Malawi makes tremendous improvement on ITU Global Cybersecurity Index
Malawi has made tremendous improvement on International Telecommunication Union (ITU) Global Cybersecurity Index 2024 — gaining 80% score from 36% in 2020 earning the tier of establishing.
Meanwhile, Malawi Communication Regulatory Authority (MACRA) has since said they are working towards gaining more ground for the next report within 3 to 4 years to get a minimum score of 95% score and Role Model tier.
On the Establishing tier, Malawi is amongst Botswana, Burkina Faso, Cameroon, Côte d’Ivoire, Democratic Republic of the Congo (DRC), eSwatini, Ethiopia, The Gambia, Guinea, Mozambique, Nigeria, Senegal, Sierra Leone and Uganda.
Launched by ITU in 2015, the Global Cybersecurity Index (GCI) is only part of the puzzle in improving countries’ commitments to cybersecurity in finding ways to use it in their efforts to develop secure and trustworthy information & communication technologies (ICTs).
When contacted, MACRA Director General Daud Suleman said achieving the 80% score improving from 36% in 2020 “signifies a strong commitment to enhancing its cybersecurity framework”.
“This accomplishment indicates that the country has made significant progress in developing policies, legal frameworks, and technical measures to protect its digital infrastructure and citizen, international cooperation and capacity building.
“It reflects an increased awareness of cybersecurity issues and a proactive approach to addressing vulnerabilities, which can lead to improved trust in digital services, better protection of sensitive information, and a more resilient economy.”
Suleman, who had led MACRA in the four years it has made such a high-flying performance, further said this “reflects the country’s commitment to addressing cybersecurity concerns and enhancing its resilience against cyber threats by establishments of the National Computer Emergency Team (Malawi CERT)”.
“Overall, this score suggests that Malawi is intensifying its efforts to create a safer online environment and is likely to continue investing in cybersecurity initiatives.
“It further suggests Malawi is actively participating in international cooperation and capacity-building efforts to further improve its cybersecurity posture.
“Malawi’s success in the Legal Measures pillar of the ITU Global Cybersecurity Index (GCI) for 2024 can be attributed to several key factors. Malawi has developed comprehensive cybersecurity laws and regulations that align with international standards, enhancing its legal framework which include Electronic Transaction and Cyber Security Act 2016, Data Protection Act 2024, draft Cybersecurity Bill and Cybercrime Bill 2024.
“The country has established national cybersecurity strategies that promote a coordinated approach to cybersecurity governance including Child Online Protection Strategy.
“Further, efforts to train legal professionals and law enforcement in cybersecurity issues have strengthened the enforcement of laws and regulations. These factors collectively support Malawi’s strong performance in the Legal Measures pillar of the GCI.”
According to the report released by Dr Cosmas Luckyson Zavazava, ITU’s
director of Telecommunication Development Bureau, the 5th edition of the GCI measures the commitment of countries to cybersecurity in the context of measures across the following five pillars: Legal, Technical, Organisational, Capacity Cooperation and Development.
“Over the past decade since the launch of the first Global Cybersecurity Index in 2015, 2.5 billion people have come online,” he says in his foreword. The past 10 years have witnessed a significant evolution in the cybersecurity landscape, driven in part by the emergence of new technologies like artificial intelligence (AI), blockchain, and the potential of quantum computing.”
Asked what were the shortfalls at 36% in 2020, Suleman said score of 36 indicates that Malawi may have had shortfalls in more of areas the five pillars of legal measures, technical measures, organizational measures, capacity development, and cooperation.
“Specifically, potential areas for improvement included development and implementation of comprehensive cybersecurity laws and regulations.
“Establishment of technical institutions and frameworks to address threats like national and sectoral CERTs; creation of national cybersecurity strategies and dedicated agencies; investment in cybersecurity education and training programs; participation in international cybersecurity initiatives and partnerships.
“To improve its score, Malawi needed to enhance its efforts in these areas, focusing on building robust cybersecurity infrastructure and policies which has greatly approved.”
In his foreword, ITU’s Zavazava indicated that the performances by the countries were verified by ITU itself, and Suleman said the GCI report is significant for Malawi and the global community for several reasons — it provides a framework for countries to assess their cybersecurity capabilities and compare them with others focusing on legal, technical, organizational, capacity development and cooperation.
