Cyber Security ACT. 2020 (Pt. 3): Cyber Insurance Plan is a must for all companies that store customers’ data!

Cyber Security Authority is poised to ensure a secure and resilient digital Ghana - DG
National Cyber Security Advisor, Dr. Albert Antwi-Boasiako

Cyber security, as noted by many experts and also the World Economic Forum (WEF), is too big a job for governments or business to handle alone. And in agreement with WEF’s publication in 2021, a good step to start is getting a coalition of private sector players to share possible cyber-threat information and come up with standard solutions.

According to the Paris Call, a typical digital space is divided into a network infrastructure level made up of servers and cables; the device level of computers and smart devices; the software level characterised by interaction between machines and humans, and the data itself.

Among the threats to our cyberspace according to WEF, is the danger of digital mistrust which has the potential of hindering full cooperation from many people – hence limiting the potential benefits to us.

To reassure all stakeholders in the digital space, there is a need for a robust cyber-insurance market. An introduction to a panel discussion during a recent event considering the Role of Government in Fostering Cyber Insurance Markets goes like this:

“Robust cyber-insurance markets can promote the public good by reducing the country’s vulnerability to cyber-attacks and by limiting the need for government support in the wake of such attacks. Moreover, governments play an important direct role in the cybersecurity ecosystem, as they face unique cybersecurity vulnerabilities; and, in some cases, make active affirmative use of cyber-attacks. Given these realities, governments have both a clear interest in promoting more robust cyber-insurance markets and the potential technical means to help do so.’’

As part of my research into our quest for a proper national cybersecurity strategy, I caught up with Mr. Thomas Cook Jefferson-Dankwah – a renowned Cyber-Insurance expert who is currently the Executive Director of Hanssen Global UK and Ghana Ltd., a Microsoft Partner Network-Ghana.


Lawson: Should Ghanaian consumers worry about the state of cybersecurity for their banks and telecom services providers?

Mr. Jefferson Dankwah: Yes, cybersecurity is too big for governments or firms to handle alone. The challenges cybercrimes present are major risks to global prosperity in the Fourth Industrial Revolution, and that affect every one of us.

Lawson: Do Insurance companies have a role to play in cybersecurity?

Mr. Jefferson Dankwah: Yes, they handle all matters relating to cyber-risk transfer. It must also be noted that Technology and Insurance Industries go hand in hand to mitigate cyber-risk, which is part of the overall strategy of cybersecurity. And let me add that there is need for coordination of the cyber-insurance ecosystem.

Lawson: As an expert and advocate of cyber-insurance, what have been some of your own efforts in this regard?

Mr. Jefferson Dankwah: I am  currently engaged with the following for various discussions: Government of Ghana; the US; the World Economic Forum; UN Security Council; World Bank Group; the EU; the United Kingdom; China, Japan and South Korea; the Canada, Australia and Indian governments; Technology giants Microsoft Corp, Google and IBM; and Allianz Insurance, AIG US, Hollard Insurance, Zurich Insurance Group and many more to fight Cyber Vulnerabilities which affect success of Cyber Security, CBDC Digital Currency and New Technology like AI and ML ecosystems.

Lawson: Any advice for the newly-established Ghana Cyber Security Authority in tackling the nation’s cybersecurity matters at this stage?

Mr. Jefferson Dankwah: Yes, and I suggest the following implementation plan:

  1. Defend:

a. Active Cyber-Defence

b. Building a more secure Internet

c. Protecting our Critical National Infrastructure and other priority sectors

d. Protecting Government Assets and Security

e. Changing and Improving Public and Business policies as required by Law

f. Managing Incidents and Understanding threats in the 21st century.


a. Cyber Role in Deterrence

b. Reducing Cyber Crimes

c. Countering Hostile Foreign Actors and Preventing Terrorism

d. Enhancing Sovereign Capabilities Cryptography

e. Enhancing Sovereign Capabilities Offensive Cyber Actors.

  1. Develop:

a. Strengthening Cyber Security Skills

b. Stimulating Growth in the Cyber Security Authority

c. Prompting Cyber Security Science and effective horizon scanning.

The world outlook

Cybersecurity and matters arising are high on the agenda for many nations across the world. In fact, most advanced economies are even taking it more seriously than the developing ones.

Like the US and rest of the world, Ghana is equally prone to cyber-attacks.  The CBNC report revealed not long ago that there have been cyber-attacks on the US government’s own software contractor Solar Winds. This and many such attacks should be a wake-up call for us here in Ghana.

Recently reported by CNBC, President of the United States, Joe Biden, met with CEOs of big tech and insurance firms to discuss cybersecurity issues. The likes of Microsoft and Google have promised to invest billions of dollars in cybersecurity

Aside from pledging huge sums of money to help with cybersecurity, the tech giants equally promised to assist in awareness creation and various skills training. The fact is there are about 500,000 unfilled cybersecurity jobs.

E-Cedi, the Digital Dollar Project Example!

Various central banks around the world are looking into the possibility of an e-currency or digital version of their physical currency. Our own BoG has also announced the possible introduction of e-cedi in the near future. During the Ghana economic forum, I asked a question during the plenary; that the Ghanaian wants to know the place of the e-cedi in the payment ecosystem. BoG replied that the e-cedi is coming only to complement the existing payment options, and not necessarily to compete with them.

My take on this is we are not in a race against other nations in introducing the e-currency. We should, as the US is doing:

  1. Do thorough research into the potential advantages of e-currency
  2. Do an in-depth public discourse and use-case analyses to ascertain effects of its introduction on the various stakeholder groups.

Threats in our cyberspace take different forms and happen at various levels in the cyber architecture, therefore we need all hands on board, both private and public sector, in tackling them.


Leave a Reply