About the event
On 20 May 2025, Diplo delivered a briefing and workshop on cyber diplomacy for the ECOWAS Permanent Representatives Committee and the ECOWAS Commission Management Representatives. Organised by the ECOWAS Commission in partnership with the German Federal Foreign Office, the event aimed to enhance the understanding of ECOWAS Ambassadors about the current cybersecurity landscape, the significance of cyber diplomacy, and the framework for responsible state behaviour in cyberspace.
Specific objectives included:
- Increase understanding among ECOWAS Ambassadors about the importance of cyber diplomacy in addressing regional and global cybersecurity challenges.
- Equip ECOWAS Ambassadors with the knowledge and frameworks to engage effectively in cyber diplomacy and foreign policy discussions.
- Highlight the critical role of diplomacy in shaping regional cybersecurity policies, fostering cooperation, and ensuring data protection and digital resilience.
- Emphasise the importance of cyber resilience in the digital era as a cornerstone for sustainable development.
AI Agent on Digital Africa
This AI agent is trained to help unpack issues related to (a) digital policy and governance in Africa, (b) global processes and mechanisms, and (c) the interplay between them.
Key takeaways
- Trust in the digital space: Strengthening trust in the digital environment requires clear, enforceable rules and cooperation among states, private sector actors, and civil society. Diplomats play a key role in fostering norms and frameworks that promote responsible behaviour online.
- Cybersecurity and preventing hacking: A proactive and coordinated approach to cybersecurity is essential. This includes capacity development, information sharing, and ensuring that national systems are resilient against threats.
- Data sovereignty and protection: There is a strong regional priority to reclaim control over data extracted from the region and to prevent further data exploitation. Localising data – keeping it within national or regional jurisdictions – is critical for digital sovereignty and economic security. Enforcing existing governance and regulatory frameworks is seen as a core challenge and priority.
- Bridging the governance gap: ECOWAS states seek to close the gap with global standards in digital governance through tailored, context-sensitive approaches and by participating more actively in international norm-setting processes.
- Artificial intelligence: The region is keen to leverage AI for development while addressing the associated risks, including ethical, legal, and social dimensions.
- Building digital sovereignty: Digital sovereignty was discussed not only in terms of data and infrastructure but also in the capacity to make independent policy choices in the digital realm, aligned with national interests.
- Whole-of-government and whole-of-society approaches: Addressing digital and cyber challenges demands inclusive collaboration, involving not just government agencies but also the tech community, civil society, academia, and parliamentarians.
- Cyber vs. digital diplomacy: While cyber diplomacy focuses on security, stability, and norms in cyberspace, digital diplomacy encompasses broader issues including digital development, digital rights, governance, and emerging technologies.
- Capacity building and ambassadors as drivers of change: Ambassadors can play a critical dual role: shaping international digital norms and governance frameworks, and translating these into actionable national policies. More intentional, structured efforts are needed to raise awareness, build technical and policy skills, and foster a digitally informed diplomatic community across the region. Long-term impact will depend on building capacities at both individual and institutional levels, with tailored training, knowledge exchange, and strategic planning. Building capacities in cyber and digital diplomacy must be a continuous, long-term effort – one that is essential for strengthening national and regional cyber/digital resilience, and for fostering strategic and meaningful engagement in global digital governance processes.
Resources
1. Diplo resources to assist diplomats unpack the world of cyber and digital diplomacy
- Digital Watch observatory – A space where you can find daily updates and in-depth coverage of digital tech and governance developments.
- Stronger digital voices from Africa: Building African digital foreign policy and diplomacy – A research into Africa’s digital priorities and their reflection in foreign policy.
- Diplo AI Ecosystem – A comprehensive suite of AI-driven tools, services, research, and training designed to bridge ancient and contemporary human wisdom to support diplomacy, governance, and policy processes in the age of AI.
- Diplo Academy – An overview of our capacity development programmes, including details about upcoming courses and activities.
- African Digital Diplomacy and Governance – An entry point to our activities in Africa.
2. Insights: Contributions of ECOWAS member states to OEWG discussions
Below is a summary of the key issues raised by ECOWAS countries, as reflected in their last contribution to an OEWG session. The summary is built around the main debate topics:
- Existing and potential threats | Norms | International law | Capacity building | Confidence-building measures (CBMs) | Regular institutional dialogue (RID).
Benin
Threats: N/A
Norms: Questioned the effectiveness of voluntary, non-binding norms.
International law: Concerned about applying the concept of “force” from international law to the cyber domain, and believes that the concept should be redefined.
Capacity building: N/A
CBMs: Need to be implemented in full transparency and in a nondiscriminatory manner so that human rights are respected.
RID: N/A
Ghana
Threats: Highlighted quantum computing as a threat; To counter threats: a multistakeholder approach, regional and international cooperation, and investments in capacity building.
Norms, rules and principles: Important to implement existing ones, but it is equally crucial to further develop them, given the rapid advancement in technology and the increasing complexity of cyber threats.
