mugenda,(1999) any findings above $70\%$ is considered excellent. Similar study by Sunil, Pawar and Bapu (2021), identified computer identity fraud as a major impediments to the e-governance systems and services. The study deducts that use of unauthorized codes and passwords are potential security threat which can cause system malfunction and disruption services. ## vi. Cyber espionage, terrorism and squatting The study found that $6.83\%$ Strongly Disagreed, $6.830\%$ Disagreed, $16.56\%$ Neither Agreed nor Disagreed, $35.40\%$ Agreed and $34.37\%$ Strongly Agreed. The study further made a finding that summative $14\%$ largely disagreed and $86\%$ equally agreed that cyber espionage, terrorism and squatting were serious security threat to e-government platforms and services delivery. According to Tahira and Mugenda, (1999) any findings above $70\%$ is considered excellent. Similar study by Sunil, Pawar and Bapu, (2021), identified cyber espionage, terrorism and squatting as a major threats to the e-governance systems and services delivery. (Sunil, Pawar, Mente and Bapu, 2021) The study deducts that cyber espionage, terrorism and squatting are potential security threat which can cause system malfunction, loss of data, loss of investment, disruption services and equipment loss or destruction. ## vii. Phishing The study found that $8.18\%$ Strongly Disagreed, $7.35\%$ Disagreed, $16.15\%$ Neither Agreed nor Disagreed, $40.58\%$ Agreed and $27.74\%$ Strongly Agreed. The study further made a finding that summative $15\%$ largely disagreed and $85\%$ equally agreed that phishing was a serious security threat to e-government platforms and services delivery. According to Tahira and Mugenda, (1999) any findings above $70\%$ is considered excellent. Similar study by Sunil, Pawar and Bapu (2021), identified phishing as a major threats to the e-governance systems and services delivery. The study deducts that phishing is potential security threat which can cause system malfunction, loss of data, loss of investment, disruption services and equipment loss or destruction. ## viii. Identity theft and impersonation The study found that $6.83\%$ Strongly Disagreed, $6.83\%$ Disagreed, $12.63\%$ Neither Agreed nor Disagreed, $38.51\%$ Agreed and $35.20\%$ Strongly Agreed. The study further made a finding that summative $14\%$ largely disagreed and $86\%$ equally agreed that identity theft and impersonation was a serious security threat to e-government platforms and services delivery. According to Tahira and Mugenda, any findings above $70\%$ is considered excellent. Similar study by Sunil, Pawar and Bapu, (2021)identified identity theft and impersonation as a major threats to the e-governance systems and services delivery. The study deducts that identity theft and impersonation was a potential security threat which can cause system malfunction, loss of data, loss of investment, disruption services and equipment loss or destruction. ## ix. Interception of electronic messages and money transfer The study found that $7.66\%$ Strongly Disagreed, $6.83\%$ Disagreed, $16.36\%$ Neither Agreed nor Disagreed, $33.95\%$ Agreed and $35.20\%$ Strongly Agreed. The study further made a finding that summative $15\%$ largely disagreed and $85\%$ equally agreed that interception of electronic messages and money transfer was a serious security threat to e-government platforms and services delivery. According to Tahira and Mugenda, (1999) any findings above $70\%$ is considered excellent. Similar study by Khisa, Odima and Wafula, (2020) identified interception of electronic messages and money transfer as a major threats to the e-governance systems and services delivery. (Khisa and Wafula, 2020) The study deducts that interception of electronic messages and money transfer are potential security threats which can cause system malfunction, loss of data, loss of investment, disruption services and equipment loss or destruction. ## x. Fraudulent use of electronic data The study found that $7.35\%$ Strongly Disagreed, $6.83\%$ Disagreed, $10.04\%$ Neither Agreed nor Disagreed, $40.58\%$ Agreed and $35.20\%$ Strongly Agreed. The study further made a finding that summative $14\%$ largely disagreed and $86\%$ equally agreed that fraudulent use of electronic data was a serious security threat to e-government platforms and services delivery. According to Tahira and Mugenda, any findings above $70\%$ is considered excellent. Similar study by Khisa, Odima and Wafula, identified fraudulent use of electronic data as a major