By: Dominic Sepenu

GFCE and ACBF unite in a landmark MOU to bolster Africa’s cybersecurity resilience. This collaboration aims to address escalating cyber threats by pooling resources and expertise. Through targeted capacity-building programs, governments, institutions, and individuals will gain vital skills to mitigate risks effectively.

In a significant move towards enhancing global cybersecurity resilience, the Global Forum on Cyber Expertise (GFCE), Africa Hub, and the African Capacity Building Foundation (ACBF) have inked a Memorandum of Understanding (MOU) to bolster capacity-building efforts in cybersecurity across Africa.

The MOU signifies a collaborative commitment to address the pressing challenges faced by African nations in cyberspace. With the exponential growth of digital technologies, Africa has become increasingly vulnerable to cyber threats, ranging from malicious cyber activities to data breaches and cyber-attacks on critical infrastructure.

Under the terms of the agreement, the GFCE and ACBF pledge to pool their resources, expertise, and networks to deliver targeted capacity-building programs tailored to the needs of African countries. This collaboration aims to empower governments, institutions, and individuals with the necessary skills and knowledge to mitigate cyber risks effectively.

Key components of the partnership include:

1. Resource Mobilization: Facilitating the exchange of resources, best practices, lessons learned, and expertise in cybersecurity capacity building between the GFCE’s global network and ACBF’s extensive regional reach in Africa.

2. Capacity Building Programs: Organizing training sessions, workshops, and seminars designed to build the technical and strategic capacities of African stakeholders in cybersecurity governance, risk management, incident response, and other critical areas.

3. Research and Policy Development: Supporting research initiatives and policy dialogues to inform evidence-based cybersecurity strategies and policy frameworks that align with regional priorities and international standards.

4. Networking and Collaboration: Fostering partnerships and collaboration among government agencies, academia, private sector entities, and civil society organizations to foster a holistic and inclusive approach to cybersecurity capacity building.

Mr. Moctar Yedaly, Director of the GFCE Africa Hub, expressed optimism about the transformative potential of the MOU, stating, “By joining forces with ACBF, we can leverage our collective strengths to build a more resilient and inclusive cybersecurity ecosystem in Africa.”

The signing of the MOU between the GFCE and ACBF represents a significant milestone in the global efforts to promote cybersecurity capacity building, specifically focusing on addressing the unique challenges African countries face. As cyberspace evolves rapidly, collaborative initiatives like these are essential to ensure a safer and more secure digital future.

By: Jaqueline Pateguana, Clearing House Coordinator

In the face of escalating cybersecurity risks, the GFCE Clearing House tool remains crucial in coordinating cyber capacity building initiatives at local, regional and global levels. By offering tailored assistance, it connects members of the GFCE community to resources and expertise, fostering collaboration to address the increasing threats to cyberspace and, more broadly, economic stability.

In today’s digitally interconnected world, cybersecurity threats have reached unprecedented levels, transcending borders and posing significant risks to national security, economic stability and public safety. Recognizing the imperative need for a coordinated cyber capacity building response, the GFCE Clearing House mechanism seeks to synergize efforts and facilitate the exchange of expertise and resources within the GFCE community. At its core, the GFCE Clearing House provides tailored assistance to GFCE member countries with cyber capacity needs. This is achieved by matching those members to GFCE partners and implementers who can offer cyber capacity support.

Since its establishment in 2015, the GFCE Clearing House has facilitated several successful CCB projects. And while the success of different projects or initiatives can depend on many factors, the following three are critical:

1. A clear political mandate

A political mandate is indispensable for the success of any GFCE Clearing House project. It clarifies the entity with the governmental authorization for cybersecurity as a whole, or the initiative in particular. Additionally, it demonstrates the commitment that legitimizes and propels the CCB initiative forward.

With a clear political mandate, stakeholders are given clarity on who has the purview for a particular initiative, thereby avoiding the risk of identical interventions, or duplication of efforts, at a national level. Similarly, with a clear political mandate, a CCB project is more likely to receive the necessary support (in-kind or financial), stakeholder engagement and cross-sector collaboration because the mandate alone can serve as a clear signal that the GFCE member country is devoted to safeguarding its digital frontiers in a coordinated manner, thereby fostering an environment conducive to comprehensive, strategic planning and robust execution of cybersecurity measures. This level of official support is particularly crucial in cyber capacity building, where rapid response and adaptation to the evolving threat landscape are necessary.

