The Director-General of the Cyber Security Authority, Dr. Albert Antwi-Boasiako, has urged civil servants to remain vigilant in light of digital threats amidst the country’s ongoing digital transformation.
While acknowledging the government’s efforts in implementing various digital initiatives over the years, Dr. Antwi-Boasiako cautioned about potential threats if not managed effectively.
Speaking at a public lecture themed ‘Combating Threats to Sub-Regional Peace and Security: Prospects of the Civil Service,’ held as part of the events commemorating the 2024 Civil Service Week and the 2023 Awards Ceremony, Dr. Antwi-Boasiako stressed the significance of empowering civil servants with the requisite knowledge and skills to navigate the digital space securely.
“We also have some expectations at the ministries to improve the state of our cybersecurity. We call this cyber hygiene. How are we handling Government data? Now it’s not just the confidential memos that you keep in a confidential registry. But there are a lot of things that are being transmitted through e-mails, WhatsApp, and others. What is the state of protection?”
- The Cyber Dimension of Our Society: An Emerging Cyber-Centric State
- He said “we find ourselves at the forefront of a digital revolution that is reshaping the very fabric of society and transforming the way we live, work, and govern. In this era characterised by unprecedented connectivity and technological advancement, the role of the public sector in building a cyber-centric future for Ghana has never been more crucial”.
- For us as a nation, at the heart of this revolution is the Digital Ghana Agenda, a comprehensive initiative aimed at leveraging technology to accelerate the country’s socio-economic development. This has led significantly to the implementation of national flagship digitalisation projects, including the Mobile Money Interoperability, a Universal QR Code (GhQR) Payment System, the National Identification System, and the e-Passport Application System.
- Importantly, the private sector has equally witnessed widespread adoption of digital innovations, especially in the finance sector. Our rapidly evolving financial technology (fintech) ecosystem, which is heavily payment-driven, has deployed innovations in the design, delivery and access to financial services to drive financial inclusion especially for the unbanked and underbanked populace in remote communities within the country.
- According to research by Boston Consulting Group, Ghana ranked third among countries with a high mobile payment adoption rate, following closely behind China and Kenya.
- Statistics further indicate that as of January 2024, the internet penetration rate in Ghana stood at 69.8 percent, representing 24.06 million internet users placing the country in fourth place in Africa after Algeria, Egypt, and Cape Verde.
- Global analytics and business intelligence platform, Statista, recently reported that as of January 2024, the country had 7.4 million registered social media users, compared to 6.6 million the previous year.
- The Risks Posed by Cyber-Attacks in the Public or Civil Service.
- While digitalisation keeps bringing remarkable economic and social benefits to the global population, there are inherent risks and potential operational gaps which when exploited by malicious actors, could have detrimental effects on individuals, businesses, societies, and nations at large.
some common risks:
- Data Breaches: Public sector organisations often hold sensitive information about citizens and the State, including personal, financial, and health data. A cyberattack could lead to unauthorised access to this data, resulting in breaches of privacy and confidentiality.
- Service Disruption: Cyber attacks such as Distributed Denial of Service (DDoS) attacks can disrupt government services and operations. This can affect essential services such as healthcare, transportation, and utilities, leading to financial losses, inconveniences and potential harm to citizens.
- Financial Losses: Cyber attacks can result in financial losses due to theft of funds, fraudulent transactions, or ransom demands. These losses can impact the government’s ability to deliver services effectively and may require significant resources to recover from these losses.
- Reputation Damage: A successful cyber attack can damage the reputation of public sector organizations, eroding public trust and confidence. This can have long-term consequences for the legitimacy and effectiveness of government institutions.
- National Security Concerns: Cyber attacks targeting critical infrastructure or sensitive government systems may have implications for national security. They could potentially disrupt essential services, compromise defence capabilities, and facilitate espionage by foreign actors.
- Supply Chain Risks: Public sector organisations rely on various suppliers and contractors for goods and services. Cyber attacks targeting these third-party vendors can indirectly impact government operations and expose sensitive information.
- Ladies and gentlemen, addressing these risks requires a comprehensive approach to cybersecurity, including robust technical controls, employee training, incident response plans, and collaboration with other stakeholders in the public and private sectors.
- Why Cyber Security Development?
- Cybercriminals are seizing every opportunity to exploit vulnerabilities against people, businesses, and organisations, causing grave impacts on the confidentiality, integrity, and availability of systems and networks.
- Studies have shown that the increased reliance on the internet has created more risks and vulnerabilities with new possibilities and channels for cyber-attacks.
- In recent years, there have been major cyber incidents that have significantly impacted businesses worldwide, including financial institutions and other critical information infrastructure.
- According to data from Statista, the FBI, and the IMF, the global cost of cybercrime is set to balloon from US$8.44 trillion in 2022 to US$23.84 trillion by 2027.
