Brazzaville cybersecurity policy gains momentum
Brazzaville, 17 January 2026 — The Republic of Congo is sharpening the institutional instruments intended to secure its digital transformation. During a working visit to the premises of the National Agency for the Security of Information Systems (ANSSI) on 15 January in Brazzaville, the Minister of Posts, Telecommunications and the Digital Economy, Léon Juste Ibombo, delivered a set of operational orientations to the agency’s Director-General, Oboulhas Tsahat Conrad Onésime. The aim, according to the minister’s remarks, is to enable ANSSI to better discharge its functions as a regulator within the national ecosystem of information systems security.
At stake is a familiar challenge for governments pursuing a rapid expansion of digital services: ensuring that public administrations and private operators adopt secure systems and robust practices, while clarifying the prerogatives of the specialised authority tasked with oversight. The minister’s message, framed in administrative and legal terms, sought to translate ANSSI’s mandate into day-to-day enforceability across sectors (ACI).
Minister Ibombo outlines ANSSI audit and approval authority
In one of the most consequential passages of the visit, Minister Ibombo stressed that each domain of activity should be explicitly informed that ANSSI holds the right and authority to audit, to request information, and to approve information systems and terminals deployed for the development of an enterprise or an administration. By placing emphasis on these concrete powers—audit, information requests, and approvals—the minister signalled a regulatory posture that is intended to be both preventive and corrective, with a view to elevating baseline cybersecurity standards across the country (ACI).
Such guidance, as presented, is also a reminder that cybersecurity regulation increasingly operates through technical verification and compliance routines. In practical terms, the articulation of authority is designed to reduce ambiguity for regulated entities, and to reinforce a predictable chain of accountability for systems that may host sensitive data or support essential public functions.
Legal framework and cross-sector awareness in Congo-Brazzaville
The minister further underlined the need for sustained awareness-raising in every sector regarding the texts and laws that confer on ANSSI the power to control information systems nationwide. This point is central to regulatory effectiveness: formal mandates do not automatically translate into compliance unless institutions, operators and administrations internalise the rules and the scope of the regulator’s remit (ACI).
In this context, the reference to legal texts was not presented as a purely theoretical exercise. Rather, it was framed as a practical requirement to ensure that audits, requests for information, and approvals are accepted as normal components of governance, and that cybersecurity is treated as an integral part of organisational risk management.
Digital skills strategy: training youth and recruiting top profiles
Alongside oversight, Minister Ibombo placed notable emphasis on human capital. He insisted on training young people to develop competencies and identify promising talents that can be mobilised in the implementation of the country’s digital policy. He also highlighted recruitment of the best profiles, trained both locally and abroad, to ensure sound functioning and a high level of expertise within ANSSI (ACI).
This dual focus—capacity-building and selectivity in recruitment—reflects a broader principle often observed in public digital strategies: cybersecurity is as much a matter of people and processes as it is of technology. In the minister’s framing, building a cohort of skilled professionals is not merely an employment initiative; it is positioned as a prerequisite for sovereign and sustainable digital development.
ANSSI operational roadmap: audits, monitoring and accreditation
For his part, Director-General Oboulhas Tsahat Conrad Onésime stated that, thanks to implementing decrees and the instructions of the supervising authority, ANSSI will take responsibility for conducting audits, carrying out technological monitoring of information systems, and delivering accreditations to providers of information systems security services (ACI).
This operational roadmap sketches three pillars of intervention. Audits constitute the backbone of compliance and assurance. Technological monitoring implies a continuous posture, attentive to evolving threats and system vulnerabilities. Accreditation of service providers, meanwhile, is a mechanism intended to structure a trusted market for cybersecurity services, offering administrations and enterprises clearer benchmarks when selecting specialised operators.
Institutional status: ANSSI under the Presidency’s oversight
ANSSI was created by Law No. 30-2019 of 10 October 2019 as a cross-cutting agency dedicated to the security of information systems. Placed under the supervision of the Presidency of the Republic, it is tasked with ensuring the security of the national cyberspace and managing security incidents and threats (ACI).
According to the same source, the agency also aims to respond to cyber-attacks, promote collaboration between public and private actors, protect national digital infrastructures, strengthen national response capacities, and issue alerts on cyber threats. This architecture positions ANSSI as both a technical authority and a coordinating institution, operating at the intersection of regulation, incident management, and strategic guidance.
A calibrated regulatory approach for a growing digital economy
The orientations delivered in Brazzaville are presented as part of a structured effort to consolidate cybersecurity governance while accompanying the expansion of digital uses. The emphasis on legality, sectoral sensitisation, and professional capacity suggests an approach that seeks to combine authority with pedagogy, and control with institutional support (ACI).
From a public-interest standpoint, the strengthening of ANSSI’s regulatory function is framed as a means to protect the integrity of information systems on which administrations, businesses and citizens increasingly rely. The challenge, as the minister’s instructions implicitly acknowledge, will be to translate mandates into consistent practices across diverse sectors, while maintaining a steady pipeline of expertise capable of meeting the technical demands of modern cyber risk management.
Infography and photo caption for readers
Infography (data points): Visit held in Brazzaville on 15 January 2026; report datelined 17 January 2026; ANSSI created by Law No. 30-2019 of 10 October 2019; ANSSI placed under the supervision of the Presidency of the Republic; stated missions include audits, technological monitoring, and accreditation of security service providers (ACI).
Photo: “Officials during the ministerial visit to ANSSI in Brazzaville.” (ACI).