Southern African Development Community Cybersecurity Maturity Report 2021 (based on CMM & GCI)

The evaluation of the state of cybersecurity in each of the sixteen countries in the Southern African Development Community and the review of their cybersecurity capacity maturity in light of emerging cyber risks, threats and vulnerabilities, was conducted under the project by the ‘Cybersecurity Capacity Centre for Southern Africa (C3SA)‘.

Details

The study applied the Cybersecurity Capacity Maturity Model for Nations (CMM), by the Global Cyber Security Capacity Centre (GCSCC), which serves as a benchmarking tool to objectively evaluate the status of cybersecurity, according to five dimensions of the model. The dimensions are:

• Cybersecurity Policy and Strategy
• Cybersecurity Culture and Society
• Building Cybersecurity Knowledge and Capabilities
• Legal and Regulatory Frameworks
• Standards and Technologies

Such granular assessment of cybersecurity capacity allows to make specific policy recommendations for different aspects of cybersecurity covered by the model with the aim that countries take the necessary steps to increase the scale and effectiveness of cybersecurity capacity-building. For most of the SADC region, this accounts as the the first cybersecurity maturity assessment and therefore, is valuable in informing national cybersecurity strategies and policy priorities. The study refers reports from previous CMM reviews, the International Telecommunication Union Global Cybersecurity Index (GCI), and a complementary World Development Report from 2021.