[{"data":1,"prerenderedAt":70},["ShallowReactive",2],{"article-slug-mozambique-approves-new-national-cybersecurity-and-cybercrime-laws":3,"articles-index":-1},{"id":4,"slug":5,"headline":6,"title":7,"summary":8,"full_report":9,"twitter_post":10,"meta_description":11,"category":12,"severity":15,"entities":16,"cves":20,"sources":21,"events":42,"mitre_techniques":46,"mitre_mitigations":47,"d3fend_countermeasures":48,"iocs":49,"cyber_observables":50,"tags":51,"extract_datetime":58,"article_type":59,"impact_scope":60,"pub_date":25,"reading_time_minutes":69,"createdAt":58,"updatedAt":58},"e8f39ebe-e023-428f-98ca-896e135068cd","mozambique-approves-new-national-cybersecurity-and-cybercrime-laws","Mozambique Passes Sweeping Cybersecurity and Cybercrime Laws to Combat Rising Digital Threats","Mozambique Parliament Approves New National Cybersecurity and Cybercrime Legislation","Mozambique's Parliament, the Assembly of the Republic, has approved two landmark laws to establish a national cybersecurity framework and combat cybercrime. The legislation comes in response to a sharp increase in cyberattacks, with over 173,000 incidents recorded in 2024. The new framework will create a national regulatory authority, mandate specific security measures for both public and private sector entities, and introduce fines for non-compliance. The move is a significant step in securing the nation's digital infrastructure and aligning with international standards.","## Executive Summary\nThe Assembly of the Republic of Mozambique has passed two foundational pieces of legislation: the Cybersecurity Law and the Cybercrime Law. This legislative package is a direct response to the escalating cyber threats facing the nation, which saw 173,770 cyberattacks in 2024. The laws will establish a national cybersecurity regulatory body, impose security obligations on all public and private organizations, and create a penalty framework for non-compliance. This represents a major advancement in Mozambique's national strategy to build a secure and resilient digital ecosystem, protecting critical infrastructure, businesses, and citizens.\n\n---\n\n## Regulatory Details\nThe new legal framework introduces a comprehensive, top-down approach to national cybersecurity governance.\n\n*   **National Regulatory Authority:** The law provides for the creation of a new regulatory body responsible for supervising national cybersecurity. Its key functions will include issuing binding instructions, setting national cyber threat alert levels, and enforcing compliance.\n*   **Broad Applicability:** The laws apply to all public and private entities that use data communication networks within Mozambique. This ensures a wide scope covering government agencies, critical infrastructure operators, and commercial businesses.\n*   **Cybersecurity Fund:** A dedicated fund will be established to support the initiative. It will be financed through the state budget, as well as fees and fines collected under the new laws, ensuring resources are available for critical incident response.\n\n## Affected Organizations\n*   All government bodies and public sector institutions in Mozambique.\n*   All private sector companies operating in Mozambique, regardless of industry.\n*   Operators of critical national infrastructure (e.g., energy, telecommunications, finance).\n\n## Compliance Requirements\nThe new legislation imposes several key obligations on affected organizations:\n\n1.  **Technical and Organizational Security Measures:** Private sector entities will be legally required to adopt and implement appropriate security measures to protect their networks and data.\n2.  **Institutional Information Security Policy:** Organizations must establish and maintain a formal, documented information security policy.\n3.  **Cooperation with Regulatory Authority:** All entities must comply with instructions and directives issued by the new national cybersecurity authority.\n\n## Implementation Timeline\nWhile the laws have been approved by Parliament, the specific timeline for the establishment of the regulatory body and the enforcement of penalties has not yet been detailed. However, organizations are expected to begin preparing for compliance immediately.