The Governor of the Bank of Ghana (BoG) Dr Ernest Addison has said that the central bank is collaborating with the Cyber Security Authority to improve the cybersecurity posture in the banking sector.
In particular, Dr Addison said, the two institutions are discussing various ways to approach the implementation of the Cybersecurity Act, 2020 (Act 1038) for the sector.
Speaking at the official commissioning of the Financial Industry Command Security Operations Center (FICSOC) on Wednesday, May 24, Dr Addison stated that in October 2018, the Bank of Ghana issued the Cyber and Information Security Directive (CISD) for banks and other Bank of Ghana-regulated financial institutions with expectation that all regulated financial institutions would implement the required Information Security Management Systems (ISMS) controls to ensure the delivery of a safer digital financial Industry.
The implementation of the directive, he said, was phased over 36 months, and through effective monitoring and supervision among regulated banks.
As these institutions worked towards full implementation of the Directive, it became
evident that the Bank of Ghana had to establish an industry Security Information and
Event Management (SIEM) system to enable those institutions implementing SIEMs
to send logs/alerts, aggregate information and reports, he added.
To achieve this, he said, the BoG initiated the SIEM project which we call the Financial Industry Command Security Operations Centre (FICSOC) Project.
“The FICSOC Project is now completed and operational with reports/alerts in the form of threat intelligence provided to the banks to improve their incident response mechanisms.
“Just last week, I was invited to chair a book launch on an enabling architecture for a
digital economy written by Prof. Kwaku Appiah-Adu and Mr. Franklin Asare. In my
opening remarks, I agreed with the Authors, that digital technology can be a potent
tool for financial inclusiveness.
“I also took them through the digitisation journey of the Bank of Ghana starting from the introduction of the common platform for interbank payments and the e-zwich through the development of the mobile money and interoperability to current efforts at designing the e-cedi. In all of this, Bank of Ghana was very much aware of the increased cyber security risks in the financial sector,”he stated.
This FICSOC project, he added, is a key component of the systems and we have to deal with the challenges of cyber security.
“Your Excellency, this project will help provide real-time visibility into cyber threats and
attacks targeting the banking sector. The Bank of Ghana and the Cyber Security
Authority are collaborating to improve the cybersecurity posture in the banking sector.
In particular, the two institutions are discussing various ways to approach the implementation of the Cybersecurity Act, 2020 (Act 1038) for the sector.
“The detailed areas of collaboration are contained in the joint statement issued by BoG and CSA on 24th June 2022, nearly a year ago. On this note, I would like to thank His Excellency and our guests for honouring the invitation to commission the FICSOC Project. My appreciation also goes to the implementation partner, Virtual InfoSec Africa, the FICSOC Consultant, Mr Samuel Amoah, and BoG FICSOC Project Team members for their commitment and diligence in achieving success in this project,” Dr Addison stressed.