In April 2026, Mozambique’s parliament unanimously passed a new Cybersecurity Law, establishing the National Institute of Information and Communication Technology (INTIC) as the country’s National Cyber Security Authority and creating a new National Cyber Security Council to coordinate policy across government.
Now, INTIC is working with Finland to build the next layer: aNational CyberSecurity Strategy for 2026-2030 that specifically addresses AI-enabled threats and increasingly sophisticated cyberattacks.
The strategy is being fast-tracked. Mozambique presented its progress at the C-Days 2026 conference in Portugal, where INTIC Chairman Prof. Lourino Chemane outlined what the country has built in the past year: a functioning national Computer Security Incident Response Team (CSIRT), sectoral CSIRTs covering health, energy, agriculture, and education, andtraining partnerships with Portugal’s National Cybersecurity Centre and the European Union’s TAIEX programme.
How did we get here: Mozambique’s first national cybersecurity policy was only published in 2021. In February 2022, hackers attacked more than 30 government websites in the country’s first major coordinated cyberattack. The episode exposed exactly how exposed critical infrastructure was, and accelerated the governance reforms now bearing fruit.
Three years later, Mozambique has a cybersecurity law, a regulatory authority, incident response teams across multiple sectors, and a strategy under development. That’s a meaningful arc for a country that had almost none of this infrastructure four years ago.
Mozambique is also developing a separate National AI Strategy covering education, health, agriculture, energy, and finance, with technical completion targeted for June 2026 and support from the United Nations Educational, Scientific and Cultural Organisation (UNESCO), the International Telecommunication Union (ITU), the European Union, the African Union, and the World Bank.