2. Strategic vision for securing cyberspace

The strategic vision for securing the nation’s cyberspace is a second critical success factor. Strategic vision, articulated through a strategy or action plan, provides a comprehensive roadmap for protecting a nation’s critical information infrastructure and digital assets against cyber threats. Much like a clear political mandate, an actionable strategic vision that outlines how a nation intends to bolster its cyber capacity can also serve to demonstrate the GFCE member country’s coordinated response to cyber threats, enhancing national security and public safety, and is therefore often requested to showcase the country’s medium and long term goals for protecting its digital assets.

It is important to note that this high-level strategic vision should also be aligned with the mission of the GFCE — to promote an open, free, peaceful, and secure digital world. An open and free digital environment not only encourages innovation by allowing information to flow freely, but it also aligns with the protection of fundamental human rights, including freedom of expression and the right to privacy. In essence, observance of the principles of open, free, peaceful, and secure cyberspace contributes to creating a safer, more inclusive, and more prosperous global society — the values on which the GFCE community is built.

3. Adequate institutional arrangement

The final element for a successful GFCE Clearing House case is the presence of a national institutional arrangement to support the roll-out of the project. An effective governance framework is critical for two reasons. First, to ensure that the project’s execution is in alignment with the country’s strategic vision. Second, to ensure that the country can strengthen and sustain cyber capacities at a national level.

While the GFCE Clearing House mechanism connects GFCE Member countries with partners and implementers who have offers of cyber capacity, it is ultimately the responsibility of the requesting country to drive the initiative. To achieve this, GFCE member countries need agile teams that can respond to immediate challenges and have the strategic capacity to plan for the medium and long term. The local teams should be familiar with the local context in which the initiative is being rolled out — safeguarding the cultural and sociopolitical context.

This self-reliance ensures the project’s sustainability and safeguards the nation’s overall longevity and self-sufficiency in managing and advancing its cybersecurity capacities, as the teams will leverage knowledge transfer for future CCB activities.

Conclusion

As the cyber threat landscape continues to evolve, delivering successful CCB programming becomes more pressing. While this list doesn’t contain every factor required for a successful GFCE Clearing House project, addressing these three critical success factors — having a clear political mandate, a strategic vision for cybersecurity and an adequate institutional arrangement — will not only lay the foundation for coordinating CCB efforts but also ensure the sustainability and effectiveness of CCB programming, ultimately fostering a resilient cyberspace.

To foster scholarly research on cybersecurity capacity building and enhance dialogue between the research community and policymakers, the GFCE Research Committee is organising a workshop on Tuesday, 28th November, in the margins of the Global Conference on Cyber Capacity Building (GC3B).

Following a call for papers in July, eight selected papers will be presented and discussed during this research workshop on the day before the GC3B conference in Accra, on 28 November from 10h00-12h00 (Local Ghana Time) at the Kempinski Hotel. This Research Workshop provides a unique platform for deepening the study of the intersection between cybersecurity and development agendas. More importantly, it is a space where scholars and researchers will have the opportunity to present their work and reflect on the topics alongside practitioners.

Moderated by GFCE Research Committee Chair, Dr. Enrico Calandro, and with a dedicated Chair and Discussant leading each of the three panels, participants can expect to learn more about interdisciplinary and/or multi-method research, comparative perspectives within and across regions as well as topics which connect specific realities with broader CCB topics. For more information and latest updates, please check the GFCE Annual Meeting

Panel 1

• “Symmetries in the Development of National Cyber Security Policies in Latin America: A Future Approach” – Juan Manuel Aguilar Antonio.“Challenges to Cybersecurity Strategy in SADC: a Discussion Paper” – Laban Bagui, Nthabiseng Pule & Shallen Lusinga.

• “Perspectives of Cyber Security Capacity Building Measures in the South Caucasus” – Marina Malvenishvili.

Panel 2

• “The impact of capacity development activities on effective prevention of cyber violence against women and girls” – Ekaterina Dorodnykh & Matteo Lucchetti.“Cybersecurity in the Era of Quantum Advantage” – Timothy King & Louise Turner.

• “A review of the International Cooperation Regime for the Control of Cybercrime in Nigeria: Lessons learned and recommendations” – Jerome Uchenna Orji.

