Accra: The Cyber Security Authority (CSA) has awarded certificates and accreditation to the third cohort of Cybersecurity Service Providers (CSPs), Cybersecurity Establishments (CEs), and Cybersecurity Professionals (CPs) as part of its efforts to ensure regulatory compliance in the cybersecurity domain.
According to Ghana News Agency, the CSA has issued licenses to 13 CSPs, certificates of accreditation to 3 CEs, and 58 CPs who have fulfilled all necessary requirements and completed the application process. This initiative follows the regulatory framework triggered by the CSA on March 1, 2023, which aims to license CSPs and accredit CEs and CPs, in accordance with the Cybersecurity Act, 2020 (Act 1038).
The primary goal of this regulatory regime is to establish a robust system that ensures CSPs, CEs, and CPs deliver services meeting approved standards, comply with domestic regulations, and align with international best practices. This is intended to enhance cybersecurity and safety for consumers while addr
essing national security concerns.
Dr Albert Antwi-Boasiako, Director-General of the CSA, emphasized the mandate of the CSA under the Cybersecurity Act, 2020, which includes the regulation of cybersecurity activities within the country. He highlighted that the licensing and accreditation process officially began in March 2023, and as of September 2024, the CSA has issued final licenses to 26 CSPs and final certificates of accreditation to 15 CEs and 104 CPs.
Dr Antwi-Boasiako articulated that these licenses and certificates impose a duty on recipients to uphold utmost good faith in their roles, comply with Act 1038, and adhere to applicable laws, including confidentiality and data protection obligations. He noted that the CSA’s approach to implementing its mandate is rooted in collaboration, inclusivity, and best practices.
The significance of this licensing and accreditation process is underscored by the upcoming 2024 Presidential and Parliamentary elections, and the advancement of digitalisation efforts
by the government and businesses. Dr Antwi-Boasiako stressed that all CSPs, CEs, and CPs must meet the required standards to operate within critical information infrastructures, including electoral systems and networks.
To date, the CSA has registered 276 CSPs, 73 CEs, and 1,563 CPs, many of whom are still completing the application process. Dr Antwi-Boasiako encouraged those in the process to diligently meet the requirements and urged recipients to conduct their duties with professionalism and excellence to ensure the security and resilience of Ghana’s critical infrastructure.
Dr Antwi-Boasiako also mentioned the newly launched Industry Forum under Section 81 of Act 1038, which provides a platform for stakeholders to share ideas, shape policy, and enhance industry standards. He encouraged recipients to actively participate in this forum.
To improve the regulatory process, the CSA has inaugurated Independent Assessors to support the execution of relevant regulatory activities. These accredited Cybersecurit
y Professionals will conduct site inspections, cybersecurity audits, and assist in research and development. Their role includes providing expert assessments and recommendations while ensuring impartial evaluations. Dr Antwi-Boasiako appealed to all stakeholders to cooperate with these assessors as they work collaboratively with the CSA.
The CSA remains committed to enforcing the provisions of the Cybersecurity Act regarding its mandate to regulate CSPs, CPs, and CEs, ensuring compliance to the fullest extent of the law. Institutions and individuals are urged to engage only with licensed CSPs and accredited CEs and CPs for their own interest and that of the state.