By Winnie Kamau
Nairobi, Kenya: Following the cybersecurity Summit held in Lome the capital city of Togo that saw over 6,000 participants join both physically and virtually to discuss on the issues of cybersecurity and cybercrimes in the continent of Africa.
The meeting was graced by the President of Togo, H.E. Faure Essozimna Gnassingbe who was also awarded the Cybersecurity Champion which was handed over by the Executive secretary of United Nations EconomicConference (UNECA), Mrs. Vera Songwe.
29 countries adopted the declaration in the summit that was attended by 10 ministers that states, WE [Ministers] meeting at the Cybersecurity Summit, in Lomé,organized by the Republic of Togo in cooperation with the United Nations Economic Conference for Africa and with other public and private stakeholders.
BEARING IN MIND the African Union Declaration Assembly/AU/Decl.11(XIV) on Information and Communication Technologies in Africa, Challenges andprospects for development, passed in the 14th ordinary session of the African Union Conference of Heads of State and Government, in Addis Ababa, Ethiopia, from the 31st of January to the 2nd of February 2010.
CONSIDERING the work performed by the United Nations, especially Resolution A/RES/74/247 on Countering the use of information and communications technologies for criminal purposes adopted by the United Nations General Assembly on the 27th of December
of 2019, and which established an open- ended ad hoc intergovernmental committee of experts with the mission to develop a comprehensive international convention on countering the use of information and communication technologies for criminal purposes.
CONSIDERING the work performed by the International Telecommunication Union (ITU), and especially the launch in 2007 of a global framework for international cooperation aimed at enhancing confidence and security in the information society, the Global Cybersecurity Agenda and the redaction in 2021 draft Guidelines to help implement it;
RECALLING the importance and the multiplicity of African initiatives on cybersecurity and on the fight against cybercrime, especially the drafting by the African Union and the Internet Society (ISOC) of the Infrastructure Security Guidelines for Africa published on the 27th of May 2017 and the creation of African Union Mechanism for Police Cooperation(AFRIPOL) Cybercrime Strategy.
RECALLING the Decision EX.CL/Dec.987(XXXII) on the Reports of the Specialised Technical Committees, adopted in the 32nd Ordinary Session of the Executive Council of the African Union, that took place in Addis Ababa, Ethiopia, the 25th and 26th of January 2018;
RECALLING the Declaration AU/STC-CICT-3/MIN/Decl, the Sharm El Sheikh Declaration, adopted in the Third Ordinary Session of the Specialised Technical Committee on Communication and Information and Communication Technologies, that took place in Sharm El Sheik (Egypt), on the 25th and 26th of October 2019;
RECALLING the Decision Assembly/AU/Dec.755(XXXIII) on the Fifth Report of the Peace and Security Council of the African Union on the implementation of the African Union Roadmap of Practical Steps to Silence the Guns in Africa, and especially point 17, adopted at the 33rd Ordinary Session of the Executive Council of the African Union, that took place in
Addis Ababa, on the 9th and 10th of February 2020;
CONSIDERING that information and communicationtechnologies and digital transformation constitute a formidable growth lever for the African continent and can contribute to the
achievement of the vision and objectives of the African Union’s Agenda 2063 and the United Nations’ Sustainable Development Goals (SDGs);
NOTING that the Covid-19 pandemic has revealed the urgency for the African continent to pursue its digital transformation, in particular through the development and securing of online activities and services, especially in the areas of health, education, trade, agriculture, egovernment and financial services;
TAKING INTO ACCOUNT the acceleration of the digital transformation underway on African continent, and especially the emergence of innovative services accessible only in dematerialized formats, in a context of low users and stakeholders’ awareness of the risks in
terms of cybersecurity and cybercrime;
RECOGNIZING that Internet security, of infrastructure and equipment and of information systems, is essential to the development of the African digital ecosystem;
NOTING that cybercrime affects all of the stakeholders of the information society, whether they are public or private, and thenegative impact of its cost on African economies;
NOTING with appreciation the efforts of the Economic Commission for Africa’s Center of Excellence for Digital Identity, Trade and Economy to build the capacities and resilience of Member States to ensure digital trust in a rapidly changing world by implementing national cybersecuritystrategies;
DESIRING to work on the attractiveness of their economies to investors and on the development of their digital ecosystem andensuring the implementation of solutions to protect and accompany the ongoing digital transformation that are tailored to the local context;
CONSCIOUS that a high-level political commitment, notablyin the form of the elaboration of global strategies, the definitionof pro-active policies and the consecration of efficient national legal frameworks is necessary for the prevention, limitation and repression of the risks and
