This Policy Insights examines the lessons the AU can learn from the EU in the area of cyber governance. The AU has recently adopted one document in this respect, the 2014 Convention on Cyber Security and Personal Data Protection. This convention imposes obligations on signatories to establish legal, policy and regulatory measures to promote cybersecurity governance and control cybercrime. However, five years since its adoption, only 14 of 55 AU member states have signed it and seven have ratified it. In order for the convention to come into force it must be signed and ratified by a minimum of 15 states. The AU therefore needs to work with its members to encourage them to ratify the convention and establish the cyber legislation necessary to protect their citizens, while operating within the confines of the rule of law and respecting human rights.