The deadline for obtaining licenses and accreditation for cybersecurity service providers, professionals, and establishments has been extended by the Cyber Security Authority (CSA).
The original deadline for completion was September 30, 2023, but it has now been extended to December 31, 2023. This extension gives industry participants who haven’t started yet the opportunity to comply with the Cybersecurity Act 2020 (Act 1038). The CSA stated that the extension was in accordance with their implementation of a cooperative method to oversee the sector and the desire to establish a supportive and dynamic environment that promotes the growth of the industry. The text implies that the CSA advised individuals who had signed up on the CSA’s licensing and accreditation platform but had not yet finished their applications, to make use of the extended deadline and submit their completed applications within this extended timeframe.
Licensing is the process of obtaining legal permission or authorization to use a particular product, technology, or intellectual property. Ghana has become the premier African nation and the second globally, following Singapore, to initiate a regulatory system for granting licenses in the field of cybersecurity. The intention is to establish an efficient method to guarantee that CSPs, CEs, and CPs deliver their services in compliance with authorized standards and protocols aligned with both national regulations and global standards.
This will also offer consumers more confidence in cybersecurity and safety, while taking into account national security worries. Sensitization refers to the process of becoming more aware or responsive to something.
Before implementing the system, the CSA conducted various activities to raise awareness, which included arranging public consultation sessions to gather feedback from important groups such as academics, businesses, non-governmental organizations, and the government regarding the regulations.
Furthermore, the regulatory organization is working together with other parties involved to guarantee adherence. For example, in a recent joint press conference held by the CSA and the Public Procurement Authority (PPA), both organizations collaborated to guarantee that entities purchasing cybersecurity services comply with the guidelines established under Act 1038.
The rule also mandates that covered organizations must involve licensed CSA cybersecurity service providers, cybersecurity facilities, and cybersecurity experts when carrying out cybersecurity tasks. The regulatory structure aligns with Section 2 of the Public Procurement Act, ensuring that public procurement is conducted in a just, open, and unbiased manner, in accordance with legal requirements.