Vice-chancellors of Ghana’s public universities have participated in a ransomware attack simulation as part of a structured cybersecurity capacity-building workshop organised by the Cyber Security Authority (CSA) in collaboration with Vice-Chancellors’ Ghana (VCG).
The workshop, held in Accra, was designed to strengthen cybersecurity leadership and resilience across the tertiary education sector, and was organised in partnership with the Shadowserver Foundation and the Forum of Incident Response and Security Teams (FIRST).
The tabletop simulation placed university leadership teams in a live ransomware attack scenario, testing their coordination under pressure, crisis decision-making, and readiness to manage institutional incident response. The exercise formed the centrepiece of a programme that also covered cybersecurity governance frameworks, regulatory obligations, and threats ranging from phishing and impersonation to the exposure of university data on the dark web.
Dr. Jamal Seidu Tozua, acting Deputy Director-General for Regulatory Operations at the CSA, speaking on behalf of Director-General Divine Selase Agbeti, urged vice-chancellors to strengthen the technical capacity of their information technology departments and to deepen collaboration with the National Computer Emergency Response Team of Ghana (CERT-GH) to reduce institutional exposure to cyber risks.
Dr. Tozua also called on tertiary institutions to support the creation of a dedicated Education Sector Computer Emergency Response Team (CERT) to enable coordinated threat detection and information sharing across universities, and stressed that institutions must procure cybersecurity services only from licensed and accredited providers.
The CSA’s broader framework for the sector is taking shape through a partnership with the Ghana Tertiary Education Commission (GTEC). Officials said the two bodies are working toward a National Cybersecurity Competency and Qualification Framework that would establish structured learning pathways from basic cyber literacy to advanced professional certification.