Panel 3

• “Developing a Cybersecurity and Technology Roadmap for Humanitarian Non-Governmental Organizations” – Matthew Boyas, Victoria Gammino & Nicole Rasmussen.

• “Critical Discourse Analysis of Cybersecurity in Malawi Media” – Chimwemwe Mtegha.

Sponsor

UK Foreign, Commonwealth & Development Office

Duration

September 2021 – March 2022

Project objectives

• embed the operational process of the Clearing House in the GFCE community
• scale up the offer of the Clearing House both national and regionally, assisting with the alignment of regional CCB programmes to meet CCB needs
• encourage a demand driven approach to the Clearing House across the GFCE working groups. 
• The benefit in the achievement of these aims will be to ensure better visibility, understanding and use of the GFCE Clearing House Tool by GFCE Members and Partners

Description

• Lead the GFCE Clearing House operations, actively supporting matching requests for cyber capacity building support from GFCE Members with offers of international support. 
• Develop a GFCE Clearing House Strategy, prioritising efforts and resources to scale the Clearing House offer both nationally and regionally. 
• Promote and broaden understanding of the GFCE Clearing House Tool’s offer and impact among the GFCE community and internationally.
• Work with GFCE Working Groups to refine/design a demand driven approach for GFCE members and partners to utilise, engage and improve coordination on CCB efforts, avoiding duplication, through the GFCE Clearing house Tool.  

Written by: Jaqueline Pateguana, Clearing House Coordinator at the GFCE Secretariat; Anna Noij, Advisor at the GFCE Secretariat. 

With the support from the Global Forum on Cyber Expertise (GFCE)’s Clearing House, the Government of Sierra Leone intends to strengthen cybersecurity capabilities of its society as a whole, including citizens, public and private sector.   

The National Cybersecurity Coordinator, Mariama Yormah, says that the initiative emerges out of the country’s National Cybersecurity Strategy action plan. “The Government’s vision is to empower citizens with the freedom to use the internet for the nation’s socioeconomic development,” stated Yormah. To achieve this, they have adopted the National Cybersecurity Strategy 2021-2025 and passed the Cybersecurity and Crime Act 2021. Next, they will measure the maturity level of the cybersecurity capabilities in country, and then roll out a program that strengthens the digital capabilities of citizens, public and private sector so “all are able and capable to take control of their cybersecurity.” 

“This is our second time seeking out assistance from the GFCE’s Clearing House,” explained Yormah. “In 2019, the Clearing House played an instrumental part in securing support for the development of our first National Cybersecurity Strategy thus, to materialize this new vision, the GFCE’s Clearing House function was our immediate first stop,” she stated. In response to the requested submitted in September 2022, the GFCE Secretariat convened a meeting between Sierra Leone and a coalition of GFCE members and partners with potential expertise to address Sierra Leone’s request. At the meeting, Sierra Leone was able to present their needs to the GFCE members and partners in attendance and has subsequently received various offers of support. 

Figure 1. Mariama Yormah, Sierra Leone’s National Cybersecurity Coordinator, attending the GFCE Annual Meeting in September 2022. 

“The GFCE Clearing House continues to be one of the primary tools we have to support our members and partners. It is through the Clearing House that we realize our demand-driven approach, where member countries indicate their CCB gaps and priorities. As a Secretariat, our responsibility lies in leveraging our regional coordination efforts to conduct stocktaking of the existing supply that the GFCE community has to offer” stated David van Duren, GFCE Director. He added that ultimately, though, it is the GFCE community that supports local capacity development—a testament that international collaboration and cooperation remain pivotal to strengthening cyber resiliency. 

 During that Friends of Sierra Leone meeting, the Government of Sierra Leone was able to secure support from several GFCE members and partners, including the International Telecommunication Union (ITU). The ITU’s Cyber for Good project aims to bridge the cybersecurity capacity gap in the Least Developed Countries (LDCs) by enabling access to cybersecurity tools, trainings, assessments, and other services offered by the ITU Telecommunication Development Sector (ITU-D)’s Private Sector Members. Under the ITU Cyber for Good project, Sierra Leone has been provided 12 months of access to the BitSight Monitoring Platform, allowing Sierra Leone to continuously monitor cybersecurity posture of 20 national critical infrastructure organizations across 12 risk vectors, enabling the identification of vulnerabilities and better risk planning and mitigation. 

