ITU ranks Ghana as role model­ for cybersecurity

The International Telecommunication Union (ITU) has ranked Ghana as a Tier One entity on the 2024 Global Cybersecurity Index (GCI) which was released last Friday.

The country scored 99.27 per cent on the index, the second highest score by an African country, after Mauritius.

Ghana’s placement in the Role Modelling category signifies that it is a leader in cybersecurity practices, serving as a benchmark for other nations.

The country is also one of five African countries to achieve the Tier One Role Modelling status among 46 countries worldwide that fall in the category.

The new five-tiered ranking system categorises countries into different tiers based on their cybersecurity measures, with major sub-Saharan countries such as Nigeria and Cameroon currently in Tier Three, indicating that they are still establishing key cybersecurity initiatives.

Tier One, the highest ranking in the five-tiered system which categorises the country as “Role Modelling” on the index, is followed by Tier Two, – Advancing; Tier Three – Establishing; Tier Four– Evolving, and Tier Five – Building.

The status is crucial as it highlights Ghana’s advanced cybersecurity framework and its ability to set a high standard for others to follow, setting the basis for sustained cybersecurity activities to protect and secure Ghana’s fledgling digital ecosystem.

Context
The GCI evaluates countries across five strategic pillars: Legal Measures, Technical Measures, Organisational Measures, Capacity Building and Cooperation.

The score of 99.27 per cent indicates that Ghana improved upon its ratings under the different pillars compared to the 2020 GCI rankings in which Ghana secured 86.69 per cent, placing it third in Africa after Mauritius and Tanzania.

Score contributors
The Director-General of the Cyber Security Authority (CSA), Dr Albert Antwi-Boasiako, commenting on the feat, said the country’s role model status was a testament to its leadership in several key areas.

He mentioned areas other countries were learning from Ghana to include the Cybersecurity Act, 2020 (Act 1038), which remained the benchmark legislation for the global south.

Dr Antwi-Boasiako said the implementation of key provisions of the law, including licensing and accreditation of cybersecurity service providers, establishments, and professionals, had made Ghana the second country in the world to implement such industry protocol.

He also mentioned the Protection of Critical Information Infrastructure (CII), which had been safeguarding critical systems essential to the digital economy, among other things, developing and operationalising a risk management framework for CIIs and government digitalisation initiatives and coordinating crisis management.

Also, the Director-General said the Joint Cybersecurity Committee (JCC) and the soon to be launched Industry Forum which were activities pursuant to section 81 of Act 1038, exemplified effective institutional arrangements for coordination between public and private sectors in addressing cybersecurity challenges.

Dr Antwi-Boasiako said the National Cybersecurity Policy and Strategy had also been revised to provide a clear direction and implementation plan for the country’s cybersecurity development.

The institutionalisation of the Annual National Cyber Security Awareness Month, the Director-General said, was an initiative which reflected Ghana’s commitment to enhancing cybersecurity awareness and skills.

That was closely supported with other capacity-building efforts for law enforcement, public and private sector institutions and academia, he added.

The country’s cybersecurity architecture had also developed the Computer Emergency Response Team (CERT) ecosystem to promote incident response and coordination, while Cybercrime/Cybersecurity incident reporting points of contacts (PoCs) had been developed, with the issuance of monthly public alerts to guide the public.

Dr Antwi-Boasiako added that Ghana had been recognised as a hub for training and capacity building for the sub-region by entities such as the European Union, Council of Europe (COE), the World Bank and ECOWAS.

“Ghana has hosted numerous international capacity-building programmes and contributed to global cooperation efforts by sharing knowledge and experience on platforms like the World Bank, the World Economic Forum and Global Cybersecurity Forum,” he added.

The CSA Director-General stated that the country had also ratified the Second Additional Protocol to the Budapest Convention and other international cooperation engagements and significantly contributed to the adoption of the recent UN Convention on Cybercrimes.

On child online protection, Dr Antwi-Boasiako indicated that the framework had been reviewed and a National Cybersecurity Challenge established which exemplified Ghana’s dedication to protecting children online.

Commitment
“This achievement reflects Ghana’s unwavering commitment to securing its cyberspace and ensuring a resilient digital infrastructure,” the Director-General said.

Dr Antwi-Boasiako stressed that the collective efforts of the government through the Ministry of Communications and Digitalisation, the Joint Cybersecurity Committee (JCC), and other public and private sector stakeholders, had been crucial in reaching the milestone.

“Ghana’s Tier One status signifies that it is a role model in global cybersecurity practices, showcasing proactive measures and leadership in the cybersecurity domain,” Dr Antwi-Boasiako stated.

He said the country’s leading position underscored the need for continued attention to areas such as capacity development, which remained crucial for sustaining the progress made.

“Despite scoring highly in four out of five areas, Ghana’s score in capacity development reflects a need for increased funding and support in both public and private sectors to enhance overall cybersecurity capacity development,” Dr Antwi-Boasiako stated.

About index
The GCI is a critical benchmark used globally to evaluate countries’ commitment to cybersecurity.

It provides a comprehensive, evidence-based assessment of cybersecurity measures, policies, and practices, offering a valuable tool for countries to assess their progress and identify areas for improvement.

Source: graphic.com.gh