Following the commencement of licensing of Cybersecurity Service Providers (CSPs) and the accreditation of Cybersecurity Establishments,and Cybersecurity Professionals on March 1, 2023, the Cyber Security Authority(CSA) has engaged key stakeholders on the benefits it would bring to the industry.
The CSA has held a meeting with the Ghana Association of Banks (GAB) to dialogue on opportunities and agree on issues relating to the licensing and accreditation regulations.
The meeting touched on the importance and benefits of the regulations being implemented by the Authority, especially, to the banking sector, which was one of the most mature sectors for cybersecurity services.
Leading the discussions were the Director-General of the CSA, Dr. Albert Antwi-Boasiako and the Chief Executive Officer of the GAB, Mr. John Awuah.
Dr. Antwi-Boasiako ssid the essence of the exercise was to enable the Authority to initiate the development of the cybersecurity industry and, therefore, needed the support of the Association to sensitise its members on the ongoing licensing and accreditation regulatory.
This is to safeguard critical information infrastructure and protect the gains made in the sector.
He noted that without the right regulatory
environment, the banking sector, which was one of the most matured cyber-dependent sectors could be crashed by criminals and other malicious actors at the click of a button.
“Therefore, there’s a need for understanding and collaboration among industry players to prepare properly for the regulatory regime,” he said.
Dr Antwi-Boasiako said the regulatory exercise would serve as a credibility launchpad for professionals who take up contracts in other countries, provide professional visibility and serve as eligibility criteria for Industry Forum Membership, among other benefits.
According to him, the banking industry was one of the largely compliant sectors and highly prone to attacks due to the surge in online activities.
The regulatory interventions, he said, would foster threats and information sharing within the industry and urged the sector to ensure proper cybersecurity practices in their operations.
He said Ghana was taking giant strides in cybersecurity development, acknowledging that the country had the ability to lead, and re-position itself to serve as a trailblazer in this regard for other countries to emulate.
The parties acknowledged the significance of securing information assets in the financial industry that had been designated as critical information infrastructure sector under Section 35 of the Cybersecurity Act, 2020 (Act 1038) and Gazette Notice No.132 dated, September 23, 2021.
Recognising the CSA as a lead public agency overseeing the development of cybersecurity in the country, Mr. Awuah expressed his gratitude to the Director-General of the CSA for leading a positive change in the sector and assured him of the support of the Banking industry.
According to him, the regulatory process of the CSA was one way of creating proper entry
barriers to safeguard the banking ecosystem, especially the licensing of CSPs, accreditation of CEs and CPs.
He noted that the exercise by the CSA was an important step in safeguarding the digital infrastructure of the country, particularly the banking sector in ensuring that cybersecurity services are provided by qualified and competent individuals and organizations.
After successful deliberations, the parties agreed to collaborate closely on key areas and provide each other with the necessary assistance for the performance of their functions.
The parties agreed that the CSA should adopt a collaborative approach in regulating cybersecurity in the Banking Sector by engaging with the Bank of Ghana as the regulator of the sector in consultation with the GAB as relevant industry body.
That the Banks should lead the registration exercise of establishments and professionals; and also encourage their vendors to register before the deadline in September, this year
They agreed to engage the BoG to utilise the future national register of licensed CSPs as a means of ascertaining a credible and competent CSP which would help strengthen compliance with BoG’s directive by BoG-regulated institutions.
They also agreed to collaborate with the BoG to provide assurance of a secured and resilient Financial Industry Command Security Operation Centre (FICSOC) to enhance compliance with BOG’s directive.
The CSA to ensure that all government CIIs that interface with banks are also subjected to high standards of operations and are compliant with the directives issued by the CSA
The agreed to collaborate to create public
awareness and educate the financial sector on the necessity for the licence and accreditation exercise, the Cybersecurity Act 2020 (Act 1038), cybercrime, and other related issues..
They also agreed to maintain seamless, effective, clear, and timely communication to enhance the partnership strategy.