From Act to Action: Architecting a Resilient Cybersecurity Governance Framework for Sierra Leone

In an era of rapid digital transformation, the Republic of Sierra Leone stands at a critical juncture. The enactment of the Cybersecurity and Crime Act of 2021 and the establishment of the National Cybersecurity Coordination Centre (NCCC) have laid a foundational legislative and institutional groundwork. However, the transition from legal frameworks to tangible, resilient cybersecurity capabilities presents a formidable challenge. This article provides a comprehensive analysis of Sierra Leone's current cybersecurity landscape, identifying key vulnerabilities, institutional capacities, and strategic imperatives. By drawing on established international governance frameworks such as the NIST Cybersecurity Framework, ISO/IEC 27001, and the Cybersecurity Capacity Maturity Model for Nations (CMM), this article proposes a multi-layered, adaptive, and context- specific cybersecurity governance framework for Sierra Leone. The proposed framework emphasizes a whole-of-society approach, integrating public-private partnerships, fostering a vibrant cybersecurity workforce, and promoting a deeply ingrained culture of cyber awareness. It is argued that for Sierra Leone to fully harness the dividends of its digital future, it must move decisively from "Act" to "Action," architecting a governance model that is not merely compliant, but truly resilient.