Ghana grants licences to 51 cybersecurity providers amid a surge in data breaches

The Ghana Cybersecurity Authority (CSA) has recently granted licences and accreditation to 51 cybersecurity industry players to combat the surge in data breaches in the nation.

The CSA calls it a historic and groundbreaking milestone, it marks Ghana's debut as the first country in Africa and the second globally, following Singapore, to implement a comprehensive regulatory framework. 

This initiative aligns with the Cybersecurity Act, 2020 (Act 1038), specifically sections 4(k), 49, 50, 51, 57, and 59, which empower the Authority to oversee Ghana's cybersecurity sector. The Act sets up the regulation of cybersecurity activities to ensure that services provided to Ghanaians meet approved security standards and procedures.

The 51 providers issued these licences include Cybersecurity Service Providers; Virtual Infosec Africa, e-Crime Bureau, and CWG Ghana; Cybersecurity Establishments such as Absa Bank, Access Bank, Fidelity Bank, and Guarantee Trust Bank; and Cybersecurity Professionals such as Kester Quist-Aphetsi, Tornyelli Tetteh, Jeannette Quayson, Olivia Jones, and Ebenezer N. Nakoja.

The licence for professionals is renewable annually while for establishment and service providers, it is valid for two years.

Albert Antwi-Boasiako, Director-General of the CSA,  stressed that the Cyber Security Authority (CSA) is serious about enforcing cybersecurity rules. He warned that anyone or any organization breaking the rules could face serious trouble, including fines and even criminal charges.

"Today, we gather to celebrate a landmark achievement that underscores our nation's unwavering commitment to digital security and resilience," said Antwi-Boasiako.

Ghana was ranked number nine of ten countries with the most data breaches in 2024, according to a recent report by Surf Sharks. The country recorded a 997% breach increase in the first quarter alone over the last quarter of 2023. In September of 2023, Antwi-Boasiako disclosed that cyber fraud incidents in the country resulted in substantial financial losses totalling $4.33 million. These losses represent only those reported to officials between January and June 2023, with potentially higher amounts from unreported cases. 

Antwi-Boasiako stated at an event on Wednesday last week that following the regulation achievement, it's looking to provide more licenses to cybersecurity industry players and would "stop at nothing to ensure that all defaulting institutions and individuals face the appropriate sanctions, including criminal prosecutions and administrative penalties."