Cybersecurity service providers will be granted licenses to operate under Ghana’s jurisdiction soon. This is in accordance with Section 49 of the Cybersecurity Act 2020, which requires all cybersecurity service providers to be licensed.
The Minister of Communications and Digitalisation, Hon. Ursula Owusu-Ekuful, stated that the license will ensure sanity in the industry in terms of competencies and acceptable means of doing such sensitive services in Ghana.
To achieve such recognition as a service provider, a cybersecurity service provider must apply for a practicing license, according to the new guideline. The service provider will be awarded a license once the individual or institution has satisfied the Cyber Security Authority (CSA) by completing the conditions.
Forum on Cybersecurity Act 2020
During a forum for cybersecurity service providers and professionals on the Cybersecurity Act 2020, the Minister mentioned this.
The forum was held to solicit comments and input from industry players in order to ensure the Act’s efficient implementation. The event is part of National Cybersecurity Awareness Month, where this year’s theme is “Ghana’s Cybersecurity Act, 2020; Its Implications and Stakeholder Role.”
The CSA is required by Section 59 of the Act to develop, establish, and adopt standards for the overall development of cybersecurity in Ghana, according to the Minister.
She went on to say that the Authority was also responsible for enforcing specified criteria and monitoring compliance by public and commercial institutions to ensure that all cybersecurity operations met a minimum standard, preventing the introduction and use of untested solutions.
State of Cybersecurity Globally
61 percent of cybersecurity teams were understaffed, according to a 2021 ISACA study on the State of Cybersecurity, she noted.
According to Hon. Owusu-Ekuful, Cybersecurity Ventures reported in a 2020 article on the cost of cybercrime that the cost of cybercrime is expected to exceed six trillion dollars worldwide by the end of the year.
According to the New York Times, by 2021, an estimated 3.5 million cybersecurity jobs would be open but unfilled, necessitating the country’s need for a sufficient number of well-trained and qualified people.
“There are many indications that demand for cybersecurity experts will continue to be high,” the Minister said. All businesses must understand their threat environment and the dangers they face, as well as handle their cybersecurity issues and hire the best individuals for the job.”
“Given the country’s expected to need for a cybersecurity workforce, I’ve asked the CSA to collaborate with you – the private sector actors – to examine Ghana’s cybersecurity manpower needs over the next five years.”
The findings of such study will be used to inform government policy on cybersecurity skills development and capacity building in this crucial sector of our digital economy.”
Provisions of the Cybersecurity Act 2020 and the way forward
According to Dr. Albert Antwi-Boasiako, Acting Director-General of the Cyber Security Authority, the Act’s provisions on the protection of critical information infrastructure, incident reporting and response, licensing and accreditation, recognition of the industry as a critical component of Ghana’s cybersecurity architecture, and regulations on lawful access to data for law enforcement purposes.
He stated that cybersecurity standards would benefit Ghana’s critical systems and digital infrastructure and that the Act’s provisions would help the burgeoning digital economy’s sub-sector develop systematically.
According to Dr. Antwi-Boasiako, the CSA would work with the sector to develop new ideas and aid the country’s digital transition.
He encouraged the minister of the sector to consider awarding annual budgeted funding to local cybersecurity initiatives based on proposals submitted by licensed service providers in collaboration with other private sector actors.
The program, according to Dr. Antwi-Boasiako, would improve the Authority’s links with the industry in order to help Ghana accomplish its cybersecurity development goals.