threats to the e-governance systems and services delivery. The study deducts that fraudulent use of electronic data is potential security threat which can cause system malfunction, loss of data, loss of investment, disruption services and equipment loss or destruction. xi. Employee irresponsibility, aiding and abetting offences The study found that $10.04\%$ Strongly Disagreed, $7.25\%$ Disagreed, $12.32\%$ Neither Agreed nor Disagreed, $36.85\%$ Agreed and $33.54\%$ Strongly Agreed. The study further made a finding that summative $17\%$ largely disagreed and $83\%$ equally agreed that employee irresponsibility, aiding and abetting offences is serious security threat to e-government platforms and services delivery. According to Tahira and Mugenda, (1999) any findings above $70\%$ is considered excellent. Similar study by Valentina Ndou (2004), identified human capital development, essential skills and policy gap as a major threats to the effective implementation of n e-governance systems and services delivery. (Valentina Ndou, 2004), The study deducts that employee irresponsibility, aiding and abetting offences are potential security threat which can cause system malfunction, loss of data, loss of investment, disruption services and equipment loss or destruction. ## Xii. Child Pornography The study found that $15.63\%$ Strongly Disagreed, $11.49\%$ Disagreed, $22.15\%$ Neither Agreed nor Disagreed, $27.64\%$ Agreed and $23.08\%$ Strongly Agreed. The study further made a finding that summative $27\%$ largely disagreed and $73\%$ equally agreed that child pornography is serious security threat to e-government platforms and services delivery. According to Tahira and Mugenda, any findings above $70\%$ is considered excellent. Similar study by Sunil, Pawar and Bapu, identified child pornography as a major threats to the effective implementation of e-governance systems and services delivery. (Valentina Ndou, 2004) The study deducts that child pornography has a potential security threat which can cause harm or mislead internet digital technology users particularly the young with fragile mindset because of disinformation and misinformation. ## xiii. Other security threats The study sought to gather other categories of information security threats that had been encountered by the study participants that had not been exclusively been covered by the questionnaires. The following is the summary extract of significant threats as identified by the respondents that have the potential to cause disruption of e-government services: Table 4: Other types of information security threats <table><tr><td></td><td></td><td>Frequency</td><td>cum%</td></tr><tr><td>1.</td><td>Hacking</td><td>20</td><td>20.00</td></tr><tr><td>2.</td><td>Information Extortion</td><td>10</td><td>30.00</td></tr><tr><td>3.</td><td>Employee Mistakes</td><td>5</td><td>35.00</td></tr><tr><td>4.</td><td>Photoshop</td><td>5</td><td>40.00</td></tr><tr><td>5.</td><td>Corruption</td><td>15</td><td>55.00</td></tr><tr><td>6.</td><td>Service Providers</td><td>20</td><td>75.00</td></tr><tr><td>7.</td><td>Pharming, viruses, worms, access denial, bots</td><td>15</td><td>90.00</td></tr><tr><td>8.</td><td>Snooping</td><td>10</td><td>100.00</td></tr><tr><td></td><td>Totals</td><td>100</td><td></td></tr></table> ### c) Hypothesis Test The specific objective was to investigate the types of insecurity threats that affect the quality of the e-government services. The following hypothesis was tested at a significance level of $5\%$ (0.05) using the SPSS software: H0: The information security threats have no effect on the quality of e-government services in Kenya. H1: The information security threats have significant effect on the quality of e-government services in Kenya $$ \mathrm{C h i} ^ {2} - \text{Test} = x ^ {2}, \mathrm{d f} 1 1 (\mathrm{n} - 1) = \sum (\mathrm{O i} - \mathrm{E i}) ^ {2} / \mathrm{E i} = 2 0.4 7 $$ The Chi2 –Test of 20.47 is significantly greater than the critical value of 19.68 at $5\%$ significant level. We thus reject the Null Hypothesis (H0) and accept the Alternative Hypothesis (H1) that the information security threats have significant effect on the quality of e-government services in Kenya. ## V. CONCLUSION AND RECOMMENDATIONS ### a) Conclusion During the last decade and within the $21^{\text{st}}$ Century, Kenya government has progressively adopted e-governance systems embracing digital online and telephony services in the provision of public services and collection of national revenues. These successes are