“This helps Malawi identify strengths and weaknesses in its cybersecurity posture,” he said. “The report can guide policymakers in Malawi to develop and enhance national cybersecurity strategies, ensuring they align with international standards and best practices.
“By participating in the GCI, Malawi can engage with other nations to share knowledge, resources, and strategies, fostering a collaborative approach to global cybersecurity challenges.
“The findings can raise awareness about the importance of cybersecurity among stakeholders in Malawi, leading to increased investment in training and infrastructure.”
For the globe, Suleman emphasised that the GCI highlights trends, challenges and advancements in cybersecurity — “helping nations to collectively address threats and improve resilience”.
“Overall, the ITU GCI audit serves as a vital tool for enhancing cybersecurity readiness and cooperation both in Malawi and worldwide.”
4. What is left for MACRA to reach 100% compliant?: “To improve Malawi’s cybersecurity standing in the upcoming years, several specific actions can be taken including developing and implement comprehensive cybersecurity laws and regulations that address data protection, cybercrime, and privacy including passing the draft cybersecurity and cybercrime Bills by Parliament.
“Invest in training and awareness programs for government officials, law enforcement, and the private sector to enhance their cybersecurity skills and knowledge; launch initiatives to educate the public about cybersecurity risks and best practices to promote safer online behavior and foster partnerships with international organizations, neighboring countries, and the private sector to share knowledge, resources, and best practices.”
He added that there is need to “create a clear and actionable national cybersecurity strategy that outlines goals, responsibilities, and resources needed for implementation; upgrade and secure critical infrastructure to protect against cyber threats, ensuring that systems are resilient and capable of responding to incidents and develop and enhance national and sectoral incident response teams to effectively manage and mitigate cybersecurity incidents as well as developing capacity through cybersecurity programs in tertiary education”.
“By focusing on these areas, Malawi can enhance its cybersecurity posture and improve its standing in the ITU Global Cybersecurity Index.”
To enhance capacity development moving forward, Suleman said the following strategic steps can be taken:
* Allocate more resources towards cybersecurity training, infrastructure, and research to build a robust foundation;
* Establish comprehensive training and certification programs to build a skilled workforce in cybersecurity;
* Create clear and cohesive policies that promote cybersecurity best practices and facilitate collaboration among stakeholders * Encourage partnerships between government, industry, and educational institutions to share knowledge and resources; and
* Implement awareness campaigns to educate organizations about the importance of cybersecurity and foster a culture of security.
To achieve a perfect score of 100% on the ITU GCI, Suleman says Malawi would need to address several potential hindrances in the next 3 years, including inadequate or outdated cybersecurity laws and policies that can be a barrier, adding that ensuring comprehensive and up-to-date legislation is crucial.
“Lack of advanced cybersecurity infrastructure and technologies can impede progress. Investment in modern cybersecurity tools and systems is necessary.
“Limited institutional frameworks and coordination among government and private sectors can be a challenge and establishing strong cybersecurity agencies and partnerships is important.
“Insufficient training and awareness programs for cybersecurity professionals and the general public can hinder progress and developing robust education and training initiatives is essential.
“Weak international and regional cooperation can limit access to resources and knowledge sharing; strengthening partnerships with other countries and international organizations is beneficial.
“Addressing these areas effectively can help Malawi improve its cybersecurity posture and achieve a higher score on the index.”
To improve Malawi’s cybersecurity standing in the upcoming years, the director general says several specific actions can be taken including:
* Developing and implement comprehensive cybersecurity laws and regulations that address data protection, cybercrime, and privacy;
* Investing in training and awareness programs for government officials, law enforcement, and the private sector to enhance their cybersecurity skills and knowledge
* Launch initiatives to educate the public about cybersecurity risks and best practices to promote safer online behavior;
* Foster partnerships with international organizations, neighboring countries, and the private sector to share knowledge, resources, and best practices;
* Create a clear and actionable national cybersecurity strategy that outlines goals, responsibilities, and resources needed for implementation;
* Upgrade and secure critical infrastructure to protect against cyber threats, ensuring that systems are resilient and capable of responding to incidents; and
* Develop and enhance national and sectoral incident response teams to effectively manage and mitigate cybersecurity incidents.
“By focusing on these areas, Malawi can enhance its cybersecurity posture and improve its standing in the ITU Global Cybersecurity Index.”
Follow and Subscribe Nyasa TV :