Together We Are Stronger – Why Africa’s CSIRTs Need Each Other in a Trusted Framework

In today’s hyperconnected research and education environment, cyber threats no longer respect borders. From ransomware targeting university networks to phishing campaigns exploiting collaboration platforms, the challenges faced by African research and education institutions are increasingly complex and transnational. To effectively defend our shared digital landscape, Africa’s Computer Security Incident Response Teams (CSIRTs) must recognize a fundamental truth: together, we are stronger.

Across the continent, National Research and Education Networks (NRENs) and institutional CSIRTs play a critical role in protecting the data, infrastructure, and intellectual output that fuel our innovation. Yet many operate in isolation — often under-resourced, overburdened, and without structured mechanisms for trust-based collaboration. This fragmentation weakens our collective cybersecurity posture. No single CSIRT can see or stop every threat, but by sharing intelligence, tools, and best practices, we can build a security fabric strong enough to protect all.

That is where initiatives like TrustBroker Africa (TBA), working with collaborators like the Open CSIRTs Foundation (OCF) and the Shadowserver Foundation make their contributions to the landscape. TBA provides the trusted framework and infrastructure for CSIRTs in Africa’s research and education community to collaborate securely. Through its Team Registry, and accreditation, it creates the foundation for mutual trust. A team listed on TBA signals to others that it operates with professionalism, accountability, and a willingness to contribute to the continent’s shared defense. In essence, trust becomes the bridge that links isolated defenders into a coordinated network of resilience.

Building this trust, however, requires more than technology. It demands a cultural shift — one that values openness, reliability, and reciprocity. African CSIRTs must feel confident that the information they share will be handled responsibly and that collaboration will lead to tangible benefits. Initiatives like the WACREN Sentinel, which integrates threat intelligence across participating NRENs, demonstrate how technical cooperation can reinforce human trust. When teams see the positive outcomes of collaboration — faster detection, better response, and fewer disruptions — trust grows organically.

Moreover, trust-driven cooperation amplifies capacity building. When experienced teams mentor emerging ones, knowledge spreads faster than attacks evolve. Joint training, coordinated incident response, and peer validation accelerate the maturity of our cybersecurity ecosystem. Instead of reinventing solutions, teams can adapt proven playbooks from their peers. This not only strengthens institutional resilience but also raises Africa’s overall readiness to engage globally through platforms like FIRST and OCF.

As we observe Cybersecurity Awareness Month 2025, under the global theme “Secure Our World”, the African message is clear: our world of research and education can only be secured when we work together. The threats we face are shared; so must be our defenses. Through TrustBroker Africa, every NREN CSIRT and institutional security team has the opportunity to contribute to — and benefit from — a trusted, collaborative, and accredited community.

African NREN CSIRTs and their member institutions need to choose cooperation over isolation and share knowledge, not just alerts. There is a need for a robust ecosystem where trust is not an aspiration but an operational standard, because in our setting we can only be together when we are stronger.