The Cyber Security Authority (CSA) has announced that the deadline for the licensing and accreditation of cybersecurity service providers (CSPs), cybersecurity professionals (CPs), and cybersecurity establishments (CEs) has been extended.
The original deadline of September 30, 2023, has been moved to December 31, 2023.
This move is meant to allow industry players who have not commenced the process to do so in compliance with the Cybersecurity Act 2020 (Act 1038).
In a statement, the CSA explained that the extension was in line with its collaborative approach to regulate the industry and create an enabling and vibrant ecosystem for the development of the industry.
The CSA urged applicants who had registered on the CSA’s licensing and accreditation portal but were yet to submit completed applications to take advantage of the new timeline and do so within this period of extension.
Ghana is the first country in Africa and the second in the world after Singapore to establish a regulatory framework to license the cybersecurity sector.
The aim is to provide a streamlined mechanism for ensuring that CSPs, CEs, and CPs offer their services in accordance with approved standards and procedures in line with domestic requirements and international best practices. This will also provide greater assurance of cybersecurity and safety to consumers while addressing national security concerns.
The CSA held a series of sensitization activities ahead of the implementation, including public consultation sessions with key stakeholders such as academia, industry, civil society and the government, to solicit input on the regime. The regulatory body is also collaborating with other stakeholders to ensure compliance.
For instance, at a recent joint press conference between the CSA and the Public Procurement Authority (PPA), the two institutions joined forces to ensure that entities procuring cybersecurity services did so in accordance with the guidelines developed pursuant to Act 1038.
The regulation also applies to covered entities that engage licensed cybersecurity service providers, cybersecurity establishments, and cybersecurity professionals in performing cybersecurity-related functions.
The regulatory framework is in tune with Section 2 of the Public Procurement Act to guarantee that public procurement is done in a fair, transparent, and non-discriminatory manner as required by law.
