Do not operate in Ghana if you are unlicenced - Cyber Security Authority warns as it bars unaccredited entities
In a statement Thursday, the Authority said the directives follow the lapse of the December 31, 2023 deadline to have entities obtain a licence in line with the Cybersecurity Act, 2020 (Act 1038).
The Cyber Security Authority (CSA) beginning January Ist, has barred unlicensed Cybersecurity Service Providers (CSPs), Cybersecurity Establishments (CEs), and Cybersecurity Professionals (CPs) from operating in Ghana.
In a statement Thursday, the Authority said the directives follow the lapse of the December 31, 2023 deadline to have entities obtain a licence in line with the Cybersecurity Act, 2020 (Act 1038).
“The CSA will fully enforce the provisions of the Cybersecurity Act 2020 (Act 1038) regarding its mandate to regulate CSPs, CPs, and CEs. Accordingly, CSPs, CPs, and CEs who offer cybersecurity services without a licence or accreditation granted by the Authority do so in contravention of Act 1038 and will face the full rigors of the law including criminal prosecutions and administrative penalties where applicable,” the statement added.
In addition, the CSA said it would be collaborating with the Public Procurement Authority (PPA) to ensure that public sector entities procuring cybersecurity services do so in accordance with the guidelines developed pursuant to Act 1038.
"Stakeholder engagement since October 2022, the CSA has been engaging all relevant stakeholders including cybersecurity service providers, establishments and professionals on the regulatory regime by deploying different communication strategies.
"There have been more than 30 different industry engagements, leading to the introduction and implementation of the licensing and accreditation regime provided in the Cybersecurity Act, 2020."