International law: International humanitarian law (IHL) applies in cyberspace, Human rights must be upheld online; Necessary to preserve critical services to populations; Further constructive discussions are needed about due diligence
Capacity building: Capacity building efforts need to be sustainable, demand-driven, inclusive, and tailored to the specific needs of each nation; Capacity building should be integrated into national cyber strategies, knowledge sharing platforms should be established; peer learning and mentorship programs encouraged; Support for the UN Voluntary Fund to support capacity building in ICT – the Fund must prioritise countries with limited resources and its governance structure must be transparent; Support for the Global ICT security cooperation and capacity building portal as a one-stop shop for best practices, training materials, technical guidance, knowledge sharing and collaboration.
CBMs: Encourages the mainstreaming of the globally agreed CBMs into national cybersecurity policies; There is a need need for increased capacity building to effectively operationalise these CBMs; A standardised template is needed for incident reporting.
Regular institutional dialogue: The future mechanism should fully inherit the mandate of the existing OEWG; Support for the participation of relevant stakeholders in the mechanism; The mechanism should have three thematic groups suggested by the African group (1. Threats, 2. International law and norms, 3. Capacity building) and the role of thematic groups should be clarified, A review conference should be held every four years.
Côte d’Ivoire
Threats: Understanding the complexity of security challenges and their changes is crucial; Noted it would like to see more attention paid to means of preventing cyberattacks on critical infrastructure.
Norms, rules and principles: The need for their implementation and their gradual development is paramount; However, capacity building is needed to enhance common understanding of these norms and build capacities, resources and technical means; The voluntary checklist of practical actions for the implementation of the voluntary norms is essential to identify states’ needs and priorities.
International law: International law, including the UN Charter, applies to cyberspace; International humanitarian law applies to cyberspace, human rights must be upheld online; States need to uphold their due diligence duties; Peaceful settlement of disputes should be invested in.
Capacity building: Support for the UN Voluntary Fund to support capacity building in ICT and the Fund should give priority to activities such as the elaboration of national strategies, laws and regulations, ICT incident response and management, the protection of critical infrastructure and also the training and improvement of local expertise; Support for the Global ICT security cooperation and capacity building portal, a catalog of capacity building opportunities to serve as a voluntary self-assessment tool should be included, as well as a monthly overview of capacity building activities.
Confidence-building measures (CBMs): Expressed support for the Points of Contact (POCs) Directory and called for its operalisationRegular institutional dialogue: Supports the broadest possible participation of stakeholders in the future mechanism.
Nigeria
Threats: Highlighted threats like misinformation, disinformation, and election interference; State-led multistakeholder approach to address threats is needed; Stressed CERT-to-CERT cooperation, which would include regular vulnerability assessments and penetration testing; Capacity development for cybersec personnel in developing countries is needed.
Norms, rules and principles: The principle of responsible state behavior and a non-exhaustive list of norms in guiding cybersecurity should be upheld to consolidate transparency among states.
International law: The guiding principles of international law should be applicable to cyberspace; Territorial sovereignty of all member states is applicable in cyberspace; Due diligence is crucial in investigating the source of malicious cyber activities and it would prevent escalation of conflicts.
Capacity building: Capacity building should be specific and tailored to the peculiarities of recipients; Technical gaps could be bridged through workshops on best practices and scenario-based discussions; Capacity building should foster local technological innovation to promote sustainability and reduce reliance on external support; Support for the UN Voluntary Fund to support capacity building in ICT.
Confidence-building measures (CBMs): Translating CBMs into concrete actions that are implemented by all states is neededRegular institutional dialogue: N/A
Senegal
Threats: N/A
Norms, rules and principles: N/A
International law: International humanitarian law (IHL) applies to cyber operations in the context of armed conflict, particularly its principles of military necessity and humanity, distinction, proportionality and precaution; Rules of IHL must be respected even when conducting cyber operations that would not qualify as an ‘attack’; The definition of a cyberattack in the sense of IHL needs to be clarified.
Capacity building: A multi-partite approach taking into account developing countries and a better understanding of their needs in terms of capacity building is necessary; developing positions on cyber attacks that target national infrastructure must be supported.
Confidence-building measures (CBMs): N/ARegular institutional dialogue: Non-state stakeholders should participate as they did until now (voice not a vote principle); The mechanism should have three thematic groups suggested by the African group (1. Threats, 2. International law and norms, 3. Capacity building).
Sierra Leone
Threats: N/A
Norms, rules and principles: N/A
International law: N/A
Capacity building: Building cyber-resilience in harnessing ICT infrastructure through partnership and cooperation at all levels will benefit the least developed countries.
Confidence-building measures (CBMs): N/A
Regular institutional dialogue: Priorities for the future mechanism should be: advancing adherence to agreed norms, adherence to international laws fostering CBMs, and promoting capacity-building initiatives.
Togo
Togo didn’t address any of the six issues of the OEWG’s mandate, but took the floor to express support for the OEWG and share national experiences.
