Cyber security service providers and professionals cannot work in the country if they are not licensed or accredited by the Cyber Security Authority from January 2023.
Dr Antwi-Boasiako indicated that the proliferation of cyber-attacks targeting individuals, businesses and critical infrastructure has made regulatory compliance one of the most effective and reliable strategies to mitigate cyber risks within the industry globally.
“It is anticipated that, starting January 2023, a business, a firm or an individual will not be able to offer cybersecurity services unless the entity or the individual is licensed or accredited by the Cyber Security Authority (CSA)” he hinted.
According to him, the implementation of cybersecurity regulations is imperative to deal with both existing and emerging cyber threats which have the potential to undermine the digital dividends expected from the country's digital economy.
He indicated that, the Cybersecurity Act, 2020 (Act 1038) provides the regulatory framework to promote cybersecurity development in the country and that the CSA has commenced a number of regulatory activities including the protection of Critical Information Infrastructures, pursuant to Sections 35 to 40 of Act 1038; licensing of Cybersecurity Service Providers pursuant to Sections of 49 to 56 and regulations on cybersecurity incident reporting and response, pursuant to Sections 41 to 48 of the Cybersecurity Act, 2022.
In addition, designated Critical Information Infrastructure Owners shall be subjected to mandatory audit and compliance checks against the Directive for the Protection of Critical Information Infrastructures which was adopted on October 1, 2021.
These are part of the new regulations and measures being implemented pursuant to the Cybersecurity Act, 2020.
According to the Director-General, collaborative regulations hold the key to bringing both the public and private sector stakeholders together towards achieving a secure and resilient digital Ghana and hence the National Cyber Security Awareness Month, NCSAM 2022 celebrations will take place from October 1-31, 2022 under the theme: Regulating Cybersecurity: A Public-Private Sector Collaborative Approach”.
“The Authority will engage with stakeholders including public consultations for inputs into the various regulations which are expected to take full effect starting January 2023.”
He urged all stakeholders to participate fully in awareness month events for an effective outcome whilst calling on the private sector, faith-based organisations, academia and Civil Society Organisations, the entire public and the media to use the period to educate their members on cybersecurity.