Cyber Security Authority licenses service providers, others

The Cyber Security Authority (CSA) has licensed 18 cybersecurity service providers (CSPs), accredited seven cybersecurity establishments (CEs)and certified 69 cybersecurity professionals (CPs) in a ceremony held in Accra.

The Director-General of the CSA, Dr Albert Antwi-Boasiako, in a speech read on his behalf by the Head of the National Computer Emergency Response Team, Stephen Cudjoe-Seshie, commended the recipients and emphasised the responsibility that came with the licenses and accreditations.

The CSA has so far registered 252 CSPs, 65 CEs, and 1,451 CPs, with many more at various stages of the application process.

The Authority cautioned that providing cybersecurity services without a license or performing cybersecurity-related professional functions without accreditation was a contravention of the Cybersecurity Act, 2020 (Act 1038), and warned of enforcement processes against non-compliant registrants and applicants.

“I want to take this opportunity to once again caution all CSPs, CEs, and CPs, who are providing cybersecurity services without a licence or performing cybersecurity-related professional functions without accreditation granted by the Authority that doing so is in contravention of Sections 49 and 57 of Act 1038, and that the Authority is committed to ensuring that all defaulting institutions and individuals face the appropriate sanctions, including administrative penalties and criminal prosecutions where applicable,” he said.

The CSA also announced the establishment of an Industry Forum to shape policy and regulatory activities and support industry standards.

“In our commitment to streamline the implementation of this mandate, we instituted the Licensing and Accreditation Clinic as a handholding approach to support registrants, individuals and institutions who had started the application process to complete same and guide new registrants through the application process,” he said.

The ceremony, he said, marked a significant milestone in Ghana’s efforts to build a digitally resilient nation and reinforce its position as a hub of cybersecurity excellence in Africa.

The CSA, on March 1, 2023, triggered a regulatory regime to license Cybersecurity Service Providers (CSPs), and accredit Cybersecurity Establishments (CEs) and Cybersecurity Professionals (CPs), pursuant to the Cybersecurity Act, 2020 (Act 1038), sections 4(k), 49, 50, 51, 57 and 59.

The objective was to provide a streamlined mechanism for ensuring that CSPs, CEs and CPs offer their services in accordance with approved standards and procedures in line with domestic requirements and international best practice and provide greater assurance of cybersecurity and safety to consumers, while addressing national security concerns.