Cybersecurity Challenges Facing Sub Saharan Africa: Botswana Context

  • Dr. Thulaganyo A. Rabogadi DBA (USA), MBA (UK), BEng (UK), CBRM, P .O. Box 4116, Gaborone, Botswana
Keywords: Cybercrime, Global Cybersecurity Index, Cybersecurity, Critical information infrastructure, Cyberattacks.


The Global Cybersecurity Index (GCI) of Botswana dropped from position 23 in 2014 to position 69 in 2017 with GCI scores of .176 and .430 respectively.  The mediocre GCI performance of Botswana resulted in modest GCI scores across all GCI competitive measures namely: legal, technical, and organizational structure, capacity building, and international cooperation. Generally, cybercrime exploits critical infrastructure systems, thereby placing the nation’s security, economy, public safety and health at risk.  The absence of a national cybersecurity policy framework that describes the current security posture, identifies and prioritizes opportunities for improvement, and communicates to stakeholders about cybersecurity risk, may exacerbate the delay in the execution of Botswana National Cybersecurity Strategy, which has been under development for more than 3 years.  The purpose of this qualitative multiple case study was to explore policy frameworks developing countries use to guide the development of cybersecurity policy and strategies organizations use to safeguard and combat cybercrime.  Fifteen senior managers from the University of Botswana, Ministry of Transport and Communication, Botswana Police Service, Attorney General’s Chambers, and representatives from the private sector participated in a focus group interview during the 3rd International Conference on Internet, Cybercrime, and Information Systems hosted by University of Botswana on 1st to 2nd November 2018.  Themes that emerged included awareness and training, fast tracking the approval of the National Cybersecurity policy, protecting government ICT infrastructure from incidents of cybercrime, building national computer emergency response teams and national security operations centers with appropriate governance structure, and the development of National Cybersecurity Policy to improve Botswana’s security posture and GCI performance.


. Akuta, E, A-M, Ong’oa, I. M., Jones, C. (2011, March). “Combating cybercrime in Sub Saharan Arica: A discourse on Law, Policy, and Practice”. Journal of Peace, Gender, and Development Studies, 1(4), p. 129-137. Available: [October 5, 2018].

. Aycock, J. (2006). Computer Viruses and Malware. Springer Sciences and Business Media, LLC. New York. Available: [February 10, 2019].

. Botswana Communications Regulatory Authority (2013). “Botswana National Broadband Strategy”. Available: [October 13, 2018].

. Brewer, R. (2016). “Ransomware attacks: Detection, prevention, and cure”. Network Security Journal, 9, p. 5-6. doi.10.1016/S1353-4858 (16) 30086-1 [November 2018].

. Cassim, F. (2011, January). “Addressing the growing spectre of cybercrime in Africa: Evaluating measures adopted by South Africa and other regional role players”. First International Conference of the South Asian Society of Criminology and Victimology (SASCV) at Jaipur, India from 15–17 January 2011. Available: [October 21, 2018].

. Crisanto, C., and Prenio, J. (2017). “Financial stability institute insights on policy implementation No. 2: Regulatory approaches to enhance banks’ cybersecurity frameworks”. Available: [November 12, 2018].

. De Bruijn, H., & Janssen, M. (2017). “Building cybersecurity awareness: The need for evidence-based framing strategies”. Government Information Quarterly, 34, p. 1-7. doi.10.1016/j.giq.2017.02.007 [October 25, 2018].

. Ekoa, R. & Mungwe, M. (2018, May). “A review of cybercrime in Sub Saharan Africa: A study of Cameroon and Nigeria”. International Journal of Scientific & Engineering Research, 9(5), p. 211- 228. Available: [October 26, 2018].

. Government Gazette No. 39475 (December 4, 2015). “The National Cybersecurity Policy Framework: State Security Agency”. Retrieved from [October 18, 2018].

. Grabosky, P. N., Smith, R. G., & Wright5, P. (1996). “Crime and Telecommunications No. 59 Australian Institute of Criminology: Trends and Issues in Crime and Criminal Justice”. Available: [October 1, 2019].

. Hohmann, M., Pinrang, A., Benner, T. (2017). “Advancing cybersecurity: Implementing a principles-based approach”. Available: politics/article/advancing-cybersecurity-capacity-building-implementing-a-principle-based-approach [December 13, 2018].

. Homeland Security (2017). “Cybersecurity training and exercises”. Available: [November 23, 2018].

. International Telecommunication Union – Development Sector (2009). “Understanding cybercrime: A guide for developing countries”. Available: [January, 16, 2019].

. International Telecommunication Union – Development Sector (2017). “Global Cybercrime Index, 2017”. Available: [January, 18, 2019].

. International Telecommunication Union – Development Sector (2013). “Cyberwellness profile: Botswana”. Available: [January, 18, 2019].

