Inside Royal Media’s Cybersecurity Evolution

No photo availableCIO Africa authorByCarol Odero
3 min read
After experimenting with an outsourced Security Operations Centre (SOC), RMS shifted to Sophos MDR for proactive, global threat monitoring.
Sophos cybersecurity partnership with Royal Media Services

When Kenya’s largest broadcaster—Royal Media Services (RMS)—began its digital transformation, cybersecurity was not yet a headline concern. A decade ago, the company’s digital operations were straightforward, its threats predictable, and its defences basic.

Today, as the media group navigates an era of misinformation, ransomware, and AI-generated attacks, it has transformed itself into one of East Africa’s most digitally fortified organisations.

“We started with a Linux-based firewall and a few access points that weren’t security-ready,” recalls Samuel Kibacia, Head of IT Infrastructure at RMS. “We thought that was enough. But we quickly realised that security isn’t something you install once—it’s something you live and evolve with every day.”

From Fragmentation To Full Visibility

With 13 radio stations, three television channels—including the country’s most-watched Citizen TV—and an expanding portfolio of digital and on-demand platforms, RMS’s digital surface was widening fast. Growth brought new opportunities—but also new vulnerabilities.

To keep pace, the organisation embarked on a full-scale cybersecurity transformation with Sophos, deploying the technology across all touchpoints: wireless, endpoints, firewalls, and ultimately Managed Detection and Response (MDR), a 24/7 global security service.

“Through Sophos Central, we can now see everything,” Kibacia explains. “If there’s a threat, we know where it came from, where it went, and how to stop it. That 360-degree visibility changed how we operate.”

Truth, Trust, And The New Digital Battleground

In broadcasting, a single false story can undermine years of credibility. For RMS, safeguarding content integrity is just as important as protecting its networks. “If something unverified goes out on one of our channels, it’s treated almost like gospel truth,” Kibacia notes. “That’s why protecting our digital ecosystem is non-negotiable.”

Over the past decade, threats have evolved dramatically—from simple malware to sophisticated, AI-generated attacks capable of mimicking identities and fabricating news. “Five years ago, ransomware was our biggest concern. Now, the threats are smarter, faster, and more deceptive,” he says.

Global Vigilance Through MDR

After experimenting with an outsourced Security Operations Centre (SOC), RMS shifted to Sophos MDR for proactive, global threat monitoring. “Even if a new threat starts in another part of the world, someone has already detected and neutralised it before it reaches us,” Kibacia explains. That constant vigilance has paid off. When a user’s credentials were leaked online, Sophos tracked the compromised data across the dark web and helped RMS remediate the breach. “They don’t just warn you—they act,” Kibacia adds.

Another milestone was the adoption of Intercept X, Sophos’ anti-ransomware solution. “Before that, we had an attack that slipped through antivirus protection,” he recalls. “Since installing Intercept X, we haven’t had a single ransomware incident.”

The Next Frontier: Cloud & Core Network Security

Today, RMS’s defences span its entire operation—from Wi-Fi and endpoints to firewalls and branch networks. The next phase, Kibacia says, is to extend visibility into network switches and core infrastructure, ensuring every layer of connectivity is protected. “As we move more services to the cloud, Sophos moves with us,” he says. “It’s not just about digital transformation anymore—it’s about digital resilience.” In a world where content is power, Royal Media Services is proving that cybersecurity isn’t a technical function—it’s the foundation of public trust.

 

Leave a Reply

Your email address will not be published.

Do you have a story that you think would interest our readers? Write to us editorial@cioafrica.co