Sierra Leone’s National Cybersecurity Strategy (2021–2025)
May 2021
Strategies and Action Plans
Author: Ministry of Information and Communications
Sierra Leone’s National Cybersecurity Strategy (2021–2025) represents a critical framework for safeguarding the country’s digital future. As the nation embraces the transformative potential of digital technology, it simultaneously faces the growing risks posed by cyber threats. This strategy is designed to provide a secure and resilient cyberspace that aligns with national development goals while protecting citizens’ rights and privacy.
The strategy’s purpose is to strengthen Sierra Leone’s cybersecurity posture by addressing vulnerabilities and ensuring the safety and reliability of its digital infrastructure. It seeks to enhance national security, protect critical systems, and foster a culture of cybersecurity awareness. By bridging gaps in legal frameworks, governance, and technical capabilities, the strategy aims to create an environment where public and private sector entities collaborate effectively against cyber threats.
The scope of the strategy is comprehensive, encompassing both national and international dimensions. It integrates measures to protect critical digital infrastructure, enhance public education, and strengthen governance frameworks. The strategy also addresses cross-border issues by fostering regional and international cooperation, ensuring Sierra Leone is aligned with global cybersecurity standards and practices.
The guiding principles underlying this initiative include a risk-based approach, multistakeholder collaboration, and respect for human rights and the rule of law. It emphasises capacity development, socio-economic development, and a proactive stance against cybercrime. By adhering to these principles, the strategy ensures a holistic and inclusive approach to addressing the complex challenges of cybersecurity.
In alignment with the country’s broader National Digital Transformation Roadmap, this strategy is a cornerstone for achieving a digitally inclusive society by 2029.
Strategic goals and focus areas
- Create institutional, legal, and regulatory frameworks for effective governance
This includes establishing governance structures such as the National Cybersecurity Advisory Council and a technical working group. A National Cyber Security Center is proposed to implement the strategy effectively. Legal frameworks are to be developed and enforced, such as the enactment of a National Cybercrime Bill and data protection laws. Special emphasis is placed on equipping the criminal justice system with skills and tools for investigating and prosecuting cybercrime. - Promote public education, awareness, child online protection, rights, and privacy
Efforts in this area focus on creating initiatives for child online safety, enhancing public understanding of digital hygiene, and promoting trust in secure internet use. Awareness campaigns and educational programs are key elements. - Protect critical digital infrastructure through response readiness
Key focus areas include establishing a cybersecurity risk management framework, setting up incident response teams, and developing a national crisis management plan to address potential cyberattacks. - Develop cyber capabilities to support national security objectives
This goal emphasises integrating cybersecurity into formal education, offering professional training, fostering local cybersecurity industries, and promoting innovation and research. - Strengthen national, regional, and international cooperation
Partnerships with private sector stakeholders, regional collaborations, and alignment with international treaties such as the Malabo and Budapest Conventions are prioritised. The strategy also promotes participation in global drills to enhance preparedness.
Implementation and approach
The strategy adopts a phased implementation plan with timelines categorised as short-term (up to two years), medium-term (two to four years), and long-term (five years or more). Stakeholders involved in this effort include government ministries, law enforcement, private organisations, and international partners. Specific roles and responsibilities are distributed among these stakeholders to ensure effective coordination and execution.
The approach emphasises a risk-based methodology for identifying and mitigating cyber threats, fostering multistakeholder collaboration, and aligning actions with human rights and the rule of law. Socioeconomic development is also a core focus, with the strategy aiming to use cybersecurity as a driver for national growth.
Funding and resources
The strategy proposes creating a dedicated national cybersecurity fund. This fund would be supported through diverse sources such as taxes, grants, and donor contributions. Sustainable funding mechanisms are essential for ongoing projects, research, and development.
Monitoring and evaluation
The government will establish a monitoring framework to track progress and evaluate the strategy’s implementation. Regular benchmarks and performance indicators will ensure that goals are met efficiently and effectively. The strategy will also undergo periodic reviews to adapt to evolving cyber threats and align with national and international priorities.