The Institute of Compliance and Cyber Studies (ICCS), a multi-disciplinary network of researchers, bankers, economists, lawyers and professionals interested in combating cyber-crime and financial related crimes, has expressed concerns about the increased spate of cyber-crime in Ghana.
It has, called for public private partnership to increase public awareness on cyber security issues and create a platform for brainstorming towards the implementation of cyber security guidelines in the country.
Madam Stephanie Agyei Henneh, the Head of Research at the ICCS, made the call at the launch of a cyber insurance survey conducted by the ICCS on the topic: “Patronage of Cyber Insurance: An Emerging Necessity”.
She urged the National Insurance Commission, National Pensions Regulatory Authority, and Securities and Exchange Commission to work collaboratively towards the passage of cyber security directives to guide their regulated institutions, similar to what the Bank of Ghana had done in the banking sector.
She said with the increased in data consumption by businesses and corporate organizations in the country, there was high tendency for their useful data to get to the public domain.
Therefore, internet hackers, who had become more sophisticated, could easily exploit corporate entities’ networks and software vulnerabilities for their evil intentions.
Madam Agyei Henneh underscored the need for insurers to actively develop strategies and invest resources towards building new capabilities and establish partnerships with cyber security firms, as well as solicit experts at home and abroad in order to build a competitive advantage.
Out of the 35 respondents that answered the questionnaires in the cyber insurance survey, it was observed that although the cyber market in Ghana was relatively young, it was growing at a steady pace and, thus, one might be misled into thinking that cyber-crime was not prevalent.
The research revealed that the level of awareness of cyber insurance policies was very low in Ghana, with only nine respondents knowing about the existence of such a policy.
More so, 62 per cent of respondents knew nothing about cyber insurance policies although 26 percent of them claimed their companies had been subjected to a form of cyber-attack in the past, only 14 per cent of them confirmed that their companies had been insured against cyber-crime.
Out of the five respondents who affirmed this, four were in the banking sector and one in the education sector.
Again, 80 per cent of the respondents’ institutions had not purchased a cyber-insurance package. However, most of them had been under a cyber-attack.
The research revealed that 57 per cent of the respondents recommended cyber insurance policies should be made compulsory for corporate entities in Ghana.
The report concluded that majority of the respondent institutions did not have an information security expert, which showed the seriousness of the situation because it increased their risk exposure since there wouldn’t be any expert to advise them on the right procedures to secure their data.
The report revealed that Ghana, Nigeria and Cameroon were among the top 10 cyber-crime countries in the world as published by the Ghana Business News in 2010.
Madam Agyei Henneh outlined some prevalent forms of cyber-attacks as follows: credit card fraud, identity theft, fake gold dealers, and real estate fraud, with Ghana Commercial Bank, Cal Bank and Universal Merchant Bank being the few of the affected institutions in recent times.
She said another comparatively new area being exploited by the cyber fraudsters was mobile money services with reports of fraudulent activities being carried out through the mobile money platforms.
Madam Agyei Henneh, therefore mentioned some interventions government had taken to combat Cyber-crime in the country, including the Electronic Transactions Act (2008), which contained specific legislation on cyber-crime and prescribed punishment for cyber criminals, the Data Protection Act (2012), to ensure protection of private data of government, citizens and businesses.
Additionally, the Ministry of Communications rolled out the Ghana National Cyber Security Policy and Strategy in March 2014, which was formally adopted in 2016, to holistically capture cyber incidences and to secure the cyberspace in Ghana.
Madam Agyei Henneh said the Bank of Ghana published the Cyber and Information Security Directive Document in October 2018, which included a number of directives to be pursued towards securing the cyber space in the financial sector.
“Also, Ghana has signed the African Union Convention on Cyber Security and Personal Data Protection and more recently has acceded to the Budapest Convention,” she added.