Achieving reliable, safe, secure, trusted, and affordable internet access for everyone is widely recognized as a vital enabler of the United Nations Sustainable Development Goals (SDGs). Around the world, people increasingly rely on the internet for education, healthcare, employment, commerce, and access to information. The expanding Internet of Things (IoT)—with its vast network of connected sensors and devices—promises to amplify social and economic benefits from global connectivity, but it also risks leaving the unconnected further behind.
In fact, it is increasingly clear that meeting any of the SDGs—ending poverty, protecting the planet, and ensuring prosperity for all—will be difficult without achieving universal internet access.
The priority must be on internet access that is reliable, safe, secure, trusted, and affordable. While the internet’s open ecosystem is a strength, the global ecosystem is not yet consistently safe and secure. Cybercrime opportunities are abundant and have caused major disruptions and losses for businesses, organizations, governments, and individuals. Activities across Africa highlight both the challenges and the lessons learned as countries work to combat cybercrime while expanding internet inclusion.
Trends in cyberattacks and cybercrime
In May 2017, the IEEE Internet Initiative, in cooperation with IST-Africa, hosted an IEEE Experts in Technology and Policy (ETAP) Forum on Internet Governance, Cybersecurity, Privacy, and Inclusion in Windhoek, Namibia. Sixty-five technology developers, policymakers, and other stakeholders from 25 countries participated.
Attendees noted significant progress across sub-Saharan Africa over the past decade in raising cybersecurity awareness and in establishing legal and implementation frameworks to foster a safer, more trusted online environment as internet access spreads. Yet many countries still have substantial gaps to close, and regional collaboration and partnerships were emphasized as essential to achieving cybersecurity goals.
Estimates indicate African countries suffered at least $2 billion in losses from cyberattacks in 2016, with reported losses including $171 million in Kenya, $85 million in Tanzania, and $35 million among Ugandan companies. The local factors that drive or mitigate cybercrime vary widely across the continent. There is a sense of urgency, fueled by Africa’s rapid smartphone adoption, which is transforming public service delivery, business models, and political engagement.
Efforts to improve public awareness and education on internet safety and cybercrime
Raising cybersecurity awareness is a cost-effective, essential part of the response to cybercrime across Africa and worldwide. Education and awareness programs have demonstrated measurable reductions in risk and should be broadly distributed to citizens, non-governmental organizations, companies, and government departments.
Users must have opportunities to learn about internet risks and how to protect themselves. South Africa illustrates both the problems and the progress on the continent: while it faces cybercrime challenges and is sometimes used as a safe haven for criminals, it also hosts notable successes in cybersecurity awareness—such as the Centre for Cyber Security (CCS) at the University of Johannesburg.
The CCS describes itself as the first dedicated cyber security facility established in Africa, aiming to advance cyber security for users in South Africa and across the continent. Its mission includes acting as a trusted, independent body that delivers services related to cyber security and critical information infrastructure protection to stakeholders regionally.
How maximizing internet inclusion for all impacts cybersecurity
Sustainability is a central concern: how do we maintain a safe and secure internet as the number of users continues to grow? Tactics proposed include training many more professionals to prevent and respond to cybercrime and fostering a culture of cybersecurity among young users.
There is also a need for shared terminology among policymakers and educators and for tailoring cyber education to the devices people use. One practical idea discussed at the IEEE event was providing buyers of computers or mobile devices with an accessible cybersecurity summary—clear terms and conditions that the user reads and acknowledges—both to increase awareness and to teach safe internet practices.
What IoT proliferation means for data protection, privacy and resilience
The growth of IoT devices creates new challenges for data protection, privacy, and resilience. Companies across Africa are already adopting IoT for inventive and practical applications: for instance, IoT systems monitor moisture and machinery in sugarcane farming in Eswatini (Swaziland), while Egypt has advanced smart city initiatives with some fiber-to-the-home deployments and plans for widespread smart meter installations.
In many cases, IoT rollouts are moving faster than data protection and privacy legislation. This gap underscores the growing need for harmonized, cross-border legal frameworks as internet and IoT infrastructure, use, and users expand rapidly across the continent.
Development of national CIRTs
Responsive, trusted, and collaborative cyber teams—computer incident response teams (CIRTs)—are crucial to a secure cyberspace. Many African countries have established CIRTs, including Cameroon, Uganda, Mauritania, Egypt, and Mauritius, but their progress and effectiveness vary:
- Namibia is in the process of establishing a national CIRT, which is expected to drive much-needed public awareness efforts.
- Kenya has created a cybersecurity strategy and a CIRT to address cybercrime, with particular attention to the unique risks posed by the country’s widespread mobile money ecosystem.
- South Africa has multiple CIRT organizations, but awareness among the public about their roles and how they relate to each other remains limited.
Conclusion
IEEE Internet Initiative working groups and diverse professionals continue to explore the issues discussed at the ETAP Forum. With universal, reliable internet access closely tied to ending poverty, protecting the planet, and ensuring global prosperity, it is critical that technical and policy communities work together so cybercrime does not undermine progress. Sustained investment in awareness, training, coordinated legal frameworks, and capable incident response teams will be essential as connectivity expands across Africa and the world.