incidents in terms of cybersecurity and cybercrime;
CONVINCED that the existence of binding rules and thecreation of specialized bodies in the matter of the digital worldof cybersecurity and of fight against cybercrime is a sine qua none condition for the reinforcement of the citizens’, companies’ and administrations’ confidence
in the digital economy and for the development of investments in the digitalworld;
CONSCIOUS that the implementation of concerted actions on a global and regional scale would allow for efficient means of diagnosis, control and protection in the matters of cybersecurity and the fight against cybercrime, including by the creation of means to share good practices, to share knowledge and to implement concerted solutions to the risks and
incidents susceptible to affect the digital economy;
WE HEREBY UNDERTAKE TO:
1. SIGN AND RATIFY the African Union Convention on Cyber Security and Personal Data Protection – known as the Malabo Convention – adopted on the 27th of June 2014 by the 23rd Ordinary Session of the African Union Conference of Heads of State
and Government in Malabo,Equatorial Guinea, to allow for the development of a safe African cyberspace;
2. ESTABLISH AND ENSURE THE EFFECTIVE IMPLEMENTATION OF a legal and regulatory framework relative to cybersecurity and the fight against cybercrime and the regulatory bodies that will build the trust of investors and allow the adoption of the activities and services of digital activities by users and more broadly to accelerate the digital transformation based on:
a. The Digital Transformation Strategy for Africa (2020-2030)
b. The Internet Infrastructure Security Guidelines for Africa of the 30th of May
2017 jointly elaborated bythe Internet Society (ISOC) and the African Union
Commission;
c. The decisions and declarations adopted by the African Union Conference, the
Executive Council of the African Union and the Specialized Technological
Committee on Communication and Information and Communication
Technology;
d. International best practices, especially the ones recommended by the United
Nations and theInternational Telecommunications Union;
3. DEVELOP cybersecurity strategies and policies that are stable, forward-looking and
tailored to the context and evolution of the digital economy, especially:
a. The implementation of actions to raise awareness of the risks associated with
the use of the digital world,to the benefit of the population (especially the most
vulnerable part of it), companies and administrations;
b. The implementation of university and professional trainings and digital skills
to remedy the workforce penury and allow for the formation of stakeholders of
the digital ecosystem;
c. The development of incentive measures to help favorentrepreneurs in the sector,
including on the financial and fiscal plane, to help the emergence of African
cybersecurity actors;
d. The development of public-private partnerships in the implementation of
cybersecurity ecosystems to allow for safe, viable and efficient economic
models;
4. ESTABLISH a framework to efficiently fight against cybercrime and promote a
cybersecurity culture, including:
a. The creation and the operationalization of the authorities, agencies and teams
dedicated to fight against cybercrime and, if necessary, the reinforcement of
their human, technical and organizational needs;
b. The creation of a governance structure allowing the consultation of experts
from different fields (diplomacy, military, legal, university, civil society etc.)
on cybersecurity and fight against cybercrime matters;
c. The creation of teams dedicated to the census and coordination of
cybersecurity incidents, such as SIEM (Security Information and Event
Management) or SOC (Security Operations Center) teams, and to the solutions
to be brought to the cybersecurity incidents, such as CSIRT (Computer
Security Incident Response Team) or CERT (Computer Emergency Response
Team) teams;
d. Support initiatives such as the Network of African Women in Cybersecurity
(NAWC) by amplifying women’s voices and contributions in this critical areaof
Africa’s cyber development
5. REINFORCE African cooperation on the topic of cybersecurity and on the fight
against cybercrime by:
a. Encouraging the signing and ratification of the African Union Convention on
Cybersecurity and Personal Data Protection of 2014 by each and every African
State;
b. Promoting to the other members of the African Unionthe creation of an organ to
foster continental cooperation and mutual aid in the matter of cybersecurity
and on the fight against cybercrime;
b.(bis) Promoting to the regions the creation of a bodyfor regional cooperation
and mutual assistance in matters of cybersecurity and fight against
cybercrime
c. Multiplying the regional and international initiatives allowing the authorities
and agencies of the
Page 9 of 14
cybersecurity sector to reinforce their capacities thanks to trainings and the
sharing of their respectiveexperiences.
d. Support African cyber diplomacy efforts to promoteregional and international
cooperation and commit insetting norm at the international level.
WE ASK the United Nations Economic Commission for Africa to support African states in
implementing the Lomé Declaration. Done in Lomé, Togo, the 23rd of March 2022