The Cyber Security Authority (CSA) has reported a substantial increase in registrations under the country’s new regulatory regime.
Since the commencement of the cybersecurity regulatory regime in March 2023, approximately 1,400 individuals and businesses have sought licenses and accreditation to operate within the digital security sector. This move aligns with the provisions of the Cybersecurity Act, 2020 (Act 1038), reflecting the nation’s commitment to a secure and resilient digital ecosystem.
As of February 19, 2024, the CSA has registered 1,137 Cybersecurity Professionals (CPs), 194 Cybersecurity Service Providers (CSPs), and 52 Cybersecurity Establishments (CEs), totaling 1,383 entities.
This development is part of Ghana’s ongoing efforts to regulate the cybersecurity landscape effectively, ensuring that all entities operating in this space adhere to the highest standards of digital security and integrity.
“Some institutions and individuals have already been issued provisional licenses, while many others are navigating through the various stages of the licensing and accreditation process,” according to a CSA statement.
The authority has emphasized the December 31, 2023, deadline, by which all existing CSPs, CEs, and CPs must have obtained a license or accreditation according to specific sections of the Cybersecurity Act. Entities operating without the necessary credentials are now prohibited from conducting business in Ghana, underlining the CSA’s determination to enforce the law rigorously.
“To those offering cybersecurity services without proper licensing or accreditation, let it be known that they are in direct violation of Act 1038. We will not hesitate to apply the full spectrum of legal consequences, including administrative penalties and criminal prosecutions,” the CSA warned.
The CSA has introduced a Licensing/Accreditation Clinic at its premises in a bid to support entities through this transition.
Launched on February 8, 2024, the clinic operates every Thursday from 8 a.m. to 4 p.m., aimed at assisting CSPs, CEs, and CPs with the online application process. This initiative is part of the CSA’s broader objective to cultivate a robust cybersecurity industry within Ghana.
Furthermore, the CSA has forged strategic partnerships with the Public Procurement Authority (PPA) and the Judicial Service of Ghana to ensure compliance across the public sector and judicial processes. These collaborations are crucial for enforcing the Cybersecurity Act’s provisions, particularly in engagements involving CSPs, CEs, and CPs.
The Cyber Security Authority also encouraged businesses and individuals to conduct due diligence when engaging cybersecurity services, providing an online platform for verifying the license and accreditation status of service providers.
“These measures are instrumental in our quest to secure Ghana’s digital space. Through regulatory compliance and collaboration, we are laying the groundwork for a digital ecosystem that is not only secure but also resilient against the evolving landscape of cyber threats,” the statement said.