The Bank of Ghana (BoG) and the Cyber Security Authority (CSA) have pledged to collaborate to improve cybersecurity in the banking sector.
A statement issued by the BoG said the two organisations made the pledge when they met in Accra last Tuesday to discuss various ways of collaborating to implement the Cybersecurity Act, 2020 (Act 1038).
The statement said discussions were led by the First Deputy Governor of BoG, Dr Maxwell Opoku-Afari and the Acting Director-General of CSA, Dr Albert Antwi-Boasiako.
It said Dr Opoku-Afari highlighted the proactive measures taken by the Bank before the promulgation of the Cybersecurity Act to address cybersecurity challenges in the banking sector.
The statement said he mentioned the issuance of the Cyber and Information Security Directive (CISD) in the year 2018 to regulate cybersecurity-related activities in the banking sector.
“In 2021, the Bank established the Financial Industry Command Security Operations Centre (FICSOC), to provide real-time visibility into cyber threats and attacks targeting the banking sector,” the statement quoted Dr Opoku-Afari, as saying.
The statement said the two organisations recognised the importance of securing information assets in the banking sector which had been designated as Critical Information Infrastructure, pursuant to Section 35 of Act 1038.
It said they recognised that the CSA is a designated security sector institution and that, elements of cybersecurity in the BoG’s activities are considered national security issues.
The Parties also recognised that under Section 3(c) of Act 1038, CSA has oversight of BoG’s Critical Information Infrastructure in respect of cybersecurity activities.
After successful deliberations, the BoG and the CSA agreed to collaborate more closely on cyber and information security-related matters and to provide each other with all the necessary assistance for the efficient performance of their respective functions.
The meeting concluded with a Joint Statement outlining the areas of cooperation; to improve information sharing and increase awareness for the benefit of the stakeholders of the BoG and the CSA.
Improve collaboration and timely information flow to facilitate incident reporting and information sharing on cybersecurity issues, pursuant to Section 44 of Act 1038.
Collaborate to interrogate and review the existing CISD 2018 to align with Act 1038.
The CSA will pay a working visit to the FICSOC as BoG and the CSA seek to promote cybersecurity incident response and coordination.
BoG will continue to be a key member of the Joint Cybersecurity Committee (JCC), pursuant to Section 13 of Act 1038.
Going forward, the CSA will rely on the BoG for the timely provision of information on cybersecurity incidents relating to the banking sector.
Leverage on the National Cyber Security Awareness Month in October, to organise programmes that will benefit the stakeholders of the BoG and the financial sector at large.
Develop a framework and execute a Memorandum of Understanding to guide the Parties on the major areas of collaboration.