happening within a globalizing digital society. These innovations likewise are increasingly attracting new cyber security threats arising from geopolitical competition and rivalries among the super powers and leading industrial nations. The country's heavy dependency and reliance on imported technology from leading MNCs exposes the citizens and national infrastructure to potential cyber security coercion emanating within the cyber space for lack of national capabilities, technological knowhow and expertise within the diminishing state sovereignty and control operating global environment. This study set out to examine the information security threats to e-government services in Kenya. Guided by General Systems Theory and adapting descriptive research methodology. The study issued 1200 questionnaires out of which 966 were returned making a successful response rate of $80\%$. The study found that Kenyan citizens were the majority users at $50\%$, Kenyan registered Companies at $35\%$, Foreign Agencies $10\%$ and Foreign Citizens at $5\%$. The services sought comprised; Government to (G2C) $43\%$, Government to Business (G2B) $35\%$, Government to employees (G2E) $20\%$ and Government to Government (G2G) $2\%$. The study identified 12 categories of cyber security threats i.e unauthorized access, illegal devices, unauthorized codes, distributed denial of services (DDoS) false publications, computer frauds, cyber espionage, terrorism and squatting, phishing, identity thefts, electronic interceptions, fraudulent electronic data, employee aiding, child pornography and others. This study further finds that modern communication is a conglomeration of sub-systems that are quite unique and interdependent among each other through a fusion of people, infrastructure, technology and information. The study equally finds that increased technological inventions, innovations, artificial intelligence capabilities and proliferations has put world superpowers and leading industrial societies at new age of war accusing one another of technology thefts, piracy and cloning. These renewed competition will likely escalate into new collaborative frameworks and conflicts as they seek control dominance, manipulation and exploitative opportunities among each other thus causing significant cyber space challenges and miseries to the developing nations. The hypothesis test at 11 degree of freedom, $\mathrm{Chi}^2$ -Test $= x^2$, df 11 (n-1) = $\sum (\mathrm{Oi} - \mathrm{Ei})^2 / \mathrm{Ei} = 20.47 > 19.68$ at $5\%$ was significantly greater. The study thus rejects the null hypothesis (H0) that the information security threats have no effect on the quality of e-government services and accepts the Alternative Hypothesis (H1) that information security threats have significant effect on the quality of e-government services. ### b) Recommendations In this increasingly globalizing digital economy and shifting global power balance, ownership and leadership in digital technological particularly the immense benefits to be associated with the artificial intelligence capabilities are likely to heighten renewed vicious competitions and rivalries among the superpowers and their allies and with it likely significant technology security challenges for the developing world category in which Kenya belongs. And with clear evidence of declining traditional expeditionary military and mercenary coercive power as witnessed by western powers military campaign failures in Middle East, North Africa, Afghanistan, Ukraine and West Africa its highly likely that the cyberspace will offer the new sphere of influence for the technology giants and thus highly likely increased cyber coercive activities. The study thus recommends that Kenya should develop and invest in local technologies and critical infrastructures, collaborate in international cyber security networks, conduct frequent infrastructure security audits and monitoring, human resource capacity development, implement network security, infrastructure security, applications security, cyber security, cloud security and lastly restructure the national security architecture to provide for national cyber space security capabilities or organs to augment the existing national security architecture in preventive, defensive and offensive capabilities in tandem to the evolving global digital information environment to effectively deter and contain the new security threats emanating geopolitical competition and rivalries among the leading industrial nations.

Generating HTML Viewer...