For the first time, the Cyber Security Authority (CSA) of Ghana has officially issued licenses and accreditations to a total of 51 entities operating within the cybersecurity sector.
The accredited parties span a diverse range of cybersecurity stakeholders, including Cybersecurity Service Providers (CSPs) such as Virtual Infosec Africa, e-Crime Bureau, and CWG Ghana; Cybersecurity Establishments (CEs) which count prominent financial institutions like Absa Bank, Access Bank, Fidelity Bank, and Guarantee Trust Bank among their ranks; and individual Cybersecurity Professionals (CPs) like Kester Quist-Aphetsi, Tornyelli Tetteh, Jeannette Quayson, Olivia Jones, and Ebenezer N. Nakoja.
This regulatory advancement is set against the backdrop of Ghana’s escalating cybersecurity challenges, with the nation experiencing over 4 million data breaches in the current year. According to statistics from Surf Shark, a VPN service provider, Ghana is ranked ninth in Africa and 92nd on a global scale for data breaches, with an incidence rate of 12 breaches per 100 individuals.
The CSA has hailed this development as a historic achievement, proudly announcing Ghana as the first African nation, and only the second country globally after Singapore, to implement a comprehensive regulatory framework encompassing CSPs, CEs, and CPs.
With this framework in place, the CSA is now focused on expanding its licensing efforts to encompass additional providers and is committed to enforcing strict adherence to the regulations. The authority has made it clear that penalties will be imposed on those who fail to comply with the licensing requirements.
Albert Antwi-Boasiako, the Director-General of the CSA, has issued a stern warning that any CSPs, CEs, and CPs found to be offering cybersecurity services without the requisite license are in breach of the Cybersecurity Act, 2020, and will be subject to legal consequences.
He emphasized the serious repercussions for those operating in the cybersecurity sector without proper licensing. He made it clear that violators would be subject to sanctions, which could include criminal prosecutions and financial penalties.
He further encouraged entities currently in the process of obtaining their licenses to diligently fulfill all the necessary requirements to avoid any legal issues. Additionally, Antwi-Boasiako highlighted the CSA’s collaboration with the Public Procurement Authority to ensure that all cybersecurity industry players adhere to the established compliance guidelines. This cooperative effort underscores the CSA’s commitment to maintaining a regulated and secure cybersecurity environment in Ghana.