top of page

Africa on the Frontline: Cybersecurity, Geopolitics and why Security is Moving from Systems to Human Minds


We’ve long defined cybersecurity as the technical discipline of protecting networks, data and systems. But when viewed through a geopolitical lens, then this definition is no longer sufficient. What we are dealing with today goes beyond protecting organisational data, to protecting economies, sovereignty, and increasingly, human perception.


I’ve recently participated in a webinar hosted by the Cyber Threat Alliance on the topic of geopolitics and its impact on global cybersecurity. In preparing for this webinar, I explored the topic from an African perspective. You can view the full webinar recording here.


Here are some of my key reflections:


Has Cybersecurity become geopolitical?


One of the strongest themes across the panel was that we are moving away from seeing cyber as a separate domain. Many of the assumptions that guided cybersecurity for years are being challenged, particularly the idea that cyber risk is contained, technical, and somewhat predictable. Instead, we are now operating in a world where cybercrime, state actors, and influence operations overlap and cyber activity is continuous, not episodically linked to just one conflict event. As Chris Painter pointed out, cyber has always been a dimension of geopolitics, it is just too underprioritized in most countries.


In Africa, this friction plays out across three overlapping layers, each dominated by a different global philosophy:


  • Infrastructure: Chinese tech provides a lot of the continent’s digital backbone. African organisations are making purchasing decisions based on affordability rather than ideology, and this is why China is such a key player in building telecommunications networks, cloud infrastructure, and smart city systems across Africa. Their technologies help to accelerate digital inclusion, often driven by affordability and speed. But infrastructure is not totally neutral. It shapes dependencies, standards and governance, and ultimately influences ways of thinking. This is dangerous in African states where the understanding of what cybersecurity really is about is lacking or being abused for state power.


  • Influence Operations: Russia has demonstrated how influence operations such as disinformation campaigns can interfere with election results and shape political and social outcomes without touching infrastructure. Africa has experienced many of this type of influence operations, such as election interference and narrative shaping across social platforms. Effective operations exploit existing local grievances (like poverty or post-colonial resentment) rather than inventing new problems, making them hard to defend against. They don't invent fire; they simply fan existing local flames and feed into existing biases. For example recent reports from data leaks suggest coordinated efforts to influence African elections between 2019 and 2025, using forged documents and smear campaigns in nations like South Africa and Madagascar.


  • The Rules (Governance): Influenced by Western values and norms that emphasize open internet models and regulatory norms. Many of Africa’s data protection legislations are based on EU Data privacy directives. The Malabo Convention was deeply influenced by the Council of Europe’s Budapest Convention on Cybercrime and pre-GDPR European privacy directives. It aims to harmonize laws across AU member states using Western-style rights-based frameworks rather than the state-centric models used in other regions.


Africa sits at the intersection of these forces. The continent is undergoing rapid digital transformation, unlocking enormous opportunity, but also exposing new layers of vulnerability. Overlay this with a very young population with high social media usage and uneven digital literacy. This makes for fertile ground for cognitive manipulation.


From cyberwar to cognitive warfare


NATO’s 2025 report on cognitive warfare, points out that the battlefield has shifted to the core of how people think. And not just what they believe, but how they decide what to believe. Unlike traditional propaganda, modern influence operations don’t rely on obvious falsehoods. They map attention patterns, emotional triggers, cognitive biases and social dynamics using behavioural data and AI models. These insights allow adversaries to tailor content that aligns with how individuals already process information. The content feels authentic, the conclusions feel self-directed, and decisions feel rational. But the framework within which those decisions are made has been quietly shaped. The most effective manipulation today doesn’t feel like manipulation, it feels like your own thinking.


Not louder attacks, but quieter influence


Another important point raised was that we expected large-scale cyber disruption in times of conflict. But that hasn’t fully materialised. Why? Because the nature of cyber operations has shifted. Instead of loud, disruptive attacks that hit global media outlets, we’re seeing more quiet, persistent influence, the long-term shaping of perception and erosion of trust. And a lot of these activities happen during periods of peace, long before kinetic events occur. The goal is not always to disrupt, but to destabilise and to confuse. Sergey Shykevich shared how cyber attacks against supply chain players and IoT devices such as cameras are disrupting his region and are difficult to defend against due to their fragmented nature.


