Maritime Risk Intelligence Blog

Cyber Security Act key in safeguarding Ghana’s maritime industry

Written by Ghana Web | November 2, 2021 at 8:00 AM

The Director in Charge of Legal at the Ministry of National Security, Osei Bonsu Dickson Esq. has indicated that the maritime industry stands to benefit greatly from the newly passed landmark Cybersecurity Act 2020, Act 1038.

Speaking on Eye on Port, Osei Bonsu Dickson, who is also the coordinator for the Security Governance Initiative explained that with modern maritime industry inextricably tied to information technology use, it automatically stands prone to cybercrime.

He said with e-based transactions on the ascendancy in the maritime and shipping industry to promote operational efficiency and increased profitability, it is imperative for players in this sector to concern themselves with cyber security matters.

Mr. Dickson articulated that, “with increased dependence comes increased vulnerability. So, there is a reason to be worried. If you pick shipping for example, navigation has migrated to a digital space. Port efficiency and effectiveness has been achieved by leveraging on things like the paperless initiative and other operations and processes that rely on e-transactions.”

The National Security official however revealed that the new Cyber-Security Act provides resilience against potential cyber incidents recommending key response mechanisms.

He said, “the Cybersecurity act tries to create a number of sectorial CERTS, which stands for Computer Emergency Response Teams. There is the National CERT, and we have sectorial CERTS. Here, entities that have been designated as CII have a 24-hour duty to report any significant cyber incident that happens to them to the Cybersecurity Authority.”

The Ghana’s Cybersecurity Act, 2020 (Act 1038) was passed by the Parliament of Ghana on November 6, 2020 and assented by President Akufo-Addo into law on December 29, 2020. It is a 68-page document made up of 100 sections and 3 schedules. The sections are grouped into 18 different subject headings.

This act has become necessary because of the rapid digitalization of the Ghanaian economy, coupled with the high rate of cyber-crimes and other cybersecurity incidents in the country, and the world, at large. The act will promote the development of cybersecurity and regulate cybersecurity activities in Ghana. It focuses on the protection of Ghana’s Critical Information Infrastructure.

Osei Bonsu Dickson Esq. also said the Act has enabled the creation of the Cyber Security Authority, which has been given the technical, operational, and legal tools to manage cyber security matters in the country.

He said this among other initiatives has culminated in Ghana being rated third in Cybersecurity proactiveness in Africa only behind Mauritius, and Tanzania.

Also speaking on Cybersecurity, a Research Fellow at the Centre for Strategic and Defence Studies, Africa (CSDS Africa), Jibril Richter Mohammed, disclosed some of the modus operandi of cybercriminals.

“The way the cybercriminals operate is that they can target you through third parties. So, you may have very strong security but the one you deal or trade with does not. In that case, they fix a malware that would create a backdoor system, or what we call man in the middle, to get access to communicate to you purporting to be the trusted client,”’ Mr. Mohammed cited.

He said as technology advances, the varied means of cybercrime expands.

The cyber security consultant proffered some advice for institutions within the industry in order to minimize the risk of cyber incidents.

“Often we leave cyber security to the IT guys because they are perceived to have the technical know-how. The hacker is also mindful of that perception so, he targets for example the receptionist. What organisations need to do is to prioritize cyber security training for all employees. You cannot leave one gate opened and tighten the rest. The cybercriminal only has to get it right one time, and there is catastrophe.”

He said the CSDS offers capacity building programs for individuals and institutions on contemporary cyber security operations to prepare them for the existing war against cybercrime.

Source: Ghana Web