The Cyber Security Authority says it has commenced processes
to start licensing cybersecurity providers, cybersecurity establishments and
the accreditation of cybersecurity professionals.
This move according to the acting Director General-CSA, Dr.
Albert Antwi-Boasiako, forms part of efforts to collaborate with government to enhance
Ghana’s cyber resilience amid the increasing rate of cybercrimes worldwide.
Speaking at a public consultation on the licensing and
accreditation framework, Dr. Albert Antwi-Boasiako, explained that the move is
necessary to ensure cybersecurity service providers offer their services in
accordance with approved standards and procedures in line with industry best
practices.
He went on to say that the engagement is meant to solicit
inputs from industry players before the framework is submitted to the o CSA
board for approval, which is expected to happen before end of the year for full
implementation in January 2023.
This, Dr. Antwi-Boasiako believes would build confidence in
this emerging profession and create more opportunities for skills acquisition,
training and development in this critical sector “for our use and to meet the
critical skills-shortage in this sector globally”.
Presenting the draft framework during the public engagement
that saw about 100 cybersecurity professionals in attendance, Functional
Lead-Legal and Compliance at the CSA, Madam Jennifer Mensah, said despite
digital transformation generating a lot of prosperity and wealth for the world
economy, cybercrime has increased at a greater rate.
“The work of cybersecurity establishments, cybersecurity
service providers and cybersecurity professionals has been very, very important
in securing our digital critical infrastructure and digital services. However,
there are some concerns that there may be certain cybersecurity service
providers, cybersecurity establishments and professionals who may be less
credible and less competent, adopting substandard processes in rendering
services to the detriment of Ghana’s digital economy. Hence the need for
licencing and accreditation to regulate the industry’s intrusive nature,” she
stated.
“National security considerations are driving regulations in
the sector, demanding that all these stakeholders are in good standing.
Therefore, there is a need for government to regulate the sector through the
Cyber Security Authority to ensure compliance,” she added
Meanwhile, a directive for the Protection of Critical
Information Infrastructures (CIIs) was launched by the Authority on October 1,
2021 to assist CII owners in registering with the Authority and guide them to
protect their critical systems.
And, according to Deputy Communications and Digitalisation
Minister Ama Pomaa Boateng during her address at the National Cyber Security
Awareness Month launched earlier this week, from January 2023 all Critical
Information Infrastructure Owners, whether in the private sector or public
institutions, will be required to undergo mandatory compliance checks and
audits to ensure the protection of Ghana’s critical systems.
“This audit and compliance action will be in line with
regulations aimed at reinforcing the resilience and response capacities of
these institutions against cyber-threats and incidents, as well as to ensuring
a resilient, secure economy. This will help protect our critical systems from
rising malicious cyber activities in the global landscape. They are also
important to assess the adequacy and effectiveness of controls/measures put in
place to meet requirements of the law,” she said.
Designated CII owners who fail to comply with the regulatory
measures to protect the country ‘s critical databases and systems will be
sanctioned in accordance with the Cybersecurity Act, she added
The Cyber Security Authority says it has commenced processes
to start licensing cybersecurity providers, cybersecurity establishments and
the accreditation of cybersecurity professionals.
This move according to the acting Director General-CSA, Dr.
Albert Antwi-Boasiako, forms part of efforts to collaborate with government to enhance
Ghana’s cyber resilience amid the increasing rate of cybercrimes worldwide.
Speaking at a public consultation on the licensing and
accreditation framework, Dr. Albert Antwi-Boasiako, explained that the move is
necessary to ensure cybersecurity service providers offer their services in
accordance with approved standards and procedures in line with industry best
practices.
He went on to say that the engagement is meant to solicit
inputs from industry players before the framework is submitted to the o CSA
board for approval, which is expected to happen before end of the year for full
implementation in January 2023.
This, Dr. Antwi-Boasiako believes would build confidence in
this emerging profession and create more opportunities for skills acquisition,
training and development in this critical sector “for our use and to meet the
critical skills-shortage in this sector globally”.
Presenting the draft framework during the public engagement
that saw about 100 cybersecurity professionals in attendance, Functional
Lead-Legal and Compliance at the CSA, Madam Jennifer Mensah, said despite
digital transformation generating a lot of prosperity and wealth for the world
economy, cybercrime has increased at a greater rate.
“The work of cybersecurity establishments, cybersecurity
service providers and cybersecurity professionals has been very, very important
in securing our digital critical infrastructure and digital services. However,
there are some concerns that there may be certain cybersecurity service
providers, cybersecurity establishments and professionals who may be less
credible and less competent, adopting substandard processes in rendering
services to the detriment of Ghana’s digital economy. Hence the need for
licencing and accreditation to regulate the industry’s intrusive nature,” she
stated.
“National security considerations are driving regulations in
the sector, demanding that all these stakeholders are in good standing.
Therefore, there is a need for government to regulate the sector through the
Cyber Security Authority to ensure compliance,” she added
Meanwhile, a directive for the Protection of Critical
Information Infrastructures (CIIs) was launched by the Authority on October 1,
2021 to assist CII owners in registering with the Authority and guide them to
protect their critical systems.
And, according to Deputy Communications and Digitalisation
Minister Ama Pomaa Boateng during her address at the National Cyber Security
Awareness Month launched earlier this week, from January 2023 all Critical
Information Infrastructure Owners, whether in the private sector or public
institutions, will be required to undergo mandatory compliance checks and
audits to ensure the protection of Ghana’s critical systems.
“This audit and compliance action will be in line with
regulations aimed at reinforcing the resilience and response capacities of
these institutions against cyber-threats and incidents, as well as to ensuring
a resilient, secure economy. This will help protect our critical systems from
rising malicious cyber activities in the global landscape. They are also
important to assess the adequacy and effectiveness of controls/measures put in
place to meet requirements of the law,” she said.
Designated CII owners who fail to comply with the regulatory
measures to protect the country ‘s critical databases and systems will be
sanctioned in accordance with the Cybersecurity Act, she added.
