Cybersecurity Capacity Centre for Southern Africa (C3SA)

2020 - 2022 (Ongoing) Project number: 22760-1
C3SA informs policy through cybersecurity research to build national cyber capacity and resilience across Africa.

The Cybersecurity Capacity Centre for South Africa (C3SA) is a research project and part of a global constellation of regional cybersecurity capacity research centers including the University of Oxford Global Cyber Security Capacity Centre (GCSCC) and the Oceania Cyber Security Centre (OCSC). C3SA is a consortium between Research ICT Africa (RIA), the Department of Information Systems (DIS) at the University of Cape Town (UCT), the Global Cyber Security Capacity Centre (GCSCC) and the Norwegian Institute of International Affairs (NUPI). 

The project strives to improve the African region’s ability to protect digital infrastructure and combat cyber threats and recover from cyber crime in a safe digital society. Vulnerabilities and risks in the cyber domain are particularly challenging for developing and post-conflict countries due to weak digital infrastructures, institutions, management mechanisms, and limited resources. The project’s main target group covers countries in the Southern African Development Community (SADC) including Angola, Botswana, Republic of Chad, Democratic Republic of Congo, Lesotho, Madagascar, Malawi, Mauritius, Mozambique, Namibia, Seychelles, South Africa, Swaziland, Tanzania, Zambia and Zimbabwe. 
C3SA conducts research activities by crossing academic disciplines and knowledge areas for cybersecurity capacity building (CCB) in each country and of the whole region. The research informs policy to support the development of national strategies, increased awareness, educational opportunities, and legal frameworks on cybersecurity unique to the different environments. 

The work of C3SA is based on the methodical framework of the Cybersecurity Capacity Maturity Model for Nations (CMM) to map and review cybersecurity capacity. The CMM framework is developed by the Global Cyber Security Capacity Centre (GCSCC) in consultation with over 200 international experts from private and public sectors. The CMM considers five dimensions to be required by countries to build and sustain effective cybersecurity: 

  • Developing cybersecurity policy and strategy;
  • Encouraging responsible cybersecurity culture within society;
  • Building cybersecurity knowledge and capabilities;
  • Creating effective legal and regulatory frameworks; and
  • Controlling risks through standards and technologies. 
  • In addition to the deployment of the CMM, C3SA contributes to raising awareness of cybersecurity in the respective countries in Africa. More specifically, the aim of the project is to identify mechanisms that can be built or improved in order to:
  • Strengthen resources in the cyber domain through development and assistance projects;
  • Advise on how developing countries can establish CCB programmes and tap into private sector expertise;
  • Contribute to international cooperation on the management of the internet and cybersecurity globally in the diplomatic arena; and
  • Identify how new partnerships can be built through CCB applications.

C3SA consists of cybersecurity experts, researchers, and PhD candidates. The project and its participants are coordinated from the University of Cape Town (UCT). C3SA is part of NUPI's Centre for Digitalization and Cyber Security Studies.

Read more about the project and the CMM on the C3SA website, the Cybil Portal and the Global Cyber Security Capacity Centre


Funding program

Prosjektet er finansiert av Utenriksdepartementet.

Project Manager

Niels Nagelhus Schia

Senior Research Fellow, Head of the Research group on security and defense, Head of NUPI's Centre for Cyber Security Studies


Security policy  Development policy  Diplomacy  International organizations  Asia  Africa  Cyber  Fragile states

Oxford Martin School - The Global Cyber Security Capacity Centre (GCSCC)
University of Cape Town (UCT)
Research ICT Africa (RIA)