Cybersecurity service providers, professionals to be licensed

 

The Cyber Security Authority says it has commenced processes to start licensing cybersecurity providers, cybersecurity establishments and the accreditation of cybersecurity professionals.

This move according to the acting Director General-CSA, Dr. Albert Antwi-Boasiako, forms part of efforts to collaborate with government to enhance Ghana’s cyber resilience amid the increasing rate of cybercrimes worldwide.

Speaking at a public consultation on the licensing and accreditation framework, Dr. Albert Antwi-Boasiako, explained that the move is necessary to ensure cybersecurity service providers offer their services in accordance with approved standards and procedures in line with industry best practices.

He went on to say that the engagement is meant to solicit inputs from industry players before the framework is submitted to the o CSA board for approval, which is expected to happen before end of the year for full implementation in January 2023.

This, Dr. Antwi-Boasiako believes would build confidence in this emerging profession and create more opportunities for skills acquisition, training and development in this critical sector “for our use and to meet the critical skills-shortage in this sector globally”.

Presenting the draft framework during the public engagement that saw about 100 cybersecurity professionals in attendance, Functional Lead-Legal and Compliance at the CSA, Madam Jennifer Mensah, said despite digital transformation generating a lot of prosperity and wealth for the world economy, cybercrime has increased at a greater rate.

“The work of cybersecurity establishments, cybersecurity service providers and cybersecurity professionals has been very, very important in securing our digital critical infrastructure and digital services. However, there are some concerns that there may be certain cybersecurity service providers, cybersecurity establishments and professionals who may be less credible and less competent, adopting substandard processes in rendering services to the detriment of Ghana’s digital economy. Hence the need for licencing and accreditation to regulate the industry’s intrusive nature,” she stated.

“National security considerations are driving regulations in the sector, demanding that all these stakeholders are in good standing. Therefore, there is a need for government to regulate the sector through the Cyber Security Authority to ensure compliance,” she added

Meanwhile, a directive for the Protection of Critical Information Infrastructures (CIIs) was launched by the Authority on October 1, 2021 to assist CII owners in registering with the Authority and guide them to protect their critical systems.

And, according to Deputy Communications and Digitalisation Minister Ama Pomaa Boateng during her address at the National Cyber Security Awareness Month launched earlier this week, from January 2023 all Critical Information Infrastructure Owners, whether in the private sector or public institutions, will be required to undergo mandatory compliance checks and audits to ensure the protection of Ghana’s critical systems.

“This audit and compliance action will be in line with regulations aimed at reinforcing the resilience and response capacities of these institutions against cyber-threats and incidents, as well as to ensuring a resilient, secure economy. This will help protect our critical systems from rising malicious cyber activities in the global landscape. They are also important to assess the adequacy and effectiveness of controls/measures put in place to meet requirements of the law,” she said.

Designated CII owners who fail to comply with the regulatory measures to protect the country ‘s critical databases and systems will be sanctioned in accordance with the Cybersecurity Act, she added

The Cyber Security Authority says it has commenced processes to start licensing cybersecurity providers, cybersecurity establishments and the accreditation of cybersecurity professionals.

This move according to the acting Director General-CSA, Dr. Albert Antwi-Boasiako, forms part of efforts to collaborate with government to enhance Ghana’s cyber resilience amid the increasing rate of cybercrimes worldwide.

Speaking at a public consultation on the licensing and accreditation framework, Dr. Albert Antwi-Boasiako, explained that the move is necessary to ensure cybersecurity service providers offer their services in accordance with approved standards and procedures in line with industry best practices.

He went on to say that the engagement is meant to solicit inputs from industry players before the framework is submitted to the o CSA board for approval, which is expected to happen before end of the year for full implementation in January 2023.

This, Dr. Antwi-Boasiako believes would build confidence in this emerging profession and create more opportunities for skills acquisition, training and development in this critical sector “for our use and to meet the critical skills-shortage in this sector globally”.

Presenting the draft framework during the public engagement that saw about 100 cybersecurity professionals in attendance, Functional Lead-Legal and Compliance at the CSA, Madam Jennifer Mensah, said despite digital transformation generating a lot of prosperity and wealth for the world economy, cybercrime has increased at a greater rate.

“The work of cybersecurity establishments, cybersecurity service providers and cybersecurity professionals has been very, very important in securing our digital critical infrastructure and digital services. However, there are some concerns that there may be certain cybersecurity service providers, cybersecurity establishments and professionals who may be less credible and less competent, adopting substandard processes in rendering services to the detriment of Ghana’s digital economy. Hence the need for licencing and accreditation to regulate the industry’s intrusive nature,” she stated.

“National security considerations are driving regulations in the sector, demanding that all these stakeholders are in good standing. Therefore, there is a need for government to regulate the sector through the Cyber Security Authority to ensure compliance,” she added

Meanwhile, a directive for the Protection of Critical Information Infrastructures (CIIs) was launched by the Authority on October 1, 2021 to assist CII owners in registering with the Authority and guide them to protect their critical systems.

