Ghana is ranked 78th most-attacked country in the world, as was revealed at the maiden Industry-Academia symposium organized by the Institute of ICT Professionals Ghana (IIPGH) in partnership with DigiCAP.gh on Cybersecurity at the University of Cape Coast (UCC) on August 5, 2021.
The objective was to bring together industry players, educators, students, policymakers among others for an industry-academia dialogue on ICT development to create opportunities for the youth. This dialogue is dubbed INDAC-TED (INDUSTRY-ACADEMIA TECH DIALOGUE) and will run on a quarterly basis.
The DigiCAP project targets students and facilitators in public tertiary institutions and provides capacity building in practice-oriented ICT qualification programmes as add-on measures to promote the employment of young people after completing their tertiary education programmes.
The University of Cape Coast is the first beneficiary of this programme, and as part of its objectives the project designed a quarterly symposium to create a platform that fosters closer collaboration between industry and academia. This quarterly symposium (QS) brings together ICT, the private sector, industry and education providers, exchanging information and discussing mutual activities. The QS has been established as a knowledge-sharing event for people at a decision-making level in the field of ICT in Ghana.
This maiden symposium discussed the state of Ghana’s cybersecurity and why we should be concerned. The 2-hour blended (physical and virtual via Zoom webinar) programme had experts in the domain from various sectors sharing knowledge and engaging the participants in relatable discussions. The Executive Director of the Institute of ICT Professionals Ghana, Mr David Gowu, gave a brief welcome address and pointed out why the need for such programme – bringing academia and industry together, which is in line with the organisation’s objective.
Prof. Rosemond Boohene, University of Cape Coast (UCC), HoD, Centre for Entrepreneurship and Small Enterprise Development, on behalf of the Provost of the University of Cape Coast gave the opening remarks with Hanna Schlingmann, the Project Manager, AFOS Foundation, digiCAP.gh
The guest speaker, Albert Yirenchi Danquah – Chief Information Security Officer (CISO), Stanbic Bank, delivered a full presentation on the topic; and Madam Audrey Mireku, a representative from the National Cybersecurity Centre, joined via Zoom on behalf of the National Cybersecurity Advisor Dr. Albert Antwi-Boasiako to deliver a short statement on the new Cybersecurity Act, 2020 (Act 1038).
The guest speaker addressed the difference between Information Security and Cybersecurity, Cyber Fraud and Cyber Crime. He looked at data breaches, cyberwarfare, Malware and its variants. He also gave an overview of Ghana’s cyberspace, noting there are 15 million total Internet users in Ghana currently, with over 8 million active social media users.
Why should we be concerned?
In January 2015, there were reports about Ghana government websites targetted by hackers; bank software hacked with amounts of money stolen; banks in Cameroon, Congo (DR), Equatorial Guinea and Ghana hit by multiple hacking waves. There have also been a series of Mobile Money (MoMo) fraud cases over the years, and now bank accounts linked to MoMo accounts are high fraud targets.
The energy, transportation, telecommunication and financial industries are critical infrastructure at risk. Academia and Research Institutes are not left out of cyberattacks, and also government and its agencies. As Ghana moves toward a fast-growing digital economy, it becomes very necessary to have structures and policies in place to safeguard the digital space and to have a trusted digital society. Hence, these questions must be answered to strengthen policies, people and processes as technology evolves.
- To what extent do we have the foundational capabilities and practices in place to protect our critical assets?
- How effective are we at monitoring and detecting cyber incidents?
- Can we effectively respond to and recover from a cyber incident?
The National Cybersecurity strategy hinges on Governance, Risk Management in National Cybersecurity, Preparedness and Resilience, Critical Infrastructure and services, Capability and Capacity building and awareness-raising, Legislation and Regulation, and International cooperation. Ghana’s cybersecurity Act 2020 is to regulate cybersecurity activities in the country; promote the development of cybersecurity and provide for related matters. It further seeks to demand or authorise the taking of measures to prevent, manage and respond to cybersecurity threats and incidents; regulate owners of critical information infrastructure; regulate cybersecurity service providers; and make consequential or related amendments to certain other written laws.
Also, Ghana’s Data Protection Act came into force in 2012 to protect the privacy of individual and personal data. Data protection is about safeguarding our fundamental right to privacy by regulating the processing of personal data: providing the individual with rights over their data; and setting up systems of accountability and clear obligations for those who control or undertake processing of the data.
Cyber Directive for Critical Infrastructure
Cybersecurity is a collaborative effort. Staying safe digitally requires safeguarding all categories of data – not only from theft and damage, but also from exploitation and abuse. This includes sensitive data, personally identifiable information, protected health information, personal information, intellectual property, data, and governmental and industry information systems. Your Personally Identifiable Information (PII) – phone number, email address, date of birth – is valuable: it can be used for identity-theft to commit crimes in your name. Ask questions, be angry enough about what and how your PII is used. Let’s demand our service providers to protect our information; and practice personal cyber hygiene.
In his last remarks, the guest speaker stated Ghana is not immune to cyberattacks and the effects could be devastating. Ghana is on the right track, but a lot more needs to be done.
Other speakers were Jacqueline Hanson-Kotei, Enterprise Information Security & Governance, MTN Ghana; Paul K. Arhin Jnr, Computer Science Dept, University of Cape Coast; and Dr. Quist-Aphesti Kester, Head of Computer Science Department, Ghana Communication Technology University (GCTU). These experts addressed the issues at length and had a very interactive session moderated by Mary Bawa, Broadcast Journalist, ATL FM.
Prof. Rosemond Boohene gave her brief statement on the need for such timely programme to discuss issues around cybersecurity. Hanna Schlingmann, the Project Manager, AFOS Foundation, digiCAP.gh, reiterated the need for a personal cyber-hygiene and raising awareness. She clarified that digiCAP is an abbreviation for ‘Digital Capacity’, which empowers individuals and institutions to thrive in the digital era. In the same vein, Mike Loose – AFOS Foundation, International Management Adviser, Germany – also pointed out the extent of havoc cyberattacks can cause, giving examples from Germany and around the world. He added that the topic was right and well-delivered.
The Director of Operations, IIPGH, Kafui Amanfu, in his closing remarks urged private organizations and stakeholders to be much concerned about such symposiums and to take bold steps in supporting subsequent events to drive the conversation to larger and more diverse groups. He encouraged participants to take the knowledge and information shared and learned from this event to their various organisations and locations to ensure a more secure and overall safer information society for all.
DigiCAP.gh is an Information and Communication Technology (ICT) project financed by the German Federal Ministry for Economic Cooperation and Development, and implemented by AFOS, a German Foundation for Entrepreneurial Development Cooperation. This quarterly symposium is a branded service product of IIPGH, supported by DigiCAP.gh in collaboration with UCC, and potentially at least one education provider in ICT in Ghana. Throughout implementing the DigiCAP.gh project, the QS will develop and be positioned for enhancing networking among ICT stakeholders in Ghana and attract other stakeholders (education providers, private and public sector agencies, individuals, etc) to take an active role – not only during the QS but also a range of mutual activities.
With the University of Cape Coast being the first beneficiary of this quarterly symposium, we hope it will draw other educational institutions on board. Educational institutions must be interested in such initiatives to foster the needed discussions between industry and academia. As a capacity-building organisation, IIPGH is always ready to engage stakeholders through such platforms to shape and impact policy.
The author is the Director of Operations, Institute of ICT Professionals, Ghana)
For comments, contact [email protected] or Mobile: +233244357006