Kingdom
Cybersecurity: Moroccan Startups Take the Front Line
Amid Rising Cyberthreats, a New Ecosystem of Moroccan Startups Emerges to Tackle the Digital Era’s Greatest Challenges. Balancing Local Innovation, Digital Sovereignty, and Regional Opportunities, Network and IT Security Becomes a Strategic Frontier for Morocco’s Tech Entrepreneurship.
Phishing, ransomware, DDoS attacks, mass data leaks… Cyberattacks are no longer abstract threats. They have become a daily reality for businesses, government agencies, and even individuals. Morocco is no exception to this global trend.
On the contrary: as the country accelerates its digital transformation (digitized public services, booming fintech, thriving e-commerce), its exposure to cyber risks is expanding dangerously.
As Salwa Harif, CEO of Issroad, notes, “Morocco has seen a significant rise in cyberthreats, with over 52 million incidents recorded in 2023. Major attacks, such as the one targeting CNSS in April 2025, exposed sensitive data belonging to millions of citizens and businesses.”
According to recent data from the General Directorate of Information Systems Security (DGSSI), cyber incidents in the Kingdom have sharply increased in recent years. The targets? Businesses, of course, but also local governments, hospitals, and critical infrastructure operators.
While the state has bolstered its regulatory framework—notably with Cybersecurity Law 05-20—operational responses remain largely underdeveloped. In this context, Harif emphasizes that “the country has launched the National Cybersecurity Strategy 2030, focused on governance, resilience, skills development, and international cooperation.”
A Still-Untapped Field
The paradox is clear: cybersecurity needs are exploding, but Morocco’s ecosystem remains nascent. Large companies often rely on costly foreign solutions that may be ill-suited to local contexts. SMEs struggle to access effective tools due to limited budgets or awareness. Meanwhile, skilled talent remains scarce and highly sought-after internationally.
It is in this gap that several Moroccan startups are stepping in, determined to offer innovative, accessible, and sovereign alternatives. Among them, Cypherleak stands out as a pioneer. Founded by Amine Belarbi, this startup specializes in monitoring the “dark web” and early detection of data leaks.
Its core mission? Alerting businesses in real time when their sensitive information circulates in obscure digital spaces. This proactive approach has already attracted major clients in Morocco and the Middle East.
Another key player is Issroad, a startup offering a full range of services—from cybersecurity governance to managed solutions—tailored to SMEs and international groups, with a focus on ransomware and data leak protection.
A Strategic Challenge and Regional Opportunity
Beyond technological innovation, these startups are carving out a strategic position. In a geopolitical landscape marked by digital sovereignty concerns, developing local cybersecurity solutions has become imperative.
“Morocco cannot rely solely on foreign providers to protect its critical data,” explains a digital governance expert. Startups offer agile, context-specific responses, often outpacing industry giants.
The prospects extend beyond borders. With a shortage of African solutions, Morocco could become a regional cybersecurity hub. West African and Maghreb markets—facing similar challenges—represent natural expansion grounds for Moroccan startups that scale effectively.
The needs are vast: protecting public institutions, securing financial transactions, industrial cybersecurity… “The market exists, but trust between clients, stakeholders, and Moroccan solution providers still needs to be built,” cautions Harif. “We currently lack mature enough players to appear in international benchmarks like Gartner.”
Tamwilcom, Technopark, and Mohammed VI Polytechnic University (UM6P) are increasingly supporting cybersecurity projects. Specialized hackathons, technical bootcamps, and training programs are addressing the skills shortage.
Incubators, Hackathons, and Calls for Projects
Moroccan ethical hacker collectives are mobilizing to raise public awareness and share protective tools. Through social media, technical forums, and online workshops, a community-driven cybersecurity culture is beginning to take root—a fertile ground for entrepreneurship.
“The challenge? Accessing public and private markets, forging strategic partnerships, and making cybersecurity careers appealing to young talent. Synergy between large corporations, public institutions, and startups is critical to building lasting digital sovereignty,” insists Hicham Chiguer, President of AUSIM.
A major question remains: How will these startups scale? Cybersecurity is a complex market—technical, regulated, and trust-dependent. To succeed, startups must innovate while demonstrating reliability, resilience, and strong partnerships with public and private actors.
“By the end of 2025, sector revenues are projected to reach $146 million, according to Statista,” says Harif. “But investments remain minimal, often limited to basic antivirus and firewalls. No follow-up, no patching, no awareness… Leaders frequently underestimate risks and view cybersecurity spending as unproductive.”
Morocco’s tech ecosystem now has a role to play. By entering the cybersecurity arena, local startups are not merely riding a trend—they are joining a strategic battle for the nation’s digital resilience. And perhaps, tomorrow, for that of an entire continent.