And, according to Deputy Communications and Digitalisation Minister Ama Pomaa Boateng during her address at the National Cyber Security Awareness Month launched earlier this week, from January 2023 all Critical Information Infrastructure Owners, whether in the private sector or public institutions, will be required to undergo mandatory compliance checks and audits to ensure the protection of Ghana’s critical systems.

“This audit and compliance action will be in line with regulations aimed at reinforcing the resilience and response capacities of these institutions against cyber-threats and incidents, as well as to ensuring a resilient, secure economy. This will help protect our critical systems from rising malicious cyber activities in the global landscape. They are also important to assess the adequacy and effectiveness of controls/measures put in place to meet requirements of the law,” she said.

Designated CII owners who fail to comply with the regulatory measures to protect the country ‘s critical databases and systems will be sanctioned in accordance with the Cybersecurity Act, she added.

431 cyber security incidents in third quarter of 2022

 

The acting Director General of the Cyber Security Authority (CSA), Dr. Albert Antwi-Bosaiako says Ghana recorded 431 cybersecurity incidents out of a total of 9,769 contacts at the end of the third-quarter of 2022. 

Dr. Antwi-Boasiako made this statement at the launch of the National Cyber Security Awareness Month (NCSAM) on Monday, 3 October 2022 in Accra, and further said the top-five most reported incidents include online fraud, unauthorized access to protected systems, online blackmail, online impersonation and publication of non-consensual intimate images.

“Most of these attacks are perpetrated through social media using social engineering and phishing techniques. Lack of awareness on cyber risks as well as inadequate cybersecurity control measures are the main vulnerabilities being exploited by perpetrators,” he stated.

He added that, of the total number, 5,389 of the attacks are classified as direct advisories, a situation Dr. Antwi-Boasiako explains: “It means that over 5,000 incidents which could have caused various degrees of loss to victims were prevented and various amounts of money saved”.

Touching on collaborations, Dr. Antwi-Boasiako acknowledged that cybercrimes and cybersecurity-related matters are borderless and thus local and international collaborations are paramount in tackling them.

He added that, heightening collaborations with various stakeholders will play a significant role in ensuring the CSA executes its mandate successfully.

And it is for this reason that the Authority is committed to working closely with the Joint Cybersecurity Committee (JCC), which was inaugurated in July this year in accordance with sections 13 and 14 of Act 1038 for the implementation of effective cybersecurity measures, he stated.

Touching on this year’s NCSAM on the theme ‘Regulating Cybersecurity: A Public-Private Sector Collaborative Approach’, he said the multifaceted nature of cybersecurity requires collaborative efforts to ensure security of the country’s cyberspace.

“The nature of cyberspace and associated technologies, including the internet, requires international collaboration for effective responses to cybersecurity incidents. Consequently, this year’s celebration is to highlight the need for such collaborations and encourage the needed partnerships as we implement Act 1038,” he stated.

He, therefore, implored stakeholders to honour their obligation to invest in cybersecurity, saying: “It is my expectation that organisations will dedicate a minimum of between 15 percent and 25 percent of their ICT budget to cybersecurity if we are to make any meaningful and sustainable progress in addressing our cybersecurity challenges”.

According to the World Economic Forum, cybercrime cost the world at least US$6trillion in 2021 and could lead to over US$10trillion in annual damages by 2025. Research by IBM also indicates that it takes 280 days to find and contain the average cyberattack, while the average attack costs US$3.86million.

On her part, the Deputy Communications and Digitalisation Minister, Ama Pomaa Boateng who represented sector minister Ursula Owusu-Ekuful, expressed the ministry’s commitment to full enforcement of the Cybersecurity Act.

The ministry, she further noted, is committed to NCSAM and urges the public-private sector institutions and Civil Society Organisations to participate fully in the activities this October by organising awareness programmes for their stakeholders and constituents.

Penplusbytes to host CSOs and government agencies on social protection in Ghana

 

Poor governance, weak institutions, systemic corruption, and inadequate budgetary allocation make access to health and education services in Ghana a critical problem especially for vulnerable groups. In a bid to build an informed citizenry who are equipped with the appropriate digital tools to demand better service delivery within the framework of political and social accountability, Penplusbytes, is organizing a one-day Social Accountability & Economic Justice Clearing Platform forum scheduled for 23^rd August 2022 at the AITI-Kofi Annan Centre of Excellence at Ridge, Accra. 

The forum forms part of the implementation of Penplusbytes’ 2-year “HERE (Health, Education, Resource Equity) and Now” Project, which seeks to equip ordinary citizens with usable information via the #ShortChanged mobile app mashed-up with social media to promote their purposeful participation in demanding accountability and responsiveness from decision makers for effective public service delivery. The project is being implemented in Ghana and Mali in partnership with ID-Sahel in Mali and funded by the Open Society Initiative for West Africa (OSIWA).

