A national cyber incident response team is now live. The real test is what comes next.
On 7 March 2026, Prime Minister Hamza Abdi Barre officially stood up the Somalia Computer Incident Response Team (SOMCIRT). For a country still laying the groundwork for its digital economy, it’s a genuine milestone. Cybersecurity is finally being treated as a national priority rather than something to sort out later.
SOMCIRT operates under the National Communications Authority and is responsible for coordinating prevention, detection and response to cyber incidents across Somalia. It follows a national cybersecurity law passed in January which itself came off the back of a 2025 breach of Somalia’s e-visa platform that compromised thousands of personal records. The NCA has also inked an MOU with CyberSecurity Malaysia to roll out a national certification program, with SIMAD University hosting the local chapter.
This is exactly the kind of groundwork a developing digital economy needs to get right early.
The Honest Questions
Standing up a CSIRT and actually running one are two very different things. Somalia’s structural challenges don’t disappear because a new institution exists, there’s a thin bench of trained cybersecurity professionals, digital infrastructure that’s still patchy in parts of the country, and a public sector that is, frankly, still finding its feet on basic connectivity.
The capacity questions are real. Who is staffing SOMCIRT on a day-to-day basis? What does the incident reporting process actually look like for a private company that gets hit? How does the team coordinate with international partners when a cross-border threat lands? These aren’t gotcha questions they’re the operational basics every new CSIRT has to work through. The sooner there are public answers, the more credible the institution becomes.
The cybersecurity law itself also needs to be more than a document. A nine-member committee sounds tidy on paper but committees without proper resourcing and clear enforcement powers tend to stall. That’s worth watching closely.
The Private Sector Cannot be an Afterthought
Somalia’s real digital growth is happening outside government in fintech, telecoms and a startup ecosystem moving faster than most outsiders realise. There is currently no clear framework for how these businesses engage with SOMCIRT. That’s a gap worth fixing fast.
Somalia’s growing community of local IT and cybersecurity firms already understand the environment and are doing the work on the ground. Bringing them formally into the national cyber resilience framework would build capability far faster than constructing everything centrally from scratch.
What Needs to Happen Next
A few things will determine whether SOMCIRT becomes genuinely effective or just another announcement:
Local talent needs serious investment, now. The SIMAD certification program is a decent start but it needs to scale, and Somalia needs to create conditions where those graduates actually want to stay and build careers locally rather than head offshore.
A clear, public incident reporting framework needs to be published. Private businesses need to know how to engage with SOMCIRT. Without that, the team ends up siloed inside government and disconnected from where a lot of the real risk sits.
The private sector needs to be brought into the tent. Somalia’s fintech and telecoms industries are operating in a genuinely high-risk environment. SOMCIRT’s remit has to go beyond government institutions; threats certainly don’t stop at that boundary.
Donor dependency is a long-term vulnerability. External support is fine in the short term but Somalia needs its own budget lines for cybersecurity. Institutions built entirely on foreign funding have a habit of hollowing out the moment priorities shift elsewhere.
None of that is meant to take the shine off what’s been done. Building this kind of institution, in these conditions, is hard work and Somalia is further along than a lot of people expected. The foundation is solid. What matters now is whether the follow-through matches it.
