Ghana IGF 2016

18 August 2016AITI-KACE

Curbing the Cyber Menace

BYKENNETH ADU-AMANFOH, DEPUTY DIRECTOR, IT, NCA

01/05/2023

2Agenda

Introduction: Ghana’s Connectedness Challenges in cyberspace National Cyber Security Policy & Strategy Special Interventions Security Governance Initiative

Ghana’s Cyberspace Today

Market No. of Subscribers

Percentage

Voice 31,028,253  115.64%Data 16,106,218 59.78%Source: National Communications Authority, March 2015 Statistics

01/05/2023

3

Ever Expanding

ICT infrastructur

e

Six Network Operators

Government Network

Infrastructure

5 Submarine Cables with over

12.3 Tbps

State of art Tier III National Datacenter

Eastern Corridor Fiber and Private

Operator national fiber

optics backbone criss-crossing

Vibrant Ghana IXP operated by

GISPAE-government InitiativesCashless BankingSocial CommunicationE-Commerce DevelopmentsOther Cyber Developments

Many Interactions based on Improving Infrastructure

Hacking

Social Engineering

Attacks (Phishing,

Identity Theft, etc.)

Botnets/Malware Attacks

Insider ThreatsChild Online Safety

Cyber Fraud

Data Breaches

01/05/2023

4Interaction open to Cyber attacks

01/05/2023

5

Person Specific• Consumer User• Corporate user

Device Specific• Telephones• Wireless Cell Devices• Personal Digital Assistant (PDA)

Network Specific• Wireless Carrier’s Transport• Local Area, Metropolitan Area and Wireless Area• Internet

Targets of Attacks

01/05/2023

6

Level 1:Home and Small Business users

Level 2: Large Enterprise Users

Level 3: Critical Sectors

Level 4: National Priorities

Level 5: Global

Levels of Protection Required

01/05/2023

7CNII Sectors - Ghana1.National

Defense and Security

2. Banking and Finance

3. Information and

Communications

4. Energy

5. Transportation

6. Water

7. Health Services

8. Government

9. Emergency services

10. Food and Agriculture

01/05/2023

8Ghana’s Draft Policy & Strategy

Effective Governance

Legislative & Regulatory Framework

Cyber Security Technology Framework

Culture of security and Capacity Building

Research & Development towards Self-Reliance

Compliance and Enforcement

Child Online Protection

Cyber Security Emergency Readiness

International Cooperation

01/05/2023

9Special Initiative 1:

National Cybersecurity Awareness Program

Program to train different stakeholders on different aspects of cyber security with the intent of helping them provide a reasonable security consummate with the risks to avoid incidences of cyber attacks.

Will take the form of identification, need assessment, training and evaluation of different sets of stakeholders.

The program will include a cyber security awareness portal that will establish a permanent awareness campaign on the internet

01/05/2023

10Special Initiatives 2:

Computer Emergency Response Teams

Establishment of National Computer Emergency

response Team (CERT-GH)

Established with support

ITU/IMPACTIn August 2014

In January 2015 11 Government website defaced

but brought under control

with 24 hours by CERT-GH

Sharing Alerts and Advisories

with constituents to proactively

improve security of systems

01/05/2023

11Special Initiative 3:National Cyber Security Centre

• Defines, communicates and updates (when necessary) the national cyber security programs to all the CNII.

National Cyber Security Policy Implementation:

• Closely coordinates cyber security initiatives of various key Agencies and organizations in Ghana. National Coordination:

•Promote and facilities formal and informal mechanism for information sharing across the CNII. This includes promoting cyber security awareness, training and education programs to grow the competency of information security professionals and the industry as a whole.

Outreach:

•Facilitiate the monitoring of compliance to cyber security policies and standards across the CNII. Compliance Monitoring:

•Assesses and identifies cyber security threats exploiting vulnerabilities and risks across the CNII. Risk Assessment:

•Assist the National Cyber Security Council in all its function activities and help industry to test its emergency plans Support:

•Contribute to application of international standards on cyber security as well as on accreditation and certification of ICT infrastructure, services and suppliers. Contribution:

01/05/2023

12Information Sharing - Public Private Info Sharing

01/05/2023

13Ghana USA Security Governance Initiative

US Government support to build cyber security and cybercrime capacity of :- National CERT- Law Enforcement & Judiciary- Government IT Employees - Network Operators Signed in February 2016- Program kicking off soon

01/05/2023

14Way Forword - Questions for discussion

What Interventions must be put in place to curb arising Incidents of attacks?

What are different Stakeholders doing to curb Cyber Security? What are best practice for Public Private Partnership in the fight

against? Cybercrime ? What capacity build is needed to make this happen?

Thank youKENNETH.ADU-AMANFOH@NCA.ORG.GHWWW.NCA.ORG