“ITU is immensely proud of its role in strengthening Sierra Leone’s cybersecurity infrastructure by fostering valuable partnerships with our ITU-D Private Sector Members. Cyber for Good complements other cyber activities by ensuring the Telecommunication Development Bureau (BDT) advances impact and delivers results for the Membership by creating lasting change and empowering communities worldwide. I remain firmly dedicated to its ongoing collaboration with GFCE’s community, providing steadfast support to our member states and championing their cybersecurity growth,” stated Cosmas Luckyson Zavazava, Director of BDT at ITU. 

Although one partner has been secured thus far, the GFCE Clearing House is continuing to work with Sierra Leone to identify other GFCE members or partners that can respond to other activities included in the request, including the need to conduct a cybersecurity skills gap assessment to evaluate the national cybersecurity capability, identify areas for improvement and cyber capacity building needs at a strategic and operational level. “The Government of Sierra Leone intends to roll out training and educational programs on cybersecurity generally, as well as national public awareness campaigns on cybercrime and the existing legal framework so to build confidence and use of ICTs for citizens and private sector, alike, and we see the GFCE Clearing House mechanism as the ideal platform to link existing CCB initiatives and expertise with the needs of Sierra Leone in assessing, designing and implementing these activities,” stated van Duren.  

Summary

In the two years since its inception in 2020 the Collaboration project between the African Union and the Global Forum on Cyber Expertise, sponsored by the Bill and Melinda Gates Foundation, has made a tangible mark in the cyber capacity building (CCB) landscape in Africa. With an active network of cyber experts (the African Cyber Experts Community) from over 30 African Union Member States (MS), a coordination network stretching over 25 multinational bodies, constant reflections and collection of information on African needs, and a body of Knowledge Modules setting a floor for future up-skilling, the project can be seen as a good foundation on which any number of CCB initiatives can be built. Now with the project drawing to a close, the GFCE reflects on its achievements and discusses where the project might go from here.

Objective and background

The AU-GFCE Collaboration Project has been implemented to enhance cyber capacity building knowledge, enable African countries to better understand cyber capacities, and identify and address cyber capacity needs to strengthen national cyber resilience. Further, the project enables the assembled national cyber experts to share views on how CCB gaps can be filled by conducting regional engagements, such as by identifying regional priorities, conducting geographically targeted initiatives, such as running the Germany – ECOWAS cyber capacity building workshops in 2022. Hence, the AU-GFCE Collaboration Project covered these six phases so far:

1. Validating Cyber Capacity priority needs for African countries;
2. Forming active communities that can define needs, participate in wider GFCE initiatives and participate in South-South capacity building;
3. Creating a coordination body made up of multi-national African organizations to provide strategic guidance for CCB in Africa, including through the production of an Africa CCB Agenda;
4. Designing and developing Knowledge Modules;
5. In-person engagement on Knowledge Modules, including collection of African best practices;
6. Connecting the African community to other GFCE pillars and expanding list of services available to ACE members.

Forming communities and defining needs

The most successful outcome of the AU-GFCE project was the creation of the African Cyber Experts (ACE) Community. It was created through national nominations made at the invitation of AUDA-NEPAD, grown through the GFCE regional meeting for Africa in the Hague in November 2021 and two project-based meetings in 2022, sustained through word of mouth and organically maintained by the authentic engagement of the community. Currently, 36 AU Member States have either nominated their representatives or are actively participating in all ACE Community meetings, while another 11 have either responded affirmatively in terms of interest or have acknowledged receipt of the AUDA-NEPAD letter. The GFCE intends to both continue growing the network, and to sustain the current membership in their professed desire to become “a network of experts for South-South cooperation”. The ACE Community has proven to be more than a community of experts, but also a source of unique knowledge and experience, and a forum for their sharing.

Also, the project has established the CCB Coordination Committee in November 2021 which is made up of over 20 multi-national organizations from the African Regional Economic Communities, the private sector and civil society, and chaired/co-chaired by the African Union Development Agency and New Partnership for Africa’s Development (AUDA-NEPAD) and the African Union Commission. The Committee seeks to provide oversight and feedback on key CCB projects, while also ensuring a great coordination and effective use of resources across the continent. In March 2022, the Committee met to discuss the CCB Agenda for Africa and the work plan for the establishment of a GFCE Africa Hub, both of which are intended to be presented to stakeholders by January 2023. Further, the Committee has acted as a force multiplier for the project, allowing Regional Economic Communities (RECs) to ensure greater participation and higher nomination numbers from their member countries.

