Africa CISO Summit 2026 Opens In Nairobi Amid Rising Cyber Threats

No photo availableCIO Africa authorBySteve Mbego
6 min read
The second day of the summit is expected to shift the conversation from strategic perspectives to more operational cybersecurity leadership.
Part of the delegates attending day one of Africa CISO Summit 2026

The Africa CISO Summit 2026 opened in Nairobi with a clear message: cybersecurity is no longer just a technical issue. It has become a core element of business strategy, national resilience and economic trust.

The two-day gathering, organised by CIO Africa by dx5, brought together cybersecurity leaders, policymakers and technology executives from more than 15 countries to examine how Africa can secure its rapidly expanding digital economy.

Opening the summit, Harry Hare, Chairman, CIO Africa by dx5, noted that the role of cybersecurity has shifted dramatically over the past decade.

“Cybersecurity has moved from something handled quietly by technical teams to a strategic conversation in boardrooms and national policy discussions,” Hare told delegates. “Today our conversations revolve around risk, trust, regulation and digital transformation.”

He noted that the rapid digitisation of governments, financial systems and public services across Africa has created both opportunities and vulnerabilities.

“Almost every sector of our economies now has a digital component,” he said. “But as we digitise more systems, we also expand the attack surface. Our responsibility is to ensure that the digital spaces we build remain safe for our communities and businesses.”

Hare added that the summit’s goal is to strengthen collaboration across the continent’s cybersecurity ecosystem.

“We have representatives from about fifteen countries here today. We may have started small, but this community continues to grow,” he said.

Cybersecurity moves into business strategy

The first keynote speaker, Dr James J. Kimuyu, Director at Kenya’s National Computer and Cybercrimes Coordination Committee (NC4), highlighted the growing scale of cyber threats facing African institutions.

“Organisations today face multiple cyberattack attempts every month,” Kimuyu said. “In some sectors, institutions are experiencing an average of more than seven significant attacks within short reporting periods.”

Despite increased investment in cybersecurity tools, he said many organisations are still struggling to protect themselves.

“The challenge is not always a lack of technology or funding,” he said. “Often the problem lies in coordination, implementation and strategy.”

Kimuyu stressed that cybersecurity can no longer be confined to IT departments.

“Cybersecurity now affects every part of the organisation,” he said. “Legal teams, risk managers, compliance officers and executive leadership are all involved.”

As a result, cybersecurity discussions are increasingly moving into boardrooms.

“Security is no longer a support function,” Kimuyu said. “It has become a central element of business strategy.”

Africa’s digital growth expands cyber risk

Another keynote speaker, Divine Selase Agbeti, Acting Director General, Ghana’s Cyber Security Authority (CSA) and Chair of the African Network of Cybersecurity Authorities (ANCA), pointed to the rapid expansion of digital connectivity across Africa.

“Africa’s digital transformation is accelerating rapidly,” Agbeti said. “Governments are digitising public services, businesses are migrating to the cloud, and mobile money ecosystems continue to expand.”

He cited Ghana as an example, where internet penetration has reached 72 per cent, with more than 24 million users.

However, that growth is accompanied by a rise in cybercrime.

“Across Africa we are seeing increasing incidents of ransomware, financial fraud, identity theft and attacks targeting critical infrastructure,” he said.

In Ghana alone, the Cybersecurity Authority received 23,363 cyber incident reports in 2025, with online fraud accounting for 39 percent of incidents.

“These patterns are emerging across many African countries,” Agbeti said.

Talent shortages threaten cyber resilience

Speakers also highlighted the shortage of cybersecurity professionals as one of the most pressing challenges facing the industry.

According to the World Economic Forum, the global cybersecurity workforce gap currently stands at 4 million professionals and could reach 8.5 million by 2030.

“Africa must see this challenge as an opportunity,” Agbeti said. “We must invest in cybersecurity education, certification programs and research centres of excellence.”

He argued that Africa could eventually become a global exporter of cybersecurity talent.

CFOs versus CISOs clash over security budgets

Day one of the summit also featured an intensive debate between Chief Financial Officers and Chief Information Security Officers over how organisations allocate cybersecurity budgets.

The discussion highlighted a long-standing tension inside many companies.

CFOs typically demand disciplined financial justification and measurable return on investment, while CISOs argue that cybersecurity spending often focuses on preventing risks that are difficult to quantify until a breach occurs.

The debate underscored the need for a shared language between finance and security leaders.

Experts argued that organisations must increasingly adopt quantified risk-based frameworks that translate cybersecurity threats into financial impact.

Only then can companies align business strategy, investment decisions and cyber risk management.

The CISO as a value creator

Niral Patel, Group CEO, Accelera Digital Group, argued that the modern CISO must go beyond defending systems to enabling innovation.

“The CISO is no longer an inhibitor in the organisation,” Patel said. “When security is integrated properly, it becomes a strategic advantage that allows companies to innovate faster and more safely than their competitors.”

He pointed to the growing role of artificial intelligence in cybersecurity.

“The automated war is not coming. It is already happening,” Patel said. “Attackers are using AI to scale their attacks, so defenders must also use AI to strengthen security operations.”

From reacting to resilience

Throughout the day, speakers returned to a central theme. Africa must move from reacting to cyber incidents toward building long-term cyber resilience.

As the continent’s digital economy expands from fintech innovation in Lagos to digital government services in Nairobi, security leaders warned that cybersecurity must be embedded into systems from the start.

Looking ahead to Day Two

The second day of the summit is expected to shift the conversation from strategic perspectives to more operational cybersecurity leadership. Sessions will focus on practical approaches to cyber resilience, threat intelligence, and how organisations can translate cybersecurity strategy into real-world implementation.

Participants will examine topics such as ransomware defence, talent development, and the growing role of CISOs in aligning cybersecurity with business strategy and regulatory compliance. Discussions will also explore how enterprises and governments can secure cloud environments, fintech ecosystems, and digital public services as Africa’s digital economy continues to expand.

With hundreds of cybersecurity professionals, policymakers and industry leaders participating, the final day is expected to emphasise collaboration, knowledge sharing and practical solutions for strengthening Africa’s collective cyber defence.

As digital transformation accelerates across the continent, the summit has reinforced a clear message: cybersecurity will play a defining role in shaping Africa’s digital future.

 

Leave a Reply

Your email address will not be published.

Do you have a story that you think would interest our readers? Write to us editorial@cioafrica.co