Virtual Academic Program
August 3–25, 2021
Program Objectives:
Expand understanding of the main challenges interdependent information technology poses to national and citizen security in African countries.
Identify key priorities for African defense and security actors to better prepare for and respond to malicious cyber activity that threatens national security interests.
Compare experiences, perspectives, and good practices in cyberspace security policy across a range of security sector, civilian, private sector and non-governmental stakeholders.
Socialize the benefits of maintaining an open, reliable, and secure internet to maximize the advantages of interdependent information technologies for business, governments, and societies while minimizing cyberspace security threats and vulnerabilities.Session 1 | August 3, 2021
Africa’s Cyber Threat Landscape
Presented by:
Nathaniel Allen, Assistant Professor, Africa Center for Strategic Studies
Noelle van der Waag Cowling, Lecturer, Stellenbosch UniversitySection Objectives:
Describe the scope and scale of the cyber threats African countries face from espionage, critical infrastructure sabotage, organized crime and combat innovation
Explore how the nature of Africa’s cyber threats are likely to change and evolve in the future.
Consider the scope and scale of these cyber threats in South AfricaDiscussion Questions:
What do you consider to be your country or regions principal cyber threats and challenges? How severe are they?
What sectors in your country or region are most vulnerable to cyberattack?
How do you see the cyber threat landscape in your country or region evolving over the coming five or ten years?Recommended Reading:
Nathaniel Allen, “Africa’s Evolving Cyber Threats,” Africa Center for Strategic Studies, January 19, 2021.
Noëlle van der Waag-Cowling, “Stepping into the Breach: Military Responses to Global Cyber Insecurity,” International Committee of the Red Cross, June 17, 2021.
Mourad El Manir, “L’Afrique Face aux Défis Proteiformes du Cyberespace,” Policy Center for the New South Policy Paper, Décembre 2019.
ENACT and INTERPOL, Online Organized African Crime from the Surface to the Darkweb, INTERPOL Analytical Report, July 2020.
African Union and Symantec, Cyber Crime and Cyber Security Trends in Africa, November 2016.Recommended Videos:
Africa Center for Strategic Studies, “Emerging Cyber Dimensions of Africa’s Security Landscape,” December 3, 2020
Africa Center for Strategic Studies, “Cyber Dimensions of Statecraft in Africa,” March 18, 2021
Africa Center for Strategic Studies, “Cyber Dimensions of Violent Extremism in Africa,” May 19, 2021
Africa Center for Strategic Studies, “Emerging Cyber Dimensions of Transnational Organized Crime in Africa,” July 8, 2021
Session 2 | August 10, 2021
Key Elements of a National Cyberspace Security Response
Presented by:
Kamissa Camara, Director for External Affairs and Africa Policy for the Tony Blair Institute for Global Change and Senior Visiting Expert for the Sahel at the United States Institute of Peace
Moctar Yedaly, Former Head of Information Society Division, African UnionSession Objectives:
Identify key elements of the national-level response necessary to confront cyberspace-related challenges to national security.
Identify key actors and stakeholders in designing and effecting a national cyberspace security response and the role for national security actors within a multistakeholder approach.
Assess national-level cyberspace security policy, strategy, and institutions of leading African countries.
Take stock of the security sector’s role in national efforts to confront cyber threats from espionage, critical infrastructure sabotage, crime, and combat innovation.
Discuss the benefits and challenges of maintaining an open, reliable, and secure internet to maximize the advantages of interdependent information technologies for business, governments, and societies while minimizing cyberspace security threats and vulnerabilitiesDiscussion Questions:
How effective is your country/region in responding to cyber threats and what are the challenges?
What role does the security sector play in cyberspace security in your country? What other actors are involved in cyberspace security in your country?
What role should the security sector have in confronting your country’s cyber threats and challenges? How could this support a multistakeholder approach?
What are the challenges and risks associated with security sector involvement in cyberspace security?Recommended Reading:
Global Cyber Security Capacity Centre, “Cyber Maturity Model Dimension 1: Cybersecurity Policy and Strategy,” Oxford University.
Global Forum on Cyber Expertise, “Dehli Communiqué on a GFCE Agenda for Global Cyber Capacity Building,” November 24, 2017.
United Nations Information Technology Union, “2020 Global Cybersecurity Index,” United Nations, June 29, 2021.
DCAF, “How do Cyberspace and Cybersecurity Relate to Good Security Sector Governance“ in Guide to Good Governance in Cybersecurity,” p. 25-38, January 2021.
