The Current Status of Cyber Security

in Ethiopia
Kibreab Adane*

The increase in cyber attacks in Ethiopia has become a crucial point. Ethiopia is a low-income
country and cannot afford the cost data breaches. Unless institutions in Ethiopia give careful
attention to the protection of their valuable assets such as people, information, technology and
facilities from evolving cyber attacks, their overall security, privacy and credibility will be a
question mark. The paper attempts to present the current status of cyber security in Ethiopia
and answers the following key questions: (1) Is there any research or experts report in relation
to cyber security in Ethiopia? (2) What are the significant contributions made by prior researchers?
and (3) What are researchability gaps in the reviewed research? Qualitative techniques are
used to analyze the data. The findings reveal that currently Ethiopia has no standardized legal
cyber security framework, strategy and governance at the national level. Only 11.6% of
government institutions in Ethiopia have legal frameworks which are being at their trial level,
while a majority or 87.4% of them have no recognized legal frameworks to prevent cyber
attacks. In addition, lack of awareness and lack of expertise in cyber security also contributed
to the increasing level of cyber attacks in the country. To address the aforementioned issues
and challenges, some local researchers are developing cyber security frameworks and strategies
for some sectors such as banks, railway industries, Ethiopian Electric Power, Ethiopian Electric
Utility and Ethio Telecom. However, those frameworks were not rigorously tested. Moreover,
to overcome the acute shortage of cyber security professionals and lack of cyber security know-
how in the country, future researchers should be focusing on the development of virtual
training system or intelligent security tutoring system, so that stakeholders in various institutions
can learn cyber security basics by interacting with the machine.

Keywords: Cyber security, Cyber attacks, Threats, Legal framework, Ethiopia, Information
Network Security Agency (INSA)

Introduction
Africa is confronting various Internet-related challenges in relation to the security risk,
intellectual property right violation and protection of personal data. Even though cyber
criminals target people from both inside and outside their country, most African
governments have neither the technical nor the financial capacity to identify and monitor
electronic exchanges, thought to be sensitive for national security (ECA, 2014).
It is believed that the number of cyber crimes of Africa cost an estimated total of $3.5
bn in 2017. This was supposedly due to weak infrastructure security, lack of skilled
human capital and lack of awareness of the sector’s dynamics (Mathe, 2019).
* Faculty, Computing and Software Engineering, Arba Minch University, Arba Minch, Ethiopia.
E-mail: Kibreab.adane@amu.edu.et

The Current
© 2020 Status
IUP. All of Cyber
Rights Security in Ethiopia
Reserved. 7