GCSCC Convenes AI Cybersecurity Readiness Workshop with South African Stakeholders

On 19 November 2025, the GCSCC in collaboration with the South Africa’s Council for Scientific and Industrial Research (CSIR) convened a hybrid workshop on strengthening national artificial intelligence (AI) cybersecurity. The event at CSIR in Pretoria brought together policymakers, researchers, industry leaders, and cybersecurity practitioners from across South Africa’s digital ecosystem.

Utilising the GCSCC's prototype National AI Cybersecurity Readiness Metric, participants discussed how AI is impacting national digital systems and introducing new risks and opportunities, and provide feedback on the tool. Key topics of discussion included challenges associated with balancing AI enthusiasm with considerations of risk, difficulties communicating AI risks and controls to non-technical audiences, how to achieve alignment between AI and cybersecurity policy processes and concerns related to data localisation and technological agency. 

Throughout these discussions, stakeholders were encouraged to reflect on the draft Metric indicators and share their reflections on how the tool could be advanced. In conjunction with findings from other workshops and trials, these insights will now be used by the GCSCC research team to refine and strengthen the Metric in the ongoing drafting process. Notable reflections included the need to develop a tool that was applicable to both developed and emerging economies, and effective means of measuring national-level indicators included in the Metric. 

The GCSCC and CSIR look forward to ongoing collaboration with South African stakeholders and to supporting the country’s leadership in shaping responsible, secure, and inclusive AI deployment.

The National AI Cybersecurity Readiness Metric 

The National AI Cybersecurity Readiness Metric is being developed to enable nations to benchmark their existing AI readiness and provide an evidence base for future AI cybersecurity decision making.

It covers 10 key areas of a country’s AI cybersecurity readiness, including:

• National cybersecurity strategy and governance
• Regulatory and policy responses to AI risks
• Incident detection and response capabilities
• Standards development and the cybersecurity marketplace
• Organisational risk-control practices
• Public awareness, behaviours, and digital trust
• Cybersecurity education, workforce development, and professional training
• The roles of law enforcement and criminal justice
• National resilience in the face of AI-driven disruptions. 

This tool will meet a growing demand from nations to better understand how they should manage AI cybersecurity risks and opportunities in a fast-evolving global digital landscape. 

Having conducted trials and workshops in Mongolia, Cyprus and Mexico, the GCSCC is undertaking consultations with cybersecurity experts from around the world to collect further insights from diverse regions. This consultative process is designed to help ensure that the Metric reflects the needs of the broader international community and is thus applicable in various national contexts. 

For more information visit the Metric webpage.