Speaker
Description
The rapid digitalisation of higher education across Africa has expanded institutional exposure to cyber threats while simultaneously generating unprecedented volumes of sensitive research and student data. This systematic review examines the state of cyber resilience in African higher learning institutions (HLIs), focusing on the dual imperative of safeguarding research data and protecting student personal information. Drawing on peer-reviewed literature, institutional reports, policy documents, and incident analyses published between 2019 and 2026, the review identifies persistent vulnerabilities including outdated IT infrastructure, insufficient cybersecurity governance, acute talent shortages, low security awareness among students and staff, and fragmented regulatory compliance. The education sector has been identified as the third most targeted sector globally for cyberattacks, with African institutions facing disproportionate risk due to resource constraints and rapid, often unmanaged, digital adoption. A study of 60 African universities found that the majority had experienced hacking incidents, while prominent breaches at institutions such as Tshwane University of Technology in South Africa and Abdelmalek Essaadi University in Morocco underscore the severity of the threat. The review further analyses the evolving regulatory landscape, including the Malabo Convention, national data protection legislation such as POPIA, Nigeria’s NDPA, and Kenya’s Data Protection Act, and assesses their applicability to the higher education context. It proposes a multi-layered cyber resilience framework tailored to African HLIs, encompassing governance, technical controls, human capacity building, regulatory compliance, and collaborative continental approaches. The findings contribute to the growing body of knowledge on cybersecurity in African education and offer actionable recommendations for institutional leaders, policymakers, and researchers.
