Ghana now has a Cyber Security Policy and Strategy that seeks to protect the country from attacks on its cyberspace.
The policy, which was approved by cabinet in 2016, is a road map on what should be done to ensure that the country’s cyberspace is secure.
The policy also talks about issues within the cybercrime law enforcement area which currently is difficult for the law enforcement to implement because of the lack of capacity and necessary tools.
It has, therefore, outlined areas such as building the capacities of law enforcement bodies, as well as the legal fraternity such as the Attorney-General, judges and lawyers to empower them to deal with cybercrime-related issues.
Briefing the Daily Graphic, the Manager of the Computer Emergency Response Team (CERT)-Ghana, Mr Eric Akomiah, explained that the policy was to secure and protect individuals from cyber fraud.
He recalled that in 2003, the Information Communications and Technology for Accelerated Development (ICT4AD) was enacted by Cabinet to govern ICT development in the country.
Mr Akomiah explained that the policy was anchored on 14 pillars which cut across all sectors and what the government could use ICT for.
“Pillar 14 focuses on cyber security, which talks specifically about what government wants to do with law enforcement to improve cyber security,” he explained.
He said in 2008, the Electronic Transaction Act (Act 772), which looked at different aspects of how transactions were done online, including specific legal text on how law enforcement could track criminals and prosecute them, was enacted.
“So in terms of legal infrastructure, we have an elaborate law that has all these things,” he stated, adding that it was that law that the law enforcement agencies were using today to prosecute cyber criminals.
He, however, said the challenge was that most of the law enforcement organisations were not savvy of technology, describing it as “a real challenge.”
Touching on events leading to the development of the policy, Mr Akomiah said in 2011, the Ministry of Communications reviewed the ICT4AD to look at the issues that were lacking in the policy.
“As a result, four things were identified,” he explained, and identified them as cyber security, broadband policy, green ICT and geospatial ICT.
Mr Akomiah said the Ministry of Communications set up technical ad hoc committees in 2011/2012 to work to develop the policy in those areas.
Mr Akomiah said in 2014, the government further set up the CERT to monitor and alert the country of possible attacks or any attacks on the cyber space.
The CERT, he stated, worked to show where there were weakness, “so that we can beef up those areas.”
He said the second intervention was child online protection to ensure that innocent children were not taken advantage of by paedophiles.
Mr Akomiah said because of the urgency of the intervention, the ministry set up a National Steering Committee, which had come up with a framework.