Of particular importance for the sustained growth and engagement with the network were the two sustainment meetings of the Africa Cybersecurity Experts (ACE) Community, the first one taking place in Accra, Ghana, in March 2022, and the second conducted virtually in September 2022, with topics such as boosting cyber diplomacy, combatting cybercrime, cyber incident management, common internet and industry standards, awareness raising and enhancing gender equality on the table. The Accra meeting in particular was important as it saw the official launch of the series of nine Knowledge Modules and set a pattern for promoting local achievements by highlighting good practices of the Ghanian cyber security sector.

The second ACE Community Sustainment Meeting not only sought to collect feedback of the ACE Community on the progress of the project, but also provided an opportunity to present the Study on ‘Advancing Cyber Security with Africa’, conducted by KPMG. The report’s results show that most AU member states are progressing incrementally in enhancing their cyber capacities in terms of awareness and skills, Legal and Legislation frameworks at national level. NCS development, Assessments, Cyber Diplomacy, Awareness and CNIP/CIIP, which remain among the focus areas to be addressed by most AU Member States.

Knowledge Modules

The ACE Community’s engagement was instrumental in defining CCB needs in Africa, including the topics to be taken up through a series of Knowledge Modules, which aimed to enhance the understanding of CCB among governmental and non-governmental stakeholders, and supporting AU member states in strengthening their national cyber resilience. Based on CCB priority analysis in the first phase of this project, the GFCE engaged with DiploFoundation in August 2021 to produce nine Knowledge Modules (also available in French) on these crucial topics:

• Introductory Knowledge Module (defining CCB and horizontal issues)
• Strategies, Regulations and Legislation;
• Cyber diplomacy;
• Protection of Critical Information Infrastructure;
• Cyber Incident Management;
• Combatting cybercrime;
• Child online protection;
• Cybersecurity awareness, skills and workforce development;
• Cybersecurity standards & certification

The Knowledge Modules contained the summaries of CCB information from the GFCE community, members and partners, and have been calibrated to serve as an introduction into the above-listed topics, and to eventually be enriched with best practices and lessons learned from Africa. Following the Accra meeting in March 2022, the GFCE has been gradually introducing the Modules to the ACE Community through GFCE CCB Enhancement Sessions, held approximately once every two weeks. The sessions were intended to list the reasoning behind why each topic was chosen, what major challenges Africa is facing, a run-down of the Module by DiploFoundation and an invitation to use/ review/ add materials to it, and an invitation to 4 – 6 AU Member States to comment on their experience with the Module topic.

Expanding CCB services for ACE members

The AU-GFCE project encouraged the ACE community to benefit from the GFCE Clearing House (CH) Mechanism and the Cybil Knowledge Portal. Enhancement Sessions and in-person ACE Community meetings have proven to be an invaluable tool for the delivery of national CCB needs and perspectives that can be addressed through the Clearing House mechanism. As a result, the GFCE will continue soliciting the ACE community for their views to develop future CH mechanisms and provide a matchmaking and financing service for African stakeholders. Already, this has borne fruit, with two new Clearing House in Africa cases making progress in 2022 and will continue this year.

Conclusion and going forward

The AU-GFCE Collaboration Project received positive reactions from the assembled ACE membership during the sustainment meetings, stressing that they are ready to become more engaged in South-South capacity building and that Africa is in a great need for law and training (plus capacity building of CERT) as well as national cybersecurity guideline/standards. As a matter of fact, the foundation for the GFCE Africa Hub has been laid, which will serve as a resource centre, a meeting place and knowledge database for our communities, and is intended to be established in Accra next year. We are looking forward to supporting Africa to leverage existing resources, share its best practices and further build its cyber capacities in 2023 and beyond.

Testimonials:

Kassaye Tafesse (Ethiopia): “We see the GFCE as a very good opportunity for us since it creates an opportunity to share amongst African nations and amongst the world so that we can learn from that experience of other countries, and it will still help us to minimize costs and be effective to our programs.”

Ms. Rorisang Molefe (Lesotho): “We need to stop keeping discussion about cybersecurity at high level and make it as accessible as possible to all age groups and communities.”

