Fighting Cybercrime in Morocco: Achievements and Some Challenges {By Prof. Youssef BENTALEB, Moroccan Centre for Polytechnic Research and Innovation}

Cybercrime, the phenomenon that does not believe in geographical boundaries, threatens every country in the world. Today it poses a major threat to the stability of all states, as it feeds on the fruits of the exponential evolution of information and communications technology, such as the Internet. The Internet has become an essential means of economic development and social transformation.

This is the case in Morocco as in most countries that have opted for economic openness and transformation towards an information and communications society. Threatened by the phenomenon of cybercrime, Morocco is also aware of the duality of the need for digital transformation and cyber risk. Therefore, a decade ago, the country implemented a national cybersecurity and information systems security strategy fostering the transformation towards a digital economy and towards an information and communications society. Several organisational and regulatory projects in digital affairs were carried out to promote this strategic choice. This translated to the creation of suitable new organisations, namely the Moroccan Directorate General for Information Systems Security (DGSSI) and the Moroccan Computer Emergency Response Team (maCERT) under the direction of the Moroccan National Defence Administration, regional laboratories for digital and anti-cybercrime trace analysis under the Moroccan Directorate General for National Security (DGSN), and in terms of personal data protection, within the framework of the Digital Morocco strategic plan, implementation of the Moroccan National Commission for Personal Data Protection Monitoring (CNDP), not forgetting the role of the Moroccan National Agency for Telecommunications Regulation (ANRT) which is an authority with close relationships with telecommunications operators and Internet access providers.

On a regulatory level, Morocco has updated the wording of its laws, especially the penal code, and has implemented new decrees and laws regarding digital regulation such as Law 53-05 regarding electronic exchange of legal data and Law 09-08 regarding automated processing of personal data. It has also ratified international conventions on fighting cybercrime and terrorism via technological means of communications, such as the Budapest Convention on Cybercrime.

The fight against cybercrime requires certification of human skills in analysing and understanding advanced coding, programming and information technology development techniques. For this reason, Morocco has organised several training courses for engineers and Master’s programmes at its universities and engineering schools to train information systems cybersecurity managers.

The fight against cybercrime also certainly involves raising awareness among Internet users and providing continuing education to information systems security managers. Noting this, the Moroccan Centre for Polytechnic Research and Innovation (CMRPI), under the aegis of the Moroccan Ministry of Industry, Commerce, Investment and Digital Economy, has implemented a broad four-year awareness-raising campaign: the Moroccan National Campaign to Fight Cybercrime (CNLCC 2014-2017). This campaign is the first such experiment of its scale in Africa. Its objective is to establish a culture of secure use and good cybersecurity practice in Moroccan society. It targets the public and private sectors as well as citizens belonging to different age groups.

Despite all efforts made in Morocco to fight cybercrime and build digital trust, much work has yet to be done and many efforts have yet to be made to master the phenomenon and involve all elements of society in this digital « war. » The private sector and the Moroccan economic fabric in general, especially SMEs and very small enterprises, have been found to continue to lag somewhat behind in terms of strategy, training and awareness-raising around cybersecurity. This is due to multiple factors related not only to the budgets assigned to information systems security and personal/professional data protection, but also to the lack of a cybersecurity culture.

For more information:

http://www.cmrpi.ma

http://www.cmrpi.ma/cnlcc-2016/CNLCC2016.html

Prof. Youssef Bentaleb is Director of the Moroccan National Campaign to Fight Cybercrim and President of the Moroccan Centre for Polytechnic Research and Innovation (CMRPI)