“A Problemática Da Cibersegurança E Os Seus Desafios,” Centro de I&D Sobre direito e sociedade, September 2016.
Nathaniel Allen, “The Promises and Perils of Africa’s Digital Revolution,” Brookings Techstream Blog, March 11, 2021.Session 3 | August 17, 2021
Cyber Incident Management and Critical Infrastructure Protection
Presented by:
Kenneth Adu-Amanfoh, Founding Member and Director of ACDRO
Ali Mahamadou, Program Head, Niger National Center for Strategic and Security Studies (CNESS)Session Objectives:
Define critical infrastructure and examine the scale and scope of cyberspace threats and vulnerabilities to it in African countries.
Discuss the role of national and sectoral Computer Security Incident Response Teams (CSIRTs) as part of a national cybersecurity response system to identify and respond to malicious cyberattacks on critical infrastructure.
Discuss the role that national security actors play as key members of CSIRTS, interagency coordination cells, and other mechanisms for interagency cyberspace security cooperation.
Explore how best to promote cross-sector partnerships between civilian, security actors, law enforcement, justice, and private sector partners to safeguard internet-dependent critical infrastructure.Discussion Questions:
What would you characterize as critical infrastructure in your country or region? To what extent is this critical infrastructure cyber dependent?
Does your country have CSIRTs and how effective are they in protecting cyber critical infrastructure?
What laws, policies, or mechanisms does your country have in place to protect critical national infrastructure from cyberattack?
What role does the security sector have in protecting critical national infrastructure in your country?Recommended Reading:
Nathaniel Allen and Noelle van der Waag-Cowling, “How African Countries Should Address State-Sponsored Cyber Threats,” Brookings Techstream Blog, July 15, 2021
Internet Society and the African Union Commission, “Internet Infrastructure Guidelines for Africa,” March 24, 2017.
Redação Digital Security, “Segurança cibernética deve ser prioridade para setor de infraestrutura crítica,” 09/20/2020.
Hanneke Duijnhoven, Bram Poppink, Tom van Schie, and Don Stikvoort, “Getting Started with a National Computer Security Incident Response Team (CSIRT) Guide,” Netherlands Organisation for Applied Scientific Research, 2021.
Eric Luiijf, Tom van Schie, Theo van Ruijven, and Auke Huistra, “The GFCE-MERIDIAN Good Practice Guide on Critical Information Infrastructure Protection for governmental policy-makers,” GFCE-Meridian, 2016.Session 4 | August 24, 2021
National Cybersecurity Strategy
Presented by:
Abdul-Hakeem Ajijola, Chair, African Union Cyber Security Expert Group
Grace Githaiga, Convenor, Convenor, Kenya ICT Action Network (KICTANet) and Host of “Take on Tech,” Kenya Broadcasting Corporation (KBC)
Pierre Ouedraogo, Director General, Technology and Services for InnovationSession Objectives:
Discuss the process of drafting a national cyberspace security strategy and identify its core elements.
Discuss the role of the security sector actors in the design and implementation of national cybersecurity strategy and policy.
Outline core principles, good practices, and lessons learned during the crafting and implementation of national cybersecurity strategy and policy.Discussion Questions:
For countries with a national cybersecurity strategy, what was the process through which your country’s strategy was developed or implemented? For countries without a national cybersecurity strategy in place, what has your experience been with respect to developing and implementing sectoral strategies and policies on cyber issues?
What role does or should the security sector have in cyberspace security strategy development process?
What good practices, procedures, coordination mechanisms, or oversight are needed to ensure that national security actors play a productive role in formulating policies and strategies on cyber issues?Recommended Reading:
M.H.A. Klaver, D. Molema, and P.E. van den Brink, “GFCE CIIP Capacity Framework,” GFCE, June 20 2020.
International Telecommunication Union (ITU), Guide to Developing a National Cybersecurity Strategy, 2018.
Africa Center for Strategic Studies, 2021, “National Security Strategy Development Toolkit,” January 2021 Section 1, pp. 1-9.
Luka Kuol and Joel Amegboh, “Rethinking National Security Strategies in Africa,”International Relations and Diplomacy 9 (01): 2021, 1-17.
Government of Burkina Faso, “Strategie nationale de cybersécurité,” January 2019.
Federal Republic of Nigeria, National Cybersecurity Strategy and Policy, February 2021.
Claudia Almeida et al., “Problemática da Cibersegurança: o Caso da Estratégia Nacional de Segurança no Ciberespaço,”Informação e Segurança no Ciberespaço, September 2018.