Whenever cybersecurity is mentioned, most people think of ethical hacking. However, cybersecurity is broader than this widely held perception. This was revealed at the cybersecurity capacity building workshop organized for selected officers from the Ghana Armed Forces and the Ghana Police Service.
The month of October is celebrated as National Cybersecurity Awareness Month (NCSAM) in Ghana to create awareness and educate citizens on the importance of good cyber hygiene. The Institute of ICT Professionals Ghana (IIPGH) in partnership with digiCAP.gh as part of activities lined in the cybersecurity awareness month organized a one-day cybersecurity workshop with practical sessions for its members on Monday 18th October 2021 at Labadi Beach Hotel, Accra.
Selected IIPGH members from the security services of Ghana participated in the presentation and hands-on training on detecting, tracing, and preventing cybercrime, while other civilian members joined via the Zoom virtual platform. The participants discussed Ghana’s Cybersecurity Act, 2020 (Act. 1038): its implications, and the role of stakeholders. Information Security Governance, Risk & Compliance was also discussed. A hands-on practice session using advanced techniques on how to detect vulnerabilities and how to protect personal and organizational data was carried out to end the full-day workshop.
The workshop, which was moderated by the administrator of IIPGH madam Gifty Mottey, kicked off with brief opening remarks by Mr. David Gowu, the Executive Director of the Institute of ICT professionals Ghana. He shared an overview of the institute, including the activities being carried out by IIPGH in creating awareness and educating the public on cybersecurity. “Since November 2017, we publish articles weekly in the Business and Financial Times (B&FT) newspaper and other online portals with most of our topics focusing on cybersecurity,” Mr. Gowu revealed. He indicated that his organization is already collaborating with the newly established Cybersecurity Authority in raising awareness; capacity building for professionals and other stakeholders. He concluded the institute wants to collaborate with other institutions, especially security services, to promote cybersecurity consciousness in the country.
Mr. Gowu’s opening remarks were quickly followed by a brief presentation by Mr. Mike Loose, Lead Consultant for the digiCAP.gh project being implemented by AFOS Foundation. He touched on the objectives of setting up a skills development program in partnership with the University of Cape Coast (UCC) and IIPGH. “AFOS Foundations is an association of Catholic entrepreneurs and the organization works with industry associations such as IIPGH to promote skills development and entrepreneurship. In Ghana, AFOS is working with UCC and IIPGH to prepare students with practice-oriented ICT programs to prepare them in the areas of data science, application development, and cybersecurity. We are working on adding a third institution soon,” Mr. Loose highlighted.
Ghana’s Cybersecurity Act, 2020: its implications and the role of stakeholders
To raise awareness about the newly passed Cybersecurity Act 2020 (Act 1038) in the National Cybersecurity Awareness Month (NCSAM), the Ministry of Communications and Digitalisation (MoCD) through its newly established agency the Cyber Security Authority embarked on a series of activities with the theme: ‘Ghana’s Cybersecurity Act, 2020: its implications and the role of stakeholders’. To expand on this theme, Mr. Desmond Israel, a seasoned Cybersecurity Consultant & Legal Practitioner, led the first presentation. On the Cybersecurity Act 1038, he showed the 10 converging indicators of the various sections of legislation and mentioned that all the indicators come together to make the Act a comprehensive piece of legislation for effective implementation and enforcement.
Mr. Israel also emphasized that the law makes room for professionals from various domains to effectively deploy their skills in implementing aspects of the Cybersecurity Act 2020. “For example, people think of cybersecurity and all that comes to mind is hacking, however, legal practitioners are required here, data protection and information security professionals are needed, auditors and financial experts have a part to play and of course the security services will need to understand the law and effectively charge offenders or those who break the law,” he intimated.
The legal practitioner concluded that a lot more collaborations will be required by industry professionals to take advantage of the industry forum provision in the new cybersecurity legislative instrument. He recommended that industry players should perform a skills gap analysis of the country’s cybersecurity human resources and come up with capacity building plan that, if implemented, will produce the needed skills in all the areas mentioned in the Cybersecurity Act 2020 (Act. 1038).
Information Security Governance, Risk & Compliance
The second presentation of the workshop focused on information security and was delivered by Mr. Sherrif Issah, an Information Security Governance, Risk & Compliance Expert, and the Communications Director of the Institute of ICT Professionals, Ghana. He engaged the participants through the basic principles of information security and how to conduct a risk assessment. “In risk management, you identify the risk, you analyze the risk and you evaluate the risk. If the assessment is satisfactory, you accept the risk, communicate and monitor,” Mr. Issah explained.
digiCAP Project by AFOS Foundation
After the two presentations on cybersecurity, there was a short break from cybersecurity to demonstrate solutions being developed by students of the digiCAP project. As part of the digiCAP skills development program, students are given special training and encouraged to put these skills acquired into solutions that will help businesses and individuals. The lead facilitator for the digiCAP project, Mr. Wendel Laryea, led the presentation session of the selected students and gave an overview of the applications and solutions developed by the students. The impressive presentation from the first UCC digiCAP cohort reinforced the need to enroll more students in this type of skills development program. Mr. Laryea concluded that the research conducted by IIPGH at the beginning of the project recommended that students be given soft skills training such as communications and presentation skills, critical thinking, and collaborative skills so fresh graduates will be prepared to fit into any type of job when they are out of school.
About digiCAP.gh and AFOS Foundation: DigiCAP.gh is an Information and Communication Technology (ICT) project being implemented by AFOS, the German Foundation for Entrepreneurial Development Cooperation. The project is supported by the Special Initiative on Training and Job Creation, funded by the German Federal Ministry for Economic Cooperation and Development (BMZ) through sequa gGmbH.
Cybersecurity Practice Session–Capture the Flag (CTF)
After the lunch break, participants were ready for the practical session. Laptops connected to the internet were made available to all the attendees present. The CEO and founder of Inveteck Global, Mr. Abu Safian Blay, then led a practical session and engaged over 40 professionals present at the workshop venue with over 145 professionals connected via Zoom virtual application for a hands-on experience. The participants were first taken through how to detect some basic vulnerabilities of websites and followed by a practical test known as “Capture the Flag (CTF)”.
After 3 hours of the practical session, Mr. Richard Kafui Amanfu, the Operations Director of the Institute of ICT Professionals, Ghana mounted the podium for the closing remarks. He took the participants through some activities of the institute and demonstrated the institute’s membership registration process for students, professionals, and corporate organizations. “IIPGH is passionate about ICT skills development. That is why we have practical training in coding for children up to professionals. IIPGH is therefore ready to partner other organizations to expand its training programs to unserved and underserved communities”. Mr. Amanfu concluded.
Before the closing remarks, the Lead Instructor for IIPGH coding and other ICT skills development programs, Mr. Opuni Frimpong, presented a short documentary on the Digital Design and Creative Coding Hub project. He narrated the story and noted that the skills acquired during the setting up of the hub are helping him train other tutors. “Now we can move from community-to-community training young people in coding as part of our coding caravan program,” He affirmed.
The full-day cybersecurity workshop ended with participants requesting more of such industry-specific workshops towards the capacity building of professionals.
Author: David Gowu–(Executive Director, Institute of ICT Professionals, Ghana)
For comments, contact firstname.lastname@example.org or Mobile: +233242773762