- The cost of cybercrime continues to soar, with the global economy projected to lose over $6 trillion annually by 2025, as reported by Cybersecurity Ventures, a prominent industry research organisation.
- In Ghana, the monetary impact of cybercrime is equally staggering, with recent estimates suggesting that our economy loses millions of dollars each year to cyber attacks and digital fraud.
- Data from the National Computer Emergency Response Team
- Records retrieved from the National Computer Emergency Response Team of the Cyber Security Authority (CSA) indicate that, prominent internet-based criminal activities are in the areas of online fraud (35%), online blackmail (20%), unauthorized access (30%), online impersonation (8%), and cyberbullying (1%).
- Disturbingly, the total amount lost by victims in 2023 alone stood at GHS 59,925,837.
- It would interest you to know that between January and April this year, GHS 10, 765,647 have been lost. These are reported figures to the CSA alone.
- Ghana has experienced its own share of cyberattacks, with several organisations, including designated critical information infrastructure, having been compromised with losses running into millions of dollars.
- Sadly, in 2020, the COVID-19 pandemic served as a catalyst for cybercrime, with a staggering 600 percent increase in cyberattacks reported globally. As organisations and individuals rushed to adapt to remote work and online communication, cybercriminals seized upon vulnerabilities in our digital infrastructure, exploiting weaknesses for financial gain and malicious intent.
- Ladies and gentlemen, these unfortunate developments underscore the urgent need for action to strengthen our cyber defences and fortify our digital infrastructure against evolving threats. It also paints a stark picture of the challenges we face in safeguarding our digital infrastructure and protecting our citizens from the ever-evolving threat of cybercrime.
- However, they also serve as a rallying cry for action, inspiring us to redouble our efforts to build a cyber-resilient civil service that can help to shape and implement policies to confront these challenges head-on.
- Civil servants as facilitators of resilience
- As civil servants, you bear the solemn responsibility to safeguard the interests of our nation and to protect the welfare of our citizens in the digital realm.
- The mission of the Civil Service, as stated in the Civil Service Act, 1993 (PNDC Law 327), “is to assist the government in the formulation and implementation of government policies for the development of the country.” So as civil servants, it behoves you to embrace digital literacy as a fundamental skill for the 21st century, especially at this point in the country’s history, where we have embraced digitalisation. As part of this digital literacy, I will also urge you to be champions of the cybersecurity agenda for the protection of critical systems in the country in the interests of our people.
- Against this backdrop and as spelled out in your mandate, you must play a facilitating role by ensuring a secure and resilient digital Ghana, taking charge and understanding the digitalisation agenda of the country, and ensuring effective implementation of protocols needed to safeguard our digital systems.
- In a similar manner, with technology permeating every aspect of our lives, it is essential that our civil servants are equipped with the necessary skills to navigate the digital landscape safely without becoming threats to the cyber ecosystem. You have a responsibility to understand cyber attacks and how they manifest, thus, the basic cybersecurity tips must be at your fingertips.
- Ladies and gentlemen, it is noteworthy that the current absence of a cyberattack on your institution does not guarantee immunity in the future. It is therefore imperative that we become proactive agents of resilience, by advocating for the implementation of comprehensive measures by the State and our institutions to effectively recover from potential cyber attacks.
- The Role of the Civil Servant in Achieving a Cyber-centric System
- As civil servants you must champion a culture of cybersecurity within your respective institutions. This entails not only implementing robust cybersecurity measures and protocols but also fostering a mindset of vigilance and resilience in the face of emerging cyber threats.
- The Cyber Security Authority (CSA) has been at the forefront of this effort, working closely with government agencies and the private sector to enhance cyber defences and promote a culture of cyber hygiene and best practices.
- Through initiatives such as the National Cyber Security Awareness Month (NCSAM), the CSA is working with stakeholders to raise awareness about the importance of cybersecurity and to empower Ghanaians to protect themselves against cyber threats.
- Furthermore, you, as civil servants, must lead by example by building your capacity in cybersecurity and practicing cyber hygiene in your personal and professional lives. This requires a willingness to embrace modern technologies, adapt to new and safe ways of working, and collaborate across departments to harness the power of technology to deliver better services to our citizens.
- Ladies and gentlemen, the civil service must prioritise transparency and accountability in the digital age. As custodians of public trust and stewards of taxpayer funds, civil servants have a duty to uphold the highest standards of integrity and ethical conduct in their use of technology. This means ensuring that data privacy is safeguarded, that government systems are resilient to cyber attacks, and that citizens have access to accurate and timely information online.
- In conclusion, building a cyber-centric public sector in Ghana requires the collective effort of all civil servants. By embracing digital literacy, championing cybersecurity, leading digital transformation, and upholding transparency and accountability, civil servants can help pave the way for a more secure, efficient, and inclusive government that harnesses the full potential of technology to serve the needs of all Ghanaians.