By Sandra Agyeiwaa OTOO
Proper licencing and accreditation has the potential to significantly enhance cybersecurity frameworks, Director-General of the Cyber Security Authority (CSA), Dr. Albert Antwi-Boasiako, has said.
He explained that proper accreditation ensures professionals and organisations remain equipped with up-to-date skills and knowledge
He said this during a three-day cyberdrill organised by the International Telecommunication Union (ITU) in collaboration with INTERPOL, aimed at enhancing the cybersecurity readiness, protection and incident response capabilities of its member-states in the African region. The ITU-INTERPOL cyberdrill was hosted in Accra by the CSA.
The drill seeks to promote adoption of international cybersecurity standards and best practices in the region and also facilitate regional collaboration and knowledge-sharing on cybersecurity issues while supporting international cooperation in combatting cybercrime.
Mr. Antwi-Boasiako reiterated his outfit’s commitment to ensuring that the Cybersecurity Act 2020(Act 1038) is enforced to strictly ensure only authorised entities with licence and accreditation operate in the country.
As at September 2, 2024, the CSA had in its registry a total of 1,433 registered cybersecurity professionals, 64, cybersecurity establishments and 246 cybersecurity service providers.
With many of these industry stakeholders at different stages of receiving their licences and accreditations, he said the CSA is determined to enforce provisions of Cybersecurity Act, 2020 (Act 1038) to ensure that only licenced CSPs and accredited CEs and CPs can operate cybersecurity services in the country.
“These are part of efforts to warrant administrative adherance with the law and streamline the process of providing services in accordance with approved standards that are in tune with domestic laws and international best practices – to ensure that the digital space is safe,” the Director-General said.
According to the 2024 cybercrime report from Cybersecurity Ventures, cybercrime is projected to cost US$10.5trillion in damages by 2025. A substantial leap from the US$3trillion recorded in 2015. These damages, represent the cost of data breaches, stolen funds, intellectual property theft, operational disruption and post-attack recovery.
Station X, a cybersecurity training and career development platform, also reports that Africa experienced an average of 2,372 cyberattacks per week in early 2024 – representing a 20 percent increase from the previous year.
Similarly, the Information Systems Audit and Control Association (ISACA) highlights social engineering, third-party exposure, cloud vulnerability, ransomware and attacks on Internet of Things (IoT) devices as the top-five cyber threats globally.
Dr. Antwi-Boasiako revealed that as the emergence of technology has offered gains, there are however a lot of challenges it presents. He urged experts to contribute their quota in addressing these difficulties.
“The rapid emergence and advancement of technologies highlights the digital era’s ever-evolving nature. While these advancements offer significant benefits, they also present substantial challenges. As experts in cybersecurity and digital transformation, we must address these challenges head-on. A critical aspect of our approach is the relationship between incident response and international regulatory bodies. Effective incident response depends on coordinated efforts with these bodies to ensure rapid and efficient management of cyber threats,” he stated.
In a speech read on her behalf, the Minister for Communications and Digitalisation, Ursula Owusu-Ekuful, highlighted the significance of global cooperation in eradicating cybercrime.
She said creating confidence and trust in the digital space is critical, particularly for developing countries.
“Countering cybercrime to ensure the security of our digital ecosystem requires a collaborative approach that includes international cooperation. (A/AC.291/L.16) of the Convention provides an international legal basis for direct cooperation with State Parties to the Convention, for purposes of timeously accessing digital evidence in forms including the disclosure of subscriber and traffic information for investigation and prosecution of cybercrime on terms espoused in the international convention and agreed by both state parties.
“Our gathering here today proves that we have begun implementing the articles outlined in this monumental document,” she stated.
She cited a report from Cybersecurity Ventures that highlights growing challenges as the world increasingly relies on ICT and digitalisation. While these trends offer great potential, they also bring significant risks.
The minister disclosed that: “Based on ITU’s framework – which focuses on legal measures, organizational measures, technical measures, capacity development and cooperation – Ghana has reviewed its National Cybersecurity Policy and Strategy, incorporating these measures. The strategy document has been approved by the Cabinet of Ghana and is expected to be outdoored in October this year”.
She added that the National Cybersecurity Policy and Strategy will offer a clear direction and implementation plan for Ghana’s cybersecurity development. This will focus on building a resilient digital ecosystem, securing digital infrastructure, developing national capacity, deterring cybercrime and strengthening international cooperation.
Mrs. Owusu-Ekuful pledged government’s unwavering commitment to enhancing information sharing and capacity-building among regional Community Emergency Response Teams (CERTs)/Computer Security Incident Response Teams (CSIRTs) and law enforcement agencies.
She said her outfit will strengthen collective cybersecurity capabilities and create a safer, more secure digital future for all.