With the advancement of technology, there is a greater need for individuals and nations to align accordingly.
The area of data protection and privacy is something that cannot be overlooked.
As the world marks International Day for Data Protection and Data privacy, the issues highlighted below are some of the most important things that should be given serious attention;
1. The purpose of this day is to raise awareness and promote privacy and data protection best practices. It is a day proposed by the Council of Europe to be celebrated, following the adoption of the Convention for the protection of Individuals with regard to Automatic Processing of Personal Data, and the emergence of the Budapest Convention on Cybercrime which Ghana signed unto in 2018.
2. Today should remind all of us in Ghana, especially policymakers, government, and private stakeholders of the multiple threats that confront Ghana on issues of cybercrime, cybersecurity, data protection, and data privacy. Our cyber resilience, should as a matter of urgency become a national security priority.
3. In 2018, the Bank of Ghana banking cyber fraud report revealed that cyber fraudsters steal or attempted to steal 325.9 million Ghana Cedis (61.5 million US Dollars) from financial institutions operating in Ghana. In 2019, the report indicated that 2,295 fraud cases were identified involving an amount of 115.52 million cedis.
4. The Government’s recent digitization drive has further broadened Ghana’s Cyber Attack Vector Surface. The effort on the digitization of the economy could be counterproductive and become a mirage if attention is not concurrently paid to cybersecurity capabilities. The blacklisting of Ghanaian addresses on a number of international digital financial and payment platforms derives from our current substantial level of cyberspace vulnerability.
5. Ghana’s risks assessment provides an indication to the fact that the nation is currently confronted with existing and potential substantial cyberspace risks and challenges for which prevention and mitigation capabilities have to be reinforced and re-shaped by government in order to build adequate resilience to the cybersecurity threats and vulnerabilities. Cybercrimes such as identity theft, internet and credit card fraud, business scams, lottery scams, hacking, phishing, spreading hate messages, and inciting extremism, grooming, and distribution of child pornography have become common within the cyberspace of Ghana.
6. Cyber Security and National Security go hand in hand. Cyber intelligence operations must be considered as an integral part of the national security set up. This should not be focused on only cybercriminals but possible intrusions and attacks by nation-states as well. Cyber has become a means of espionage by many advanced and superpower countries across the globe to spy on other countries, which ultimately threatens the national security and sovereignty of those countries.
7. Ghana’s cybersecurity capabilities should therefore be aimed at developing the requisite technical capacity to Assess, detect, protect and respond. The capabilities should be developed under the broader five pillars (Legal, Technical, Organisational, Capacity and Cooperative) as recommended by the International Telecommunication Union (ICU).
8. It is my hope that the recently passed Cybersecurity Act, 2020 will contribute significantly to providing an effective governance structure to arrest the cyber threats to some extent, while at the same time providing a technical mechanism to confront the challenges.
The writer, Richard Apau, is a Cyber Security and Digital Forensics Expert. He is a Ph.D. Computer Science Candidate specializing in Data and Information Security. He holds BSc Computer Science and M.Phil Computer Science degrees, as well as MSc Cyber Security and Management from the University of Warwick, UK. Rich4u34@yahoo.com