. International Telecommunication Union – Development Sector (2014). Global cybersecurity index and cyber wellness profiles. Available: [January, 16, 2019].

. International Telecommunication Union – Development Sector (2015). “Global cybersecurity index and cyber wellness profiles”. Available: [December 18, 2018]

. International Telecommunication Union – Development Sector (2017). Global Cybercrime Index, 2017. Retrieved from

. International Telecommunication Union – Development Sector (2018). “Guide to developing national cybersecurity strategy: Strategic engagement in cybersecurity”. Available: [January, 18, 2019].

. International Telecommunication Union (2018). ITU/BDT Security Programme: Global Cybersecurity Index Reference Model Ver. 1. Available: [March 28, 2019].

. Kaspersky Laboratories (2018). “What is a Spayware?” Available: [January 2019].

. Kaspersky Laboratories (2018). “What is a Trojan Virus?” Available: [January 15, 2019].

. Kosseff, J. (2018). “Defining cybersecurity law”. Available: [October 12, 2018].

. Lin, L.S.F. (2018). “An emerging global security threat: Internet and telecommunication fraud crime Available: [October 26, 2018].

. Ministry of Transport and Communications (2016, September). “Draft Broadband Strategy”. Available: [March 28, 2019].

. Morgan, S. (2016). “Cybercrime Costs Projected to Reach $2 Trillion by 2019” Available: [October 25, 2018].

. Muhammad, S. I., & Kiru, M. U. (2017) “A situational analysis on cybercrime and it economic impact in Nigeria”. International Journal of Computer Applications 169(7), p. 19-29. doi: 10.5120/ijca2017914788. [March 5, 2019].

. Mungwe, R. E. M. (2018). “A review of cybercrime in Sub Saharan Africa: A study of Cameroon and Nigeria”. International Journal of Scientific & Engineering Research, 9(5), p. 211-228. Available: [January 17, 2019].

. National Institute of Standards and Technology (April 16, 2018). “Framework for Improving Critical Infrastructure Cybersecurity” [January 2017]. doi:10.6028/NIST.CSWP.0416218 [December 14, 2018].

. Newell, B. (2017). “Cybercrime and digital law enforcement”. Available: [February 5, 2019].

. Nikolova, I. (2017). “Best practice for cybersecurity capacity building in Bulgaria’s public sector”. Information & Security, 38, p. 79-92. doi:10.11610/isij.3806 [February 26, 2019].

. Osho, O., & Onoja, A. G. (2015). “National cybersecurity policy and strategy of Nigeria: A qualitative analysis”. International Journal of Cyber criminology, 9, p. 120-143. doi: 10.5281/zenodo.22390 [November 21, 2018].

. Perche, P. (2017). “Cybersecurity needs to be seen as strategic issue, not just an IT investment. Fortinet”. Available: [October 23, 2018].

. Rabogadi, T. A. (2017). “Strategies information and communication technology managers use to build employee competencies”. Doctoral dissertation, Walden University, 2017, United States of America. Available: [September 5, 2018].

. Schjolberg, S. (2004). “Computer-related offences”. Available: [ November 22, 2018].

. Semboja, H. H., Silla, B. S., & Musuguri, J. N. (2017). “Cybersecurity institutional framework in Tanzania: A policy Analysis”. Global Scientific Journal, 5(6), 13-28. Available: [November, 17, 2018].

. Shiloh, J., & Fassassi, A. “Cybercrime in Africa: Facts and figures, July 7, 2016. Available: [January 10, 2019].

. Sutherland, E. (2018). “Digital privacy in Africa: Cybersecurity, Data Protection, and Surveillance”. Available:

. Tafazzoli, T. (2018). Cybercrime legislation. Available: [November 10, 2019].

. Tariq, M., A., Brynielsson, J., & Artman, H. (2012). Framing the attacker in organised cybercrime. 2012 European Intelligence and Security Informatics Conference, 30-37. doi: 10.1109/EISIC.2012.48

. Upadhyaya, R., & Jain, A. (2016). “Cyber ethics and cybercrime: A deep delved study into legality, ransomware, underground web and bitcoin wallet”. 2016 International Conference on Computing Communication and Automation (ICCA). doi:10.1109/CCAA.2016.7813706 [February 17, 2019].

. Yokohama, S. (2016). “Cybersecurity for business experts: An NTT publication for top management”. Available: https:/Cybersecurity_for_Business_Executives2.pdf [September 23, 2018].

. Zou, Y., Zhu, J., Wang, X., & Hanzo, L. (2016). “A survey on wireless security: Technical challenges, recent advances, and future trends”. Proceedings of IEEE, 104, p. 1727-1765. doi:10.1109/JPROC.2016.2558521 [November 20, 2018].