Venue : King Fahd Palace Hotel, Dakar
Date : Dakar 12-13 April 2016,
During April 12-13 2016, the Ministry of Post and Telecommunications of Senegal convened an Expert Meeting on cybersecurity in West Africa. The objective of the meeting was to sensitize and share experiences of cybersecurity activitists with governments and corporate organisations in West Africa. The programme attracted a wide spectrum of stakeholders from public sector, and private telecom operators and the security agencies in Senegal. The Meeting was organised in expert panel format - members of the panels were targeted and specifically invited by the organisers to present their projects or share their experiences in their various countries and organisatons.
The Keynote presented by Prof. Abdallah Cisse was titled “Opportunities and Challenges of the Cyberspace in the 21st Century”. The Keynote not only recognised CODESRIA’s activities on cybersecurity, but also applauded CODESRIA for its effort to build the research skill of young researchers on social aspects of cybercsecurity in Africa using the instrument of its Democratic Institutes.
From the presentations, the following could be synthesized :
(i) Low level of awareness and low level of cyber literacy among governments and stakeholders hamper actions and impair administration of justice
(ii) The challenges posed by jurisdictional dilemma - many countries have no statutes upon which cybercriminals could be prosecuted, and
(iii) Low regional and international cooperation on the subject
It could be however observed that :
(i) key approach encouraged globally to address cybersecurity issues appears to be ‘response’ – that is what does a government or organisation do when there is an indication of attack ? This approach was the key emphasis in the Meeting.
(ii) there was little presence of researchers in Meeting, and,
(iii) the technology aspect of cybersecurity was not highlighted.
The take-home message was :
(i) governments should invest in raising the awareness about cybersecurity in their various countries, and
(ii) build strong (CERT - Computer Emergency Response Teams) to address cybersecurity issues.
However, the focus on response and awareness raises many fundamental questions about the methodology adopted in the fight against cybercrime in the world and its likelihood to achieve any positive results.
(i) By emphasising response and awareness only, the pressure and burden of cybersecurity appear to have been transferred to the victims. Why is little or no attention paid to the IT companies and software developers who have the IP addresses of all of its customers including the perpetrators of cybercriminal activities, and could make them available when crimes occur ?
(ii) In a truly democratic and egalitarian world, cybercrime should be the easiest crime to manage : to what extent will IT manufacturing companies appeal to Customer Protection Acts and similar instruments as an excuse for withholding the IP identities of cybercriminals even when the crimes lead to governments and big corporations being nearly taken down and human lives being lost on regular basis ?
Cybercrime could be considered a Social Immune-deficiency Virus (SIV) : do not border about the sources/origin. Just know how to manage it when it occurs. How prepared are African countries to handle the increasing scale and frequency of cyber-attacks on government infrastructure ?