This forum is aimed at increasing the contribution of civil society in promoting accountability by state and public service providers through mandated representation and advocacy on health and education issues which are of great concern to citizens and has impact on their social lives.

The forum will provide the opportunity for social accountability actors to come out with common issues for a concerted advocacy on better service delivery in the selected social intervention policies by government. 

According to Mr. Jerry Sam, the Executive Director of Penplusbytes, “the stakeholder Clearing Platform on Social Accountability will discuss the existing social accountability approaches and their associated advantages and challenges as well as the role of ICT tools in facilitating social accountability.”

“Key outcomes of the meeting include sensitization of stakeholders on the level of implementation of the selected policies, finding solutions to challenges and gaps identified in the implementation of social protection policies in Ghana and garnering support in the drive to ensure there is value for money in the implementation of the various policies”, Mr. Sam added.

The event will bring together Ministries, Agencies, Departments, and other civil society organizations in the social accountability space.

 

###

About Penplusbytes

Established in 2001, Penplusbytes is a leading organization in Africa working in 4 areas: governance and accountability, new media and innovations; the extractive sector as well as Climate Change and wellbeing. Our vision is to be the leading institution for promoting effective governance using technology in Africa which is anchored on our mission of promoting effective governance by deploying technology that enhances participation.

About ID Sahel

Birthed in the year 2000, has produced achievements with increasing returns and impact in the following areas: Democratic Governance, Sustainable Management of Natural Resources, Rural Development and Integrated Management, and Vocational Training.

About OSIWA

The Open Society Initiative for West Africa is active in 10 countries in the region (Benin, Cote d’Ivoire, Ghana, Guinea, Liberia, Mali, Niger, Nigeria, Senegal, and Sierra Leone) and focuses on law, justice and human rights, and economic and political governance. The initiative pursues the development of open societies by supporting and building partnerships with local and regional groups that promote inclusive democratic governance, transparency and accountability, and active citizenship.

 

21 years of Catalysing Innovations across Networks and Communities

 

Let’s use a time machine and travel back to the year 2001. When we leave the machine, we enter a world in which smartphones do not yet exist. Windows XP has just been launched and a first iTunes Version is on the market. Journalists also still pretty much rely on notes, pencils, big camera equipment and libraries.

That is the environment when on 18^th of July, 2001 a group of young Ghanaians formed Penplusbytes. Initially, it was dubbed “International Institute of ICT Journalism”.

Nowadays, 21 years later, the approach is much broader. Our mission is to promote effective governance by deploying technology that enhances participation. One of the best examples for that is our newly built App “Shortchanged” (downloadable on Google Play and Apple Store). It seeks to create awareness about selected policies in the health and education sectors in Ghana and Mali and provide spaces for citizens to report on their experiences with each policy.

Simply, citizens get to know what their tax money is used for and can easily add their voices through online surveys and maybe shape the next policy with their experiences.

Let’s celebrate and look forward to our next innovative projects. We cannot be where we are now without our partners, clients and the ever-thriving team and management here at Penplusbytes. We say Ayekoo to us all!!

Penplusbytes has turned 21 and we are still counting.

Corruption in Ghana - People's Experiences & Views

 Corruption in Ghana - People's Experiences & Views

The next time you talk to a public officer, it is quite probable he/she got his/her job as a result of nepotism or bribery.

“The threat posed by corruption to our future is so obvious and frightening," Supreme Court Judge, Yoni Kulendi said on Thursday, July 20, 2022 during the release of the survey; “Corruption in Ghana – People’s Experiences and Views.”

To launch the report, the United Nations Office on Drugs and Crime in Ghana (UNODC), the Commission on Human Rights and Administrative Justice (CHRAJ) and other stakeholders invited media and interested personnel to the Best Western Airport Hotel in Accra.

Ghana officially adopted its National Anti-Corruption Action Plan in 2014. To contribute to its efficiency, the Ghana Statistical Service partnered with UNODC and questioned 15,000 respondents across the country on their experiences with bribery and corruption.

In the morning of the launch date, the Penplusbytes Team had packed its cameras and other equipment to livestream the event on social media and engage online audiences. Journalists from various news stations were also present and focused their cameras on Government Statistician, Professor Samuel Kobina Anim who delivered key findings from the survey. 

According to Prof. Anim, Ghana had lost more than GHC5 billion in bribes; the survey findings indicated.

Corruption was also most prevalent among the Ghana Police Service than any other state institution.

Interestingly, 1 out of every 4 Ghanaians paid a bribe in 2021.

The report also focused on bribery taking into consideration gender parities, revealing, that almost three percent of women are asked for sexual favors in exchange for government services.

Meanwhile, male officials are more likely to ask for bribes than their female counterparts.

UNODC in Ghana hopes to strengthen government actions against corruption with this new scientific foundation.