Ghana: 51 Cybersecurity Firms Licensed in Ghana Amid Rising Data Breaches

In a move to strengthen Ghana’s cybersecurity landscape, 51 cybersecurity firms have been granted licenses in accordance with the Cybersecurity Act, 2020 (Act 1038). This initiative, which aligns with sections 4(k), 49, 50, 51, 57, and 59 of the Act, mandates the regulation of cybersecurity activities to ensure that services provided to Ghanaians meet approved standards and procedures.

Albert Antwi-Boasiako, Director-General of the Cyber Security Authority (CSA), emphasized the Authority’s commitment to enforcing compliance among all entities and individuals involved in cybersecurity. He warned that breaches of regulations could lead to severe consequences, including criminal prosecution and administrative penalties.

According to Surfshark, a VPN firm, Ghana was ranked ninth among ten African countries with the most data breaches in 2024. The country recorded a staggering 997% increase in breaches in the first quarter of 2024 compared to the fourth quarter of 2023, totaling 1.2 million breaches. Globally, Ghana ranked 92nd, with over four million breaches recorded since 2004.

One of the most significant breaches occurred in 2021 when the National Service Secretariat (NSS) suffered a massive database misconfiguration that exposed the data of up to 700,000 citizens.

In September 2023, Antwi-Boasiako revealed that cyber fraud incidents had resulted in financial losses totaling $4.33 million between January and June 2023. He noted that these figures only represent reported cases, with the actual amount likely higher due to unreported incidents.

To tackle these cybersecurity challenges, the government has barred unlicensed industry players from operating. As of October 2023, the CSA received 907 licensing and accreditation requests since initiating the process in March.

Additionally, there has been a resurgence in cyberbullying cases related to digital lending apps. By June 2024, 38 digital lending mobile applications were found culpable, with 130 reports of cyberbullying filed.

This licensing initiative is a crucial step in ensuring that Ghana’s cybersecurity framework is robust and capable of protecting its digital infrastructure from growing threats.