Parliament has passed the Cybersecurity Act 2020 which establishes the Cyber Security Authority, protects the critical information infrastructure of the country, regulates cybersecurity activities and provides for the protection of children on the internet.
It is also targeted at positioning Ghana to prevent, manage and respond to cybersecurity incidents in view of the country’s digital transformation agenda.
The memorandum signed by the Minister for Communications, Mrs. Ursula Owusu-Ekuful, indicated that, “a successful economy is hinged on a secured, safe and resilient national digital ecosystem. Cybersecurity is, therefore, very critical to the economic development of the country and essential to the protection of the rights of individuals within the national digital ecosystem.”
The internet has become a critical infrastructure and facilitator of engagements for individual users, businesses and Government across the globe. In Ghana, the increasing reliance on the internet and Information Communication Technology has led to increased cybersecurity incidents such as ransomware, cyber theft, banking fraud, cyber espionage and other cyber-attacks targeted at critical information infrastructure.
These cybersecurity incidents have affected critical sectors of the country including energy, telecommunications, banking and finance and have caused disruptions in the delivery of essential services. If unchecked, it can undermine the security and economy of the country.
The Law also addresses offences against children and the general public online as such acts are currently increasing due to the utilization of digital services and platforms especially in this era of COVID-19.
The ratification ofthe African Union Convention on Cyber Security and Personal Data Protection (Malabo Convention) and the Convention on Cybercrime (Budapest Convention) by Parliament in 2018 and 2019 requires Ghana to establish appropriate mechanisms for cybersecurity governance, to combat cybercrime, promote cybersecurity and facilitate both domestic and international cooperation in the fight against cybercrime. The implementation of the law is expected to enhance and re-affirm Ghana’s leadership on cybersecurity matters in the sub-region.
A number of initiatives have been implemented by the government through the Ministry of Communications to improve Ghana’s cybersecurity development. These include the revision of Ghana’s National Cybersecurity Policy and Strategy, the establishment of the National Cyber Security Centre, the launch of the Safer Digital Ghana campaign, the launch of Cybercrime and Cybersecurity Incident Reporting Points of Contact.
Others include the establishment of the Computer Emergency Response Teams (CERT) at the National Communications Authority (NCA) and the Security Operations Centres at both the Bank of Ghana and the National Information Technology Agency (NITA) as well as capacity building on cybercrime for the criminal justice sector.
The law also empowers security and law enforcement agencies to combat cybercrime and makes provision for dedicated sources of funding for the Cyber Security Authority and its activities.