The nation’s cybersecurity ecosystem is set for a boost with the impending establishment of a Cybersecurity Fund by the recently instituted Cyber Security Authority and Ministry of Finance to ensure timely access to adequate funding by the Authority, Minister for Communication and Digitalisation, Ursula Owusu-Ekuful, has disclosed.
This move, she said, is in compliance with provisions contained in Section 29 of the Cybersecurity Act 2020, which enjoins the Authority to set up a Fund to provide financial resources to promote and strengthen the country’s cybersecurity to enable the Authority effectively combat cybercrime, which was estimated to cost US$6trillion globally in 2021 and will reach US$10.5trillion by 2025.
The sector minister further suggested that allocations will be made to this end in the forthcoming budget, as hitherto activities of cybersecurity institutions have largely been funded through resources solicited from stakeholder agencies, particularly the National Communications Authority.
She made these remarks at a workshop on the implications and roles of cybersecurity stakeholders, where the Acting Director-General of the Authority, Dr. Albert Antwi-Boasiako, called for dedicated funding to address rising domestic cybersecurity challenges.
“The law itself enjoins the Authority to set up a Cybersecurity Fund and has designated the areas we should look at, so we are working with the Ministry of Finance to ensure that it is set up.
“Since 2017, we have been soliciting funds from other agencies, particularly the NCA, to support their activities. But now that they have been set up as an Authority and launched, we need to make budgetary provision for them; and I know for a fact that the next budget will provide significantly for infrastructure and governance needs of the Authority,” she explained.
According to the Cybersecurity Act 2020, sources of money for the Fund will include seed money approved by Parliament; money which may become lawfully payable to the Authority for the Fund; grants, gifts, donations and other voluntary contributions; a charge determined by the Authority; a proportion of the fees charged on all government
e-services determined by the Authority, as well as levies approved by Parliament for the Fund.
Mrs. Owusu-Ekuful added that the industry’s overarching importance to the state and businesses requires the private sector to take upon itself a proactive role.
The Cybersecurity watchdog has designated some 189 institutions across 13 sectors in finance, energy and health, among others, as Critical Information Infrastructures (CII), owing to the crucial role they play in the wider economy.
These institutions will be subjected to baseline audits to ascertain their level of preparedness for cyberattacks and be brought up to the minimum required standard, where lacking, Mrs. Owusu-Ekuful stated.
In a similar vein, Dr. Antwi-Bossiako said his outfit will play an active role in sensitising owners of these institutions to the risks and benefits of adhering to directives issued by the regulator.
“We will engage with those designated as such, explain the rationale and process, and register them; following that, the Authority will support implementation of the Directive issued by the minister.
The workshop brought together stakeholders, particularly professionals, who were tasked to initiate a forum that will ensure standards are achieved and maintained in the domestic cybersecurity space.