GHANA’S HEALTH SECTOR LOW IN CYBERSECURITY MATURITY – CSA CAUTIONS
The Cyber Security Authority (CSA) has disclosed that the security maturity levels of health institutions compared to banks and telecommunications companies in Ghana are very low and need to be enhanced significantly.
These findings were shared in a speech read on behalf of the Director-General of the CSA, Dr. Albert Antwi-Boasiako at the opening day of the National Cybersecurity Awareness Week of the Komfo Anokye Teaching Hospital (KATH). The event was organised by the KATH in collaboration with the CSA as part of this year's National Cybersecurity Awareness Month to heighten staff awareness of basic cybersecurity and ensure adherence to regulations to mitigate risks.
“In the last 18 months, fifteen entities consisting of eight public hospitals, three private hospitals and four medical labs have been assessed finding instances of vulnerabilities. Six instances of critical-severity vulnerabilities namely, No Password Encryption Outdated Software, Susceptibility to DDoS, and Web Server Misconfiguration were found. There were also instances of medium-severity vulnerabilities such as non-enforcement of HTTPS and Verbose Error Messages”, Dr. Antwi-Boasiako stated.
He also emphasised the urgent need to strengthen measures to avert cyber-attacks on the health sector.
Speaking to the theme for the event, “Securing Health Data in the Age of Misinformation: A Collaborative Approach to Digital Resilience”, the CEO of KATH, Professor Otchere Addai Mensah highlighted those technological advancements have brought significant challenges, particularly in the security of health data and the threats posed by misinformation. He therefore advocated for hospitals, healthcare providers, technology experts, and policymakers to collaborate and establish robust frameworks for data protection and to combat misinformation effectively.
The event climaxed with a panel session that addressed best practices and collaborative strategies to safeguard patient data. Staff of KATH were educated on best practices to safeguard their devices such as regular software and network protocol updates while management of health institutions was advised to prioritise investment in cybersecurity capacity building for staff and ensure adherence to the Critical Information Directives from the CSA.
Social Media Links
Events and Gallery
Advisories
Government Advisory
Business Advisories
Public Advisories
Children Advisories