Towards GC3B: Models of Cyber Capacity Building in West Africa

At GCA we have an ambitious Mission: to build communities to deploy tools, services, and programs that provide cybersecurity at global scale.  As studies demonstrate, perceptions of cybersecurity are different across cultures. Yet, there is a global understanding that to reap the benefits of Internet connectivity, cybersecurity must be a central consideration. To advance cybersecurity within different countries and ecosystems, we must understand what government initiatives are being pursued and how these might inform efforts to advance cybersecurity for all Internet users. 

In West Africa, we’ve seen some success.



In Ghana, the government took a multi-stakeholder approach to developing its national cybersecurity strategy, ensuring buy-in from a range of actors– including civil society. By leveraging the partnership and expertise of international and regional organizations– to advance the Ghanaian government’s efforts– the completion of the national cybersecurity strategy positioned the country to roll out a series of improvements to its cybersecurity capabilities, including supporting its CERT. Organizations like the Ghana Association of Banks, is also working diligently to raise awareness and build capacity of Ghana’s banks on why cybersecurity is critical to their operations.  In recent years, efforts like this, and initiatives like “A Safer Digital Ghana” and a GCA partnership with the Center for Intelligence and Security Aid Bureau, have improved Ghana’s cybersecurity maturity significantly. Nevertheless, awareness amongst individuals on best cybersecurity practices is still needed to mitigate the number of people falling victims to scams, fraud, and or data loss. 




Internet penetration remains low in Liberia. Nevertheless, as the government commits to advancing digital transformation to enable economic growth, mitigating cybercrime has been a priority. Beginning in November 2020, GCA, in partnership with the Government of Liberia, provided access to a suite of free tools that seeks to strengthen cyber hygiene of individuals, therefore bolstering the cybersecurity of Liberia.  To do so effectively, the toolkit was introduced across government Ministries, Agencies, and Commissions. The following year, in collaboration with the Liberian Cyber Crime Prevention and Mitigation Agency, GCA delivered a hybrid cyber hygiene workshop to 60 women representing small businesses, government and civil society. As government efforts continue to focus on greater Internet connectivity, as well as cybersecurity, cyber hygiene best practice workshops and education will need to continue. In particular, as Internet access continues to increase in Liberia, it will be critical to teach people who are newly online, not only basic digital skills, but also basic cybersecurity hygiene. 




In contrast to Liberia, Nigeria has seen exponential growth in Internet connectivity in recent years. In parallel to that– like many countries– ithas seen a growing number of cyberattacks. The Nigerian government seeks to mitigate these challenges, and in 2020, it passed one of the most robust data protection laws on the continent. Nevertheless, many leading organizations and financial institutions have fallen victim to cyberattacks. To help strengthen the capacity of key actors in Nigeria, GCA– in partnership with KPMG under the UK Government’s Digital Access Program– supported the Government of Nigeria to strengthen the cybersecurity of its thriving small and medium sized business (SMEs) sector by launching GCA’s small business toolkit. The goal of the toolkit is to lower the barrier for SMEs to adopt cybersecurity best practices. To make it relevant to stakeholders in Nigeria, GCA created country-dedicated portal pages that include localized resources. To raise awareness about the toolkit, KPMG used the networks of CyberSafe Foundation, Development Agency of Nigeria (SMEDAN) and Nigeria’s Office of the National Security Advisor (ONSA), combined with a launch event and train-the-trainer sessions. As a result, over 150 business owners, trainers and facilitators were trained in 6 months. Despite these efforts, implementation of best practices or adherence to government regulation remains low. To ensure Nigeria can continue to benefit from the digital revolution, further investment will need to be made in cybersecurity capacity building for government, businesses, and individuals. 

Call to Action


These national examples highlight the importance of working with and through relevant communities to advance the adoption of cybersecurity strategies and best practices that are most relevant to each country. GCA is looking forward to unpacking these models, as well as opportunities for improvement, at the Global Forum on Cyber Expertise’s GC3B conference at the end of November. We look forward to seeing you there.