First Deputy Governor of the Bank of Ghana, (BoG), Dr Maxwell Opoku-Afari, has stated that the Government of Ghana acknowledges the risk cyberattacks and cybercrimes poses to vital data infrastructure in addition to the harm it may possibly trigger to the belief and confidence within the monetary system.
As a end result, he stated, the Government responded swiftly by means of regulatory measures such because the Data Protection Act, 2012 (Act 843) and the Cybersecurity Act, 2020 (Act 1038), in addition to supporting directives and different associated laws to implement provisions of the regulation throughout all sectors of
the economic system.
The Data Protection Act, 2012 (Act 843) acknowledges an individual’s proper to guard and safeguard their private information and the Act units out eight (8) fundamental rules for these establishments who management information to implement measures to guard the rights of knowledge topics and safeguard their private data.
“At the same time, the new Cybersecurity Act, 2020 (Act 1038): makes provision for the protection of Critical Information Infrastructures in the country including information under the control of the financial sector which is identified as a prime sector. Section 44 of the Cybersecurity Act, 2020 (Act 1038) further provides the legal basis for BoG to lead the Sectoral Computer Emergency Response Team (CERT) for the financial sector, and I must say that as far as this is concerned work has already
started to ensure the deployment of a security setup that provides realtime visibility into cyber threats and attacks targeting the financial sector,” ” he stated throughout the official launch of the National Cyber safety consciousness month on Friday October 1.
He added “Given the rising spate of cyber-attacks on the Financial sector worldwide, which has change into extra frequent with
sophistication in current instances, and given the truth that our monetary sector has additionally had its justifiable share of those assaults, The Bank of Ghana, way back to October 2018 took actionable steps to problem the Cyber and Information Security Directive in a bid to reinforce and defend the safety of this vital sector of our economic system.
“The Directive, on the time was geared toward making a safe atmosphere inside the our on-line world for the monetary providers business and thus serve to generate satisfactory belief and confidence in Information Communication and Technology (ICT) methods. Following the issuance of the Directive, the Bank of Ghana has launched many initiatives to strengthen and safe the knowledge safety structure of the banks, to make sure the methods on the banks are sturdy and resilient. Mr Chairman, allow me at this stage to checklist a couple of of the actions we’ve taken on this regard: The Bank of Ghana has labored collaboratively with the industrial
banks to satisfy the governance necessities of the Directive, that’s, appointments of Board Committee on Cyber and Information Security with a transparent Charter; project of Director of Cyber and Information Security (DCIS); and appointment of Chief Information Security Officers (CISOs),
b. Banks have been reporting their cyber and data safety incidents to the Bank of Ghana on month-to-month foundation.
c. The Bank of Ghana continues to have periodic engagement with member banks to make clear elements of the Directive.
d. The Bank of Ghana, by means of the Directive, has facilitated safer digital transformation with the adoption of cloud applied sciences.
e. So far, the Bank of Ghana has ready a banking sector Cyber and Information Security tips to guard shoppers and create a safer atmosphere for on-line and e-payments merchandise. Among others, the rules search to create a safe atmosphere for transactions inside the our on-line world and assure belief and confidence in ICT methods; present an assurance framework for the design of safety insurance policies in compliance to world safety requirements and greatest practices by means of cyber and data safety assessments, and defend banks, clients and shoppers towards the doubtless devastating penalties of cyber-attacks.