\n\n## Impact Assessment\nThe introduction of these laws will have a significant operational and financial impact on businesses in Mozambique. Organizations will need to invest in cybersecurity technologies, personnel, and processes to meet the new legal standards. This will likely drive demand for cybersecurity services and solutions within the country. While this presents a compliance burden, the long-term goal is to create a more stable and secure business environment, reducing the economic damage caused by cybercrime and enhancing trust in Mozambique's digital economy.\n\n## Enforcement & Penalties\nNon-compliance with the new regulations will result in financial penalties. The law specifies fines ranging from **one to 160 times the minimum wage** in the public sector. This penalty structure is designed to be scalable and applicable to organizations of different sizes. The regulatory authority will be empowered to levy these fines and conduct audits to ensure compliance.\n\n## Compliance Guidance\nOrganizations in Mozambique should take the following steps to prepare:\n\n1.  **Conduct a Gap Analysis:** Perform a comprehensive assessment of current security posture against internationally recognized frameworks like the NIST Cybersecurity Framework or ISO 27001. This will identify gaps that need to be addressed to comply with the new laws.\n2.  **Develop an Information Security Policy:** If one does not already exist, create a formal, board-approved information security policy that outlines the organization's commitment to security and defines roles and responsibilities.\n3.  **Budget for Security Investments:** Allocate budget for necessary security controls, such as firewalls, endpoint protection, employee training, and vulnerability management tools.\n4.  **Appoint a Security Lead:** Designate an individual or team responsible for overseeing the organization's cybersecurity program and acting as the point of contact for the new regulatory authority.","Mozambique's Parliament approves new national cybersecurity and cybercrime laws, establishing a regulatory authority and mandating security measures for all organizations to combat rising cyber threats. 🇲🇿 #Cybersecurity #Law #Regulation #Mozambique","The Parliament of Mozambique has approved new cybersecurity and cybercrime laws to create a national framework, establish a regulatory authority, and mandate security measures for public and private sectors.",[13,14],"Regulatory","Policy and Compliance","informational",[17],{"name":18,"type":19},"Assembly of the Republic of Mozambique","government_agency",[],[22,28,34,37],{"url":23,"title":24,"date":25,"friendly_name":26,"website":27},"https://techafricadaily.com/mozambique-parliament-approves-cybersecurity-and-cybercrime-laws-to-strengthen-digital-governance/","Mozambique Parliament Approves Cybersecurity and Cybercrime Laws to Strengthen Digital Governance","2026-04-17","TechAfrica Daily","techafricadaily.com",{"url":29,"title":30,"date":31,"friendly_name":32,"website":33},"https://clubofmozambique.com/news/mozambique-cyber-security-law-to-protect-the-state-257639/","Mozambique: Cyber security law to protect the State","2026-04-16","Club of Mozambique","clubofmozambique.com",{"url":35,"title":36,"date":31,"friendly_name":32,"website":33},"https://clubofmozambique.com/news/mozambique-records-173000-cyberattacks-and-1061-cybercrime-cases-in-2024-says-minister-257647/","Mozambique records 173,000 cyberattacks and 1,061 cybercrime cases in 2024, says minister",{"url":38,"title":39,"date":31,"friendly_name":40,"website":41},"https://www.ecofinagency.com/public-policy/1604-45378-mozambique-turns-to-eu-expertise-to-boost-cyber-defense-capabilities","Mozambique Turns to EU Expertise to Boost Cyber Defense Capabilities","Ecofin Agency","ecofinagency.com",[43],{"datetime":44,"summary":45},"2024","Mozambique recorded 173,770 cyberattacks and 1,061 related criminal cases, prompting the new legislation.",[],[],[],[],[],[52,53,54,55,56,57],"Mozambique","Cybersecurity Law","Regulation","Cybercrime","Government","Policy","2026-04-17T15:00:00.000Z","NewsArticle",{"geographic_scope":61,"countries_affected":62,"industries_affected":63,"other_affected":67},"national",[52],[56,64,65,66],"Critical Infrastructure","Finance","Telecommunications",[68],"All public and private organizations in Mozambique",4,1776444942596]