Cybersecurity service providers will soon be issued licenses to be able to operate within the Ghanaian jurisdiction. This is in line with Section 49 of the Cybersecurity Act 2020, which mandates the licensing of all cybersecurity service providers.
Hon. Ursula Owusu-Ekuful, the Minister of Communications and Digitalisation, said the licensing would ensure that there is sanity within the industry in terms of capabilities and acceptable ways of conducting such sensitive services in Ghana.
According to the new directive, a cybersecurity service provider must apply for a practising license to gain such recognition as a service provider. Once the individual or institution satisfies the Cyber Security Authority (CSA) by meeting the requirements, the service provider will be granted a license.
Table of Contents
Forum on Cybersecurity Act 2020
The Minister mentioned this during a forum organized for cybersecurity service providers and professionals on the Cybersecurity Act 2020
The forum was organized to ask for suggestions and input from industry players towards the effective implementation of the Act. The engagement forms part of this year’s National Cybersecurity Awareness Month, on the theme: “Ghana’s Cybersecurity Act, 2020; Its Implications and the Role of Stakeholders.”
Per Section 59 of the Act, the CSA is tasked to develop, establish and adopt standards for the overall development of cybersecurity in Ghana, the Minister mentioned
She added that the Authority was also required to enforce set standards and monitor compliance of public and private entities to ensure that all cybersecurity operations maintained a minimum standard, preventing the introduction and use of untested solutions.
State of Cybersecurity Globally
According to a 2021 ISACA report on the State of Cybersecurity, 61% of cybersecurity teams were understaffed, she said.
Cybersecurity Ventures reported in a 2020 publication on the cost of cybercrime that the cost of cybercrime was forecasted to exceed six trillion dollars worldwide by the end of the year, according to Hon. Owusu-Ekuful.
According to the New York Times, an estimated 3.5 million cybersecurity jobs would be available but unfilled by 2021, necessitating the need for the country to have an adequate number of well-trained and capable individuals.
The Minister added, “There are many indications that demand for cybersecurity workers will continue to be high. All organisations need to understand their threat environment and the risks they face, address their cybersecurity problems and hire the most appropriate people to do that work.”
“Given the anticipated need for cybersecurity workforce in the country, I have tasked the CSA to engage with you – the private sector actors to research to establish Ghana’s cybersecurity workforce needs for the next five years.
Findings from such research will support Government policy on cybersecurity skills development and capacity building efforts in this critical sector of our digital economy.”
Provisions of the Cybersecurity Act 2020 and the way forward
The Act’s provisions on the protection of critical information infrastructure, incident reporting and response, licensing and accreditation, recognition of the industry as a critical component of Ghana’s cybersecurity architecture, and regulations on lawful access to data for law enforcement purposes, according to Dr Albert Antwi-Boasiako, Acting Director-General of the Cyber Security Authority.
He argued that cybersecurity rules would benefit Ghana’s key systems and digital infrastructure and that provisions in the Act would help the sub-sector of the developing digital economy develop systematically.
The CSA, according to Dr Antwi-Boasiako, would engage with the industry to explore ideas and help the country’s digital transformation.
He urged the sector minister to consider allocating annual budgeted funds to undertake local cybersecurity initiatives through proposals presented by licensed service providers in partnership with other private sector actors.
Dr Antwi-Boasiako stated that the program would strengthen the Authority’s ties with the industry to achieve Ghana’s cybersecurity development goals.