Ms. Nenna Ifeanyi-Ajufo (AUCSEG): “African voice in cyber diplomacy needs to be heard. We need to look at capacity building in terms of institutional perspective. Cyber diplomacy and cyber security need to be prioritised. We need to encourage African states to think beyond their national borders and promote looking at cyber governance from a regional angle.”

Following the success of the GFCE Annual Meeting 2019 in Addis Ababa and the need identified within the GFCE Community, the GFCE will be increasing its efforts in the Africa region. Given this, the GFCE has devised a two-tier approach: 1) bringing together the GFCE community and coordinating cyber capacity efforts in the African region, and 2) through the AU-GFCE Collaboration project. The AU-GFCE Collaboration project aims to develop cyber capacity building knowledge (CCB) that will enable African countries to better understand cyber capacities and identify and address their national cyber capacity needs. Moctar Yedaly, Martin Koyabe, and Bernard Brian-Cudjoe have joined the GFCE Secretariat to ensure effective collaboration among key actors and stakeholders in Africa and the GFCE Community. The GFCE Secretariat is looking forward to work together with our new colleagues to strengthen regional collaboration on CCB!

Moctar Yedaly, GFCE Africa Program Director

“It is of my strong belief that one of the Sine Qua None conditions for Africa to meet its development objectives is to tape on the benefit provided by the ICTs. This demands for safe and secure cyberspace. Cybersecurity being a cross cutting sector of the AU Digital Transformation Strategy 2020 – 2030, its promotion in the continent is of most vital importance. The GFCE is a non-partisan institution aiming at building capacities in the Cybersecurity domain which meets my passion and believes for the continent. I am proud to be given the opportunity to contribute to strengthening  the GFCE focus on Africa.”

Martin Koyabe, Senior Project Manager AU-GFCE Collaboration Project

“As the world continues to mitigate the challenges and effects caused by COVID-19 pandemic, many countries in Africa are prioritising their resources towards deploying secure digital infrastructures to ensure reliable digital access by the citizens. The GFCE is therefore uniquely positioned, working with the African Union Commission (AUC), to urgently assist these countries build both capacity and capability in Cybersecurity.  Its therefore my motivation to join GFCE team and lead the GFCE-AUC collaboration project, which aims to develop cyber capacity building knowledge to enable African countries to enhance their cyber capacities and capabilities; and support them in strengthening their cyber resilience.”

Bernard Brian-Cudjoe, GFCE-AUC Liaison

“There are evident gaps in terms of cybersecurity awareness, knowledge, and skills among Africa countries that prevent them from deploying and adopting the right strategies, capabilities, and programs to mitigate cyber threats. According to Quartz, in 2017, cybercrime cost African countries $3.5 billion and as the Digital Transformation Strategy has been adopted by the African Union Member States, cybersecurity should be an integral and indivisible part of the strategy to yield the desired socio-economic benefits. Africa must secure its cyberspace by building the capacities of its citizens and relevant stakeholders especially those that influence policies on technology to provide the needed guidance, recommendations, and strategy to mitigate fraud and crime. For this singular reason of Africa’s digital transformation agenda, I am very happy and privileged to be part of this project to help African countries build their cyber capacities, strengthen their cyber resilience and identify the gaps and national cyber capacities needs to adopt the right strategy.”

News Item | 8 March 2021

The Global Forum on Cyber Expertise is happy to announce its collaboration with the African Union Commission (AUC) on “Enabling African countries to identify and address their cyber capacity needs” through a two-year project. 

Introduction
Digital financial services can reach excluded and underserved populations quickly and efficiently, making it a vital strategic pillar to enhance financial inclusion in developing countries. However, because of the digital nature of the deployment of such financial services, cyber risk is growing rapidly and evolving dynamically in developing countries with low cybersecurity capacity. Countries that do not have, for example, a national cybersecurity strategy, a national computer emergency response team (CERT) and cybercrime legislation may find it difficult to increase its capacity to respond to the increasing cyber risks. According to various national cyber security assessments[1], there is an urgent need to connect Africa’s digitalization efforts with ongoing global efforts to improve cybersecurity as this will enable the region to recap the benefits of digital growth while protecting society and reducing cyber risks.

