Lack of investment, political will threaten cyber security skills development in Africa

Without political commitment and sustained financial investment, Africa risks falling behind in the development of critical cyber security skills, a senior expert warned today.

Speaking at the annual ITWeb Security Summit 2025 at the Cape Town International Convention Centre, Martin Koyabe, senior manager and technical lead at the Global Forum of Cyber Expertise (GFCE) Africa, said nearly 90% of organisations across the continent experienced a cyber security breach in the past year – many of which can be partly attributed to a shortage of skilled professionals.

“Cyber security threats evolve rapidly, and without a well-trained workforce, organisations are exposed,” Koyabe said. “It’s not just about developing skills, but about building trust and providing continuous upskilling opportunities.”

He added that the emerging workforce expects employers to support innovation and align with their career ambitions. Recruitment and incentive strategies, he said, must reflect these evolving expectations to attract and retain talent.

Koyabe also highlighted the limitations of current training and development initiatives, such as the provision of laptops in schools or ad hoc skills programmes, noting that these efforts often fail due to a lack of sustained local expert support.

Globally, there is a shortfall of approximately 4 million qualified cyber security professionals. In Africa, the situation is compounded by underdeveloped educational infrastructure and insufficient private sector involvement.

Koyabe emphasised the importance of public-private partnerships (PPPs) in addressing the talent gap and called for more tertiary institutions to introduce comprehensive cyber security programmes.

“PPPs and inclusive market incentives are essential to build resilient cyber security ecosystems in developing economies,” he said. “We must also develop local cyber security markets to nurture home-grown expertise and services.”

MC Michael Avery, journalist and broadcaster, presented data underscoring the continent’s cyber security challenges. He noted that cyber crime costs the South African economy an estimated R2.2 billion annually, while only 17% of companies have fully implemented a zero-trust security framework.

Cyber security, Avery said, is critical for Africa’s broader digital transformation, especially as digital technologies – particularly mobile-based services – drive e-commerce, e-governance and regional digital trade under initiatives like the African Continental Free Trade Area.

Koyabe urged organisations to begin building relationships with future cyber security professionals while they are still in academic institutions. “We must engage early to build trust and create a pipeline of talent ready to respond to Africa’s cyber security needs,” he said.