A continental conversation expands beyond Abidjan
What began five years ago as a Côte d’Ivoire-based round-table has now matured into a full-fledged diplomatic forum, capable of attracting over 2 500 delegates and more than fifty national flags. Held in Cotonou on 24–25 June, the fifth Cyber Africa Forum (CAF) revolved around the notion of digital ecosystem resilience, a theme that resonates with the accelerated uptake of cloud services, mobile payments and artificial intelligence throughout the continent. According to the organisers, the move from Abidjan to the Beninese capital aimed to showcase the forum’s pan-African vocation while honouring Benin’s steady rise in the International Telecommunication Union’s Global Cybersecurity Index (ITU 2021).
Benin’s showcase and the regional benchmarking effect
Benin’s 2020 national cybersecurity strategy emphasises individual responsibility and public-private coordination, a methodological choice praised by CAF Commissioner General Franck Kié, who described the country’s progress as a “continental laboratory” for digital governance. The demonstrative effect is not lost on neighbouring states. Diplomats present in Cotonou quietly noted that successful experiments in awareness-raising campaigns, such as Benin’s popular digital hygiene handbook, lower the political risk of adopting similar measures at home. In this sense, the forum functions as a peer-review mechanism in which achievements are celebrated—and implicitly benchmarked—without formalised conditionality.
Congo-Brazzaville’s measured advances in cyber governance
Although Brazzaville did not seek the spotlight, the Congolese delegation used bilateral corridors to outline the country’s incremental yet steady regulatory steps. Since the promulgation of Law 22-2019 on the protection of personal data, Congo-Brazzaville has quietly drafted secondary legislation that aligns with the Malabo Convention while preserving room for domestic innovation. Officials point to the creation of a Computer Emergency Response Team (CERT-CG) and to ongoing capacity-building partnerships with the Economic Community of Central African States as proof of a prudent, sovereignty-conscious approach. As one senior delegate succinctly put it, “our ambition is not to race ahead, but to be ready when the wave of digital services crashes on the Congo River.”
Inclusive security as development policy
A recurring refrain in Cotonou was the need to embed cybersecurity in social policy, lest the digital dividend reinforce existing asymmetries. Speakers from the African Union Development Agency reminded the audience that nearly 60 per cent of cyber incidents reported on the continent stem from social engineering tactics (AUDA-NEPAD 2023). This observation supports Brazzaville’s decision to pair its forthcoming national cybersecurity strategy with a literacy programme aimed at local administrations and small enterprises operating on the margins of the formal economy. By framing cyber hygiene as a prerequisite for financial inclusion, the Congolese authorities align with the government’s Horizon 2025 Plan, which identifies digital trust as a driver of economic diversification.
Artificial intelligence: promise and peril under one roof
Artificial intelligence overshadowed most coffee-break conversations, in part because the forum coincided with a surge of generative models tailored for Francophone Africa. The dual-use nature of AI was underscored by researchers from the University of Pretoria, who noted that language models can generate phishing templates in local dialects almost instantaneously. Yet the same algorithms can equally bolster cyber-defence by automating anomaly detection. Delegates from Congo-Brazzaville’s National Digital Agency confirmed exploratory talks with start-ups capable of providing such defensive capabilities through sovereign cloud installations, a model designed to meet the country’s data-localisation standards while fostering a nascent domestic tech sector.
Counting the cost of cybercrime and the case for collective insurance
Estimates presented by Interpol suggest that cybercrime inflicted losses exceeding 3.5 billion dollars on African economies in 2021, a figure expected to rise with deeper broadband penetration. Smaller markets such as Congo-Brazzaville face the paradox of being less lucrative yet easier targets, given constrained investigative resources. In Cotonou, insurers floated the idea of pooling cyber-risk at the regional level, echoing the African Risk Capacity model used for drought. While still embryonic, the proposal garnered cautious interest from Central African finance ministries, which regard shared insurance as a fiscal stabiliser compatible with national sovereignty.
Diplomatic ramifications and soft-power dividends
Beyond technical exchanges, the forum served as a theatre for subtle diplomatic signalling. By dispatching a high-level envoy, Brazzaville reaffirmed its commitment to multilateral cyber norms such as the UN Open-Ended Working Group while maintaining its preference for regional consensus-building. Observers noted the congruence between Congo-Brazzaville’s stance and the African Union’s draft convention on data governance presented earlier this year in Addis Ababa. Participation in CAF thus yields reputational capital that extends into unrelated negotiations, from climate finance to maritime security, illustrating how digital resilience now permeates broader foreign-policy calculations.
Towards an African doctrine of pragmatic resilience
The Cotonou meetings closed with an understated call for concerted action rather than grand declarations. In the words of Ouanilo Médégan Fagla, head of Benin’s National Digital Investigations Centre, “vulnerability is frequently a human oversight.” The statement encapsulates a continental consensus that places citizen empowerment at the heart of cyber policy. For Congo-Brazzaville, that consensus legitimises ongoing efforts to balance regulatory rigour with inclusive growth, a middle path that avoids both laissez-faire complacency and heavy-handed control. If the forum’s trajectory from Abidjan to Cotonou is any indication, the next edition may find an equally receptive host in Central Africa, reinforcing the view that cyber-resilience is no longer a peripheral agenda but a core component of African statecraft.