The Global Forum on Cyber Expertise (GFCE) is a multi-stakeholder community of more than 120 members and partners from all regions of the world, aiming to strengthen cyber capacity and expertise globally. The GFCE has extensive expertise and experience that could be valuable for the African region. Various GFCE members and partners are involved in large cyber capacity programs in Africa. This was a key reason to organize the GFCE Annual Meeting 2019 in Addis Ababa with the support of the African Union Commission (AUC). Over 40 African countries participated within the Annual Meeting where  the GFCE Working Groups organized workshops on key cyber topics. Additionally, GFCE side-meetings were organized, bringing together donors, implementers and regional organizations to discuss how they could improve coordination and avoid the duplication of efforts in the African region.

To build on the success of the Annual Meeting 2019 and the continuous efforts of the AUC, the GFCE and the AUC seek to strengthen cyber resilience in the African region in close collaboration with all relevant stakeholders.

Two-year collaborative project
The GFCE, in partnership with the AUC, aims to develop cyber capacity building knowledge to enable African countries to better understand cyber capacities and support them in strengthening their cyber resilience with support from the Bill & Melinda Gates Foundation.

Through a two-year collaborative project, the GFCE and AUC aim to achieve the following outcomes:

• Grow a trusted community of cyber leaders from the different African countries;
• Identify relevant cyber capacity gaps on a national and sub-regional level in African countries;
• Enable African countries to prioritize, address and communicate their national cyber capacity needs; and
• Foster coordination and increasing international collaboration between (existing) cyber capacity building efforts in Africa.

The project will build on and utilize existing cyber structures, plans, expertise and capacities within the AUC, as well as within the multi-stakeholder and international GFCE Community. The GFCE Secretariat and the AUC will be responsible for the coordination of the program.

In order to meet these outcomes, the project will focus on the following deliverables:

• Online database of current projects and programs on cyber capacity building in the African region;
• Published report of current cyber capacities as well as capacity gaps in the African region based on desk research and engagement with the African countries, AUC and the African Union Cyber Security Expert Group (AUCSEG);
• Formation of a regional GFCE Africa group with relevant stakeholders from the global community;
• Knowledge modules on key CCB topics[2] with an African regional focus developed in collaboration with the GFCE Working Groups as well as a module on “Communicating the impact of CCB” and “Reducing the gender gap in cybersecurity leadership”;
• Formal and informal knowledge sharing opportunities during in-person and/or online meetings;
• Concrete requests for national cyber capacity support as input for the tailor-made spin-off projects.

If you have any questions, please contact the GFCE Secretariat at contact@thegfce.org.

[1] For example, the Global Cybersecurity index published by the ITU and cybersecurity maturity assessments done by Oxford University’s Global Cybersecurity Capacity Building Center.

[2] Based on the themes identified in the GFCE Global Agenda for Cyber Capacity Building.

“The GFCE is thrilled to be able to count on Microsoft’s continuous support in building cyber capacity globally. As the GFCE seeks to increase its regional focus towards 2021, this vital partnership with Microsoft will enable us to strengthen, coordinate and make our efforts in Africa more efficient and effective.” – Chris Painter, President of the GFCE Foundation Board.

This partnership comes at a crucial moment for the GFCE as the year 2020 marks a milestone for celebrating its fifth anniversary. Throughout these years, the GFCE has met many achievements supporting cyber capacity building regionally and globally. As the GFCE looks ahead to 2021, it aims to become the coordinating platform on cyber capacity building and further strengthen the GFCE ecosystem by improving processes, expanding collaboration with stakeholders and establishing a truly global and regional presence on cyber capacity building efforts.

Africa has been an important region full of potential for the GFCE and its work on coordinating cyber capacity building, as various GFCE members and partners are involved in cyber capacity building projects in the region. In 2019 the GFCE Annual Meeting was hosted in Addis Ababa with the support of the African Union Commission (AUC), during which different workshops were organized on key cyber topics together with side-meetings, bringing together donors, implementers and regional organizations to discuss how to improve capacity building coordination in the African region.

The GFCE has also been involved in the African region through its Clearing House mechanism. This mechanism helps the GFCE community to support individual countries with their cyber capacity building efforts. In Africa, the GFCE Clearing House has been present through the Friends of The Gambia case and the Sierra Leone. The Gambia has been a requesting member for cyber capacity building efforts and the GFCE has provided opportunities for them to connect, network and contribute to cyber capacity building related to activities such as national strategy and policy development. Sierra Leone has also been involved for their national cyber security strategy.

The GFCE therefore hopes that this partnership is the beginning of improving regional coordination on cyber capacity building efforts and increasing collaboration by engaging stakeholders regionally.