Southern African Development Community (SADC), which is Southern Africa’s regional body, comprised of 15 Member states these include, Angola, Botswana, Comoros, DRC, Swaziland, Lesotho, Madagascar, Malawi, Mauritius, Mozambique, Namibia, Seychelles, South Africa, Tanzania, Zambia, and Zimbabwe. The region has been making initiatives and taking steps to respond to rising cybercrime and threats posed by cybersecurity. SADC’s Organ on Politics, Defense, and Security Cooperation is the responsible Organ to address and coordinate a regional approach towards issues about cybercrime and cybersecurity. Hamadoun Toure, an ex-secretary-general ITU, said: “At the moment, cybercriminals see Africa as a haven to operate illegally with impunity.”
Why should we know?
- Cybercrime in Africa is growing faster than any other continent
- Global Cybersecurity Index 2018, has highlighted that Africa has the most number of countries still at the lowest levels in initiating Cybersecurity commitments.
- Sadc, has an average Internet User Penetration rate of 52.1% as of Jan 2018, with a rate of 32% on Social Media Penetration and an average of 147% Mobile Connectivity
- There is still a need for more user awareness initiatives on cybersecurity and cybercrime against the growth statistics highlighted above.
In discussing Cyber Security and Cyber Crime in SADC, we must measure and analyze some of the following Important conceptual frameworks in SADC.
- Legal – Establishments and the existence of legal institutions dealing with cybersecurity and cybercrime
- Technical – Fully qualified Institutions established to deal and respond to cybersecurity and cybercrime
- Organizational/Institutional- Focus area on policy implementation, coordination and strategies to deal with cybersecurity and cybercrime
- Capacity building initiatives – How has SADC member states formulated R&D initiatives, training and awareness programs, skills retention amongst others?
- Cooperation - Local/Regional/International partnerships, information sharing, and coordination between the public and private sectors.
Regional Implications -Apart from Africa being a target of Cyberattacks, they are threats also coming from Africa (SADC) where devices are being used to launch global attacks (viruses and malware). With economic disparities in SADC, there is a need for more work to be done to fully quantify and qualify the economic, political, and institutional determinants of cybercrime, as this can guide on levels of public cyber-related investments of member states in SADC.
What has SADC done to date?
- SADC – Established Model Law on Computer Crime and Cybercrime of 2012. This law serves as a guideline for member states to develop substantive and procedural cybercrime laws. Member states with cybercrime laws can utilize the SADC Protocol on Mutual Legal Assistance in Criminal Matters and the SADC Protocol on Extradition to facilitate cooperation and coordination in International Cybercrime and Cybersecurity investigations.
- Establishment of the INTERPOL Regional Bureau in Harare and the enactment of the Framework Agreement between SADC and INTERPOL, which seeks to strengthen cooperation to fight Cybercrime, Counter-Terrorism, and other Organized crimes.
What needs to be done?
- SADC should ensure, monitor, and coordinate with member states to the establishment, enactment, implementation and updating of cyber-laws and cyber-policies.
- The urgent establishment of SADC’s Cybersecurity Emergency Response Unit that will coordinate with member states National CIRT teams in responding to Cyber threats. The SADC Unit will act as the regional hub for information sharing and dissemination to member states.
- Formulation and Adoption of educational models that not only focuses on awareness but skills, knowledge development, and competency at grassroots levels. A model from the Policy on ICT in Education in Korea: CyberLearning System can provide a formidable base framework for SADC member states.
- In Combating or Investigating Cybersecurity and cybercrime issues, the main focus groups involved are the Law Enforcement Agencies and the Judiciary; hence there is a strong need for SADC craft initiatives for capacity development, investment, knowledge sharing, and technical training capabilities to enhance investigate and digital forensics skills collaboration with Institutes as Legal Informatics and Forensic Science