What resilience looks like


One of the more hopeful parts of the discussion came from looking at real-world responses, particularly the Ukraine. What stands out is not just their technical defence, but societal response. They show the rest of the world how to perform real-time detection of disinformation and deepfakes, rapid narrative response mechanisms, how to collaborate between government, civil society, and tech platforms and fast-moving legal frameworks. And perhaps most importantly: media literacy has been treated as a matter of national security.


Other regions are taking similarly proactive approaches. In Israel, and across parts of the Gulf, cybersecurity is not treated as a niche technical discipline, but as a strategic priority. This includes investing in cybersecurity education from a young age, building strong talent pipelines and positioning cybersecurity as an economic sector and prerequisite. They understand that cybersecurity is not just about protection, it is about competitiveness and enabling national resilience.


Cybersecurity as a public good and economic enabler


Digital inclusion without protection is a false promise. And I would extend that further that digital inclusion without cognitive resilience is a risk multiplier. The faster we connect people, the more exposed they become, not just to cybercrime, but to manipulation by both cybercriminals and threat actors linked to nation-states.


And Cybersecurity is no longer just about reducing risk, but about enabling digital economies, cross-border trust and innovation. There is a growing recognition, also reflected in global initiatives, such as the Common Good for Cyber fund that cybersecurity is a shared, systemic challenge. Some parts of the digital ecosystem including threat intelligence, incident response and core infrastructure are effectively public goods. They benefit everyone but are often underfunded. This leads to a critical realisation that cybersecurity is not just protecting the economy, it is enabling the economy. There is no digital economy without trust. And no trust without security.


In addition, if we continue to focus solely on the technical 'hard' layer of security while ignoring the 'soft' layer of human influence, we remain vulnerable by design. Cybersecurity is now a human-centric discipline. It’s time to start defending the narrative as fiercely as we defend the network.


Here is the full discussion:


Comments

Detailed Bio
Anna 22 formal.jpg

I'm a content creator, researcher, speaker and founder with a demonstrated history of working 20+ years in the cybersecurity industry. Originally from Munich, Germany, I've been living in Cape Town, South Africa for the last 20+ years. Successfully grew bootstrapped startup Popcorn Training to US acquisition and scaled team in a hyper-growth environment under the new ownership as the regional MD of KnowBe4 Africa.

Since 2021 I've moved into an evangelist role at KnowBe4, driving cyber awareness across the African continent with a special focus on cyberpsychology, security culture, and the intersection of mindfulness on cyber.

I am a Member of the World Economic Forum’s Global Future Council on Cybersecurity for the 2025-2026 term and was part of the WEF GFC Future of Metaverse for the 2023-2024 term. 

 

I'm a founding board member of the Mido Cybersecurity Academy, aimed at underserved communities in South Africa to bridge the cyber skills divide.

I'm a certified business analyst and have an MSc in Cyberpsychology from the University of Applied Sciences in Vienna and currently a PhD candidate at Nelson Mandela University (NMU). I hold multiple security certifications, including CISSP, CISA, CIPP/IT, ex PCI DSS QSA, ISO 27001 Implementer, and auditor.

Im also a Yoga Alliance certified Yoga Teacher Trainer (YTT 500) and certified Trauma Sensitive Yoga Facilitator and guide movement and Nidra classes and wellbeing and mindfulness workshops in my immersive studio the Zense, in Cape Town. 

Awards / Recognitions:

- Female Tech Entrepreneur 2025 South Africa by Wired4Women/ITWeb

- Top 20  Women in Cyber of the World 2025

- Top 20  Women in Cyber of the World 2024 

- Top 100 Influential Women in Tech South Africa 2024
- Women in Cyber People’s Choice Award 2023 - Global Cyber Alliance
- IFSEC Global Influencer in Security for 2022.
- UK’s IT Security Guru 21 Most Inspiring Women in Cyber in 2021
- Top 100 Women in Cyber 2020 and 2021 globally by Cyber Defence Magazine.
- ISACA South Africa President Award for 2020
- Women in Tech Innovations Africa 2020 Award for Southern and Central Africa at Africa Tech Week
- Top 50 Women in Cybersecurity – Africa 2020

 

Image by kylefromthenorth
Join My Mailing List

Thanks for submitting!

© 2026

bottom of page