The Cyber Security Authority (CSA) has cautioned Cybersecurity Service Providers (CSPs), Cybersecurity Establishments (CEs) and Cybersecurity Professionals (CPs) who provide cybersecurity services without licence or perform cybersecurity-related professional functions without accreditation by the Authority.
Providing such services without the requisite licence or accreditation, according to the Authority, is in contravention of the Cybersecurity Act, Sections 49 and 57 of Act 1038, 2020 and has commenced processes to sanction defaulters.
Delivering the welcome address on behalf of CSA’s Director-General, Dr. Albert Antwi-Boasiako – in speech read on his behalf at the presentation of licences and accreditation to professionals and entities in Accra – reiterated the Authority’s commitment to regulating and sanitising the industry.
“In accordance with the CSA mandate in Sections 3, 4(k), 49, 57 and 59 of the Cybersecurity Act, 2020 (Act 1038), CSA has a duty to regulate cybersecurity activities within the country; which includes licencing cybersecurity service providers (CSPs) and accrediting cybersecurity establishments (CEs) and cybersecurity professionals (CPs).
“I want to take this opportunity to once again caution all CSPs, CEs and CPs that are providing cybersecurity services without a licence or performing cybersecurity-related professional functions without accreditation granted by the Authority.
“The Authority is committed to ensuring that all defaulting institutions and individuals face the appropriate sanctions, including administrative penalties and criminal prosecutions where applicable. Further, take note that enforcement processes against non-compliant registrants and applicants have commenced and all defaulters will face the full rigours of the law,” he warned.
18 CSPs, 7 CEs and 69 CPs get licences and accreditation
During the presentation ceremony in Accra on Thursday, September 12, 2024, the Authority issued licences and accreditations to 18 cybersecurity service providers; 7 cybersecurity establishments; and 69 cybersecurity professionals which have successfully completed the application process and met requirements to operate in the country.
The exercise, according to him, is a landmark achievement that underscores the nation’s unwavering commitment to digital security and resilience.
“I once again extend my congratulations to all licencees and accredited establishments and professionals. This achievement signifies a pivotal moment for CSA and the industry, as it reaffirms CSA’s dedication to building a digitally resilient Ghana and a testament to the commitment of CSPs, CEs and CPs as key stakeholders in Ghana’s cybersecurity development.
“Let us continue working together through collaboration, vigilance and innovation, to ensure Ghana continues being a hub of cybersecurity excellence in Africa,” he urged.
He further reiterated that the issuance of licences and certificates of accreditation bestows on recipients a responsibility to maintain standards and professionalism in dispensing the respective services they have been licenced and accredited to provide.
“Licencees must observe utmost good faith toward clients while complying with Act 1038 and all applicable laws, including confidentiality and data protection obligations.”
The Cyber Security Authority officially commenced the licencing and accreditation process in March 2023 and consequently issued licences to eight (8) CSPs, and certificates of accreditation to eight (8) CEs and thirty-five (35) CPs in July 2024.The Authority has so far registered 252 CSPs, 65 CEs, and 1,451 CPs.