As a result of rising internet penetration and advances in digital technology, African countries face rising threats from cyber-enabled espionage, critical infrastructure sabotage, organized crime, and combat innovation. Security sector actors in Africa face significant challenges in responding to these threats. On the one hand, the security sector has a critical convening and coordinating role to play as part of broader national cybersecurity policy and strategy, as well is in sector-specific responses to strategically significant cyber threats. On the other, when African countries take authoritarian, regime centric approaches to addressing cybersecurity issues, advances in security sector cyber capacity may come at the cost of civil liberties and human rights, undermining democratic governance and the rule of law.
On May 19-20, the Africa Center convened approximately 40 U.S. and Africa-based practitioners and experts to:
- Expand understanding of how advances in information and communications technology are changing Africa’s security landscape.
- Expand understanding of how advances in information and communications technology are influencing African government and security sector responses to threats and consider the strategic implications of these responses for security sector governance across Africa.
- Discuss how to the U.S. can strengthen government and security sector cyber capacity as part of broader national cybersecurity policy and strategy in Africa in a manner consistent with democracy, rule of law, and the security needs of the African citizens.
Session 1
Taking Stock of Government and Security Sector Responses to Africa’s Cyber Threats
This session explored how digital technology is influencing Africa’s security landscape, took stock of government and security sector responses, and discussed the main challenges African government and security sector officials face in assessing and responding to cyber-related threats.
Session 2
Cyberspace and Security Sector Governance Challenges in Africa
This session discussed how growing cyber threats are influencing security sector governance across Africa. It identified the ways in which security sector actors are leveraging digital technologies, policies and strategies to respond to both virtual and violent threats as well as discuss the ways in which these same tools, strategies and policies can, under certain conditions, undermine security transparency, accountability, democracy, and human rights.
Session 3
Good Practices in Security Sector Cyber Policy, Strategy and Governance
This session outlined good practices in the digital governance of the security sector, discuss the role of the African security sector as part of a broader multistakeholder approach to cyber governance, and highlighted leading examples of the multistakeholder cyber governance and cooperation in Africa.
Session 4
U.S. Priorities and Opportunities for Advancing Cyber Capacity Building and Security Governance in Africa
This session outlined the major priorities and activities of the United States with respect to government and security sector cyber capacity building, cyber-related security sector governance, and discussed how and other external actors the United States can build cybersecurity capacity in Africa in a manner consistent with democracy, human rights, rule of law and security needs of the African citizens.
Findings
Participants offered six core insights, summarized more extensively in the executive summary, to inform efforts by African governments, the security sector, citizens, the United States, and other external actors to improve cyber-related security sector governance:
- Extend security sector cyber capacity building efforts beyond the development of surveillance or “offensive” capabilities, to include threat intelligence, critical infrastructure protection, and securing government communications. The benefits of security sector involvement in cyberspace should be weighed against risks that security sector cyber authorities and capabilities diminish trust with the private sector and can be used to undermine the rights of citizens.
- Develop legal, judicial, and other horizontal accountability mechanisms to govern the use of cyber capabilities. Cyber and ICT-related tools are more likely to reinforce the social contract between states and citizens in countries where existing mechanisms of accountability are strong.
- Integrate security sector cyber capacity building with broader security sector reform efforts. Countries with ongoing security sector reform efforts should also address cyber and ICT-related policy.
- Align cybersecurity strategy with national security strategy. Aligning cybersecurity strategy with national security strategy will ensure that both reflect compelling national interests.
- Expand engagement with leading technology companies. Their control over much of the world’s ICT infrastructure makes them as, if not more, influential than many states.
- Build awareness of cyber strategy and technology policy among African security sector leaders, diplomats, and heads of state. Leadership from senior African officials, who like their peers elsewhere are often not cyber savvy, is most needed to catalyze change.