[ACCI-CAVIE] Only 19 African countries are signatories to multilateral cybersecurity agreements. The United Nations (UN), arm in charge of global telecommunications, the International Telecommunications Union (ITU) has called on governments in Nigeria and other parts of Africa to deepen Internet safety.

The UN observed that as the world continues to recover from the disruptions of the COVID-19 pandemic, coping mechanisms such as increased use of virtual workspaces; online marketplaces and e-governance have become the norm. It said while this presents opportunities to revamp economies and streamline public service delivery, it may also heighten exposure to cybercrime.

The body noted that in Africa, many countries have seen a rise in reports of digital threats and malicious cyber activities. The results include sabotaged public infrastructure, losses from digital fraud and illicit financial flows, and national security breaches involving espionage and intelligence theft by militant groups.

The UN said addressing these vulnerabilities requires a greater commitment to cybersecurity. According to it, this requires enforceable policy safeguards, risk prevention and management approaches, along with technologies and infrastructure that can protect each country’s cyber environment, as well as individual and corporate end-user assets.

However, the latest Global Cybersecurity Index (GCI), released this June by the International Telecommunication Union (ITU), suggests Africa’s levels of commitment to cybersecurity – as well as capacity for response to threats – remain low compared to other continents.

The GCI report examines the cybersecurity landscape in 194 countries by the end of 2020 and assesses their commitment to improving cybersecurity based on five pillars: legal, technical, organisational, capacity development, and cooperation.

From the legal perspective, ITU said out of 54 African countries assessed, 29 had passed legislation to promote cybersecurity. Four others are currently at the stage of drafting policies or seeking legislative approval. It disclosed that Africa comes second to Europe in terms of the prevalence of legislation. Of all the pillars assessed, this was the measure where the region recorded its best performance. Still, it said these legal frameworks lack adequate depth and breadth as only 17 African nations have adopted specific legislation to tackle online harassment.

On technical readiness, ITU, which explained that this measures the mechanisms and structures put in place at the national level to deal with cyber risks and incidents, and particularly the existence of a reliable Computer Incident and Emergency Response Team (CIRT or CERT). Out of 131 CIRTs identified across the globe, only 19 are in Africa, with an additional two in the pipeline. Interestingly, six of the 19 emerged between 2018 and 2020, reflecting a notable rise in a short period. Africa has only nine sector-specific CIRTs, set to respond to particular risks. This indicates a lack of maturity in the region’s cybersecurity measures.

In terms of organisation, the telecommunications body examined whether coordination mechanisms are sustainable, if the roles and functions of implementing agencies are clearly defined, and possible actions to protect critical infrastructure. Based on this, ITU informed that only 10 African countries possess a national cybersecurity strategy that fully addresses measures related to critical infrastructure.

By Adeyemi Adepetun