The
Bank of Ghana (BoG) and the Cyber Security Authority (CSA) met on Tuesday, 21st
June 2022 at the BoG Head Office in Accra, to discuss collaborative ways to
improve cybersecurity in the banking sector and to discuss various ways of
collaborating to implement the Cybersecurity Act, 2020 (Act 1038).
The
discussions were led by the First Deputy Governor of BoG, Dr. Maxwell
Opoku-Afari and the Acting Director-General of CSA, Dr. Albert Antwi-Boasiako.
The
Bank of Ghana highlighted the proactive measures taken by the Bank prior to the
promulgation of Act 1038, to address cybersecurity challenges in the banking
sector.
The
most notable of these initiatives was the issuance of the Cyber and Information
Security Directive (CISD) in the year 2018 to regulate cybersecurity related
activities in the banking sector. In 2021, the Bank established the Financial
Industry Command Security Operations Centre (FICSOC), to provide real-time
visibility into cyber threats and attacks targeting the banking sector.
The
Parties recognised the importance of securing information assets in the banking
sector which have been designated as Critical information Infrastructure,
pursuant to Section 35 of Act 1038.
They
also recognised that the CSA is a designated security sector institution and
that, elements of cybersecurity in the BoG’s activities are considered national
security issues. The Parties also recognised that under Section 3(c) of Act
1038, CSA has oversight of BoG’s Critical Information Infrastructure in respect
of cybersecurity activities.
After
successful deliberations, the BoG and the CSA agreed to collaborate more
closely on cyber and information security related matters and to provide each
other with all the necessary assistance for the efficient performance of their
respective functions.
The
meeting concluded with a Joint Statement outlining the areas of cooperation; to
improve information sharing and to increase awareness for the benefit of the
stakeholders of the BoG and the CSA.
The BoG and the CSA reaffirmed their commitment to work together and agreed to:
Improve collaboration and timely information flow to facilitate incident
reporting and information sharing on cybersecurity issues, pursuant to Section
44 of Act 1038;
Collaborate
to interrogate and review the existing CISD 2018 to align with Act 1038; The
CSA will pay a working visit to the FICSOC as BoG and the CSA seek to promote
cybersecurity incident response and coordination;
BoG
will continue to be a key member of the Joint Cybersecurity Committee (JCC), pursuant
to Section 13 of Act 1038; Going forward, the CSA will rely on the BoG for
timely provision of information on cybersecurity incidents relating to the
banking sector;
Leverage
on the National
Cyber Security Awareness Month in October, to organise
programmes that will benefit the stakeholders of the BoG and the financial
sector at large; and
Develop
a framework and execute a Memorandum of Understanding to guide the Parties on
the major areas of collaboration.
Source:3news