The 2nd edition of the AfICTA Quarterly webinar was successfully organized on 29 June 2021. The event was hosted by the West African Region spearheaded by Mr. Tola Sogbesan. The session was channeled to company representatives and business owners in attendance and was moderated by Mr. Laicana Coulïbaly, Cybersecurity Expert; alongside himself were panelists: Cheick Omar OUEDRAOGO, Deputy General Manager of Talentys, Burkina Faso; Sidik TOURE, Program Director, Banking and Critical Services Security, Orange Middle East and Africa; Eloge BEONAO, CIO, MTN Côte d’Ivoire; Jean-Robert HOUNTOMEY, Director, AfricaCERT; Fabien NDIOMO, Regional Information Security Head WECA of MTN Group.
The theme of the session was Cybersecurity Innovation "Cybersecurity Innovation: How Africa Can Contribute." The webinar aimed at discussing Cybersecurity Innovation in Africa, the state of consumption of cyber solutions and standards, what needs to be done for Africa to become major contributors, the responsibilities of public and private sectors, the necessity for Digital Sovereignty, and the need for innovative indigenous solutions and standards, based on our realities. The expected outcome was to develop recommendations for both the public and private sector on clear actions and plans to be implemented across the Continent that can engender Cybersecurity capacity development and Cyber Innovation.
In the opening session, Mr. Thabo Mashegoane, opened by thanking the panelists for their time and expertise, welcomed the participants, and proceeded to buttress the importance of the theme of the webinar which is very imperative in the post COVID world which saw exponential growth in the Cyber threats due to the rapid Digital adoption in the new age. The spike in cyber threats not only creates a demand for cyberthreats solutions but also creates a market for cyber innovators and the theme of the webinar would focus on the Afrocentric approach to meeting the demands pertaining to the specific context of the African Cyber Ecosystemguest speaker
Mr. Laicana posed the first question on Africa's contribution currently to the global cyberspace ecosystem and Mr. Cheick Omar shared his opinions from the microscopic analysis of the francophone countries in Africa. Although the recent pandemic times have resulted in an increase in general digital adoption there isn't any significant interest nor contributions in the cybersecurity innovation because stakeholders still inherently hold user-centric views on the benefits of adoption. The best way to address this is through constant and sustained awareness at all levels to ensure there is increased interest in the field.
Cyberthreat agencies across the continent are either non-existent or dysfunctional and this needs to be addressed quickly albeit there is a lack of resources for this sector but the market created by the sector is very massive and could also be an avenue for job creation across the continent.
Jean-Robert from AfricaCERT held a more optimistic view that although more works need to be done on the continent in terms of developing solutions and strategies that aid mitigation of cyber threats they also need to be commended so far on the continent as more countries are now creating cybersecurity policy frameworks and in some cases capacity development schemes in the sector.
According to the research from AfricaCERT working rigorously to stimulate development through close efforts with the African Union and other National Agencies, ECOWAS now has developed a global Cybersecurity for all countries in the region of the West African states. As of last year, 21 Incident Response teams were set up in the continent and now there are about 27 which indicates the growing efforts in the area albeit there is still a need for more resources and capacity building within these agencies and organizations. African Nations are participating in the UNDG & UN Open-Ended Working Group discussion on Cybersecurity which means there is a growing appetite for application security, product security, and issues related to investigation availability and disclosure. The naming Industry has also made very significant strides through vertical collaboration across African Countries such as the Cyber drill exercises organized between CIR organizations and National partners.
There is a need for the public sector to create the guidelines and platforms that engender Cybersecurity innovation and solutions by ensuring all stakeholders in the digital economy ecosystem are held to specific security standards that are not to be bridged. In North Africa, policies that require regular assessment tests, notification, and reporting of incidences are established and implemented which shows that there is also a need for more vertical collaboration and sharing of best practices such as the aforementioned to engender cybersecurity awareness and growth in other parts of the continent. The major reason for the lack of implementation of these cybersecurity standards and policies is due to the lack of investment and resources provided in terms of expertise and capacity and investigative technologies. The private sector needs to priorities cybersecurity by providing norms through knowledge sharing on best practices.
Although there is a need for adaptation of global standards based on the socio-economic realities in Africa, global standards are available for certain reasons, primarily for more synergy. Notwithstanding, there is a need for cybersecurity frameworks based on the African context, but we must ensure that we don't deviate from the "global truth". We may create policies and standards that prioritize the African socio-economic realities, the collaboration between all stakeholder groups has to be implemented to ensure that these standards are understood by everyone involved. It may be more beneficial for African teams to join global standard-making bodies to ensure we contribute and table our needs at standard and policy discussions rather than desolidarizing by creating ours.
A major discussion at the European Union (EU) is the matter of digital sovereignty, the growing penetration of technology also indicates the need for digital sovereignty in Africa. it is clear that technology really reforms how people interact and this is exemplified with the boost in digital users in Africa. For us to begin to have control over the way our data is utilized, then we need to begin to think of how we can become creators and not just consumers of cyber technologies because so long as someone else creates for you then it is impossible to control or manage how your data is utilized. In other to migrate to being creators of cyber technology as opposed to just consumers, a mental shift from all stakeholder groups is imminent so matters of cybersecurity are prioritized as a matter of Security not just for cyberspace and the major step in this direction would entail creating budgetary allocation at all levels for Cyber solutions and technologies.
Cyber capacity building as defined by the global forum for Global Forum on Cyber Expertise (GFCE) has 4 pillars:
- Policy and Strategy: interested in National Strategy Assessment, Confidence building measure norm & Cyber diplomacy & international law in cyberspace.
- Incident Management & Critical Infrastructure Protection: interested with National Computer emergence & Security Incidence Response teams, Cybersecurity exercise and Critical Information Protection.
- Culture & Skills: interested in Cybersecurity assessment, Education, and Training & Workforce Development.
- Standard: interested in the promotion of internet-related standards. The GCFE works on having constant constructive dialogue among multi-stakeholder groups to set the agenda to drive Cybersecurity development. The public sector needs to be held accountable o implementing all the schemes and programs put forwards a dialogue such as the current webinar. We need to build on existing frameworks for Cybersecurity development and ensure that the public is invited to constructive dialogue both at the national and global level to ensure accountability at all levels.
The second edition of the AfICTA Quarterly series was very successful with recommendations for more vertical collaboration within the African community to enable cross knowledge sharing of best practices that engender Cybersecurity Development and the public sector is pivotal to spurring Cyber innovation but there needs to be investment from pubic nad private sector. The next edition of the AfICTA webinar would be in the 3rd Quarter (Q3), 2021. The date would be announced in due time. Read More
