D3F6
Project Sheet
Cybersecurity Strategy and Framework Development in Comoros
DEFINITION OF THE NATIONAL STRATEGY AND DEVELOPMENT OF THE LEGAL, TECHNICAL AND ORGANIZATIONAL FRAMEWORK FOR CYBERSECURITY
Mission Type
Study & Structuring
Country
Union of the Comoros
Execution Period
2019 – 2020
Funding
World Bank
Client / Program
Ministry of Finance and Budget in charge of the Banking Sector (RCIP-4 Project)
Project Description and Main Mandate
The mission consisted of supporting the Comorian government, within the framework of the regional RCIP-4 program financed by the World Bank, in developing a complete system aimed at establishing digital trust in the country. This included defining strategic orientations, establishing the legal framework, and structuring the operational capabilities required to respond to cyber threats.
Key Mission Components:
- 1. National Cybersecurity Strategy: Define the government's vision and orientations, including the assessment of risks, challenges, and needs (cybercrime, data protection, privacy protection), and the development of a national risk mapping (based on the NIST RMF Framework).
- 2. Legal and Regulatory Framework: Develop the appropriate legal framework for cybersecurity to support the implementation of the strategy and strengthen the fight against cybercrime.
- 3. Technical and Operational Structure: Define the institutional, technical, and organizational framework to monitor, protect, and respond to threats (Monitoring, Prevention, Emergency Response), including diagnosis of the existing framework, international benchmarking, the development of the operationalization plan for the CSIRT, and capacity building.
The mission concluded with the organization of a national validation workshop involving all stakeholders to ensure alignment and relevance of the strategy.