The project was carried out by Virtual InfoSec Africa, a Ghanaian information security company, in collaboration with the Central Bank.
The Bank of Ghana initiated the FICSOC Project in 2019 with the aim of “sharing threat intelligence, sector awareness and incident response among its regulated financial institutions”.
Since April, all commercial banks have been connected to FICSOC and the communication of cyber threat information, in the form of FICSOC alerts and warnings, is being communicated to these banks, says the Central Bank.
In his keynote address last week, Vice President Mahamudu Bawumia underscored the importance of a robust cybersecurity infrastructure to maintain confidence in the financial sector.
“The use of digital technologies continues to transform the business models of financial institutions with new opportunities to generate revenue and value. While these digital technologies support banking services and enable banking strategies, the underlying security vulnerabilities pose fundamental cyber risks to these institutions.”
“Cybersecurity risks can affect operational capabilities and threaten the viability of financial institutions. Likewise, the contagion of cyber risk in a financial system is exacerbated by the extent of interconnection, therefore any serious cyber attack could threaten the stability of the financial system,” he noted.
Bawumia commended the Governor, Board of Directors and management of the Bank of Ghana for their efforts to protect the financial sector.
“The commissioning of this important building and infrastructure, which to my knowledge is the first of its kind financed and owned by a central bank in Africa, is a remarkable achievement for the Bank of Ghana. There is no doubt that, very soon, other central banks in the sub-region will visit the Bank of Ghana to study your approach to defending cybersecurity in the financial sector”, he said.
“My expectation, and that of the government, is that financial institutions will be better equipped to deal with the serious and emerging cyber threats targeting the banking sector, including zero-day threats, advanced persistent threats and exploits, and allow you to make informed decisions about responding to these threats.
“I would like to emphasize that the FICSOC platform does not compete with or replace the management of cybersecurity risks of regulated institutions (including their SOC operations), but complements the management framework of cybersecurity and information security of each financial institution. Therefore, the responsibility for managing cybersecurity and information security risks ultimately rests with each regulated financial institution and not with FICSOC Operators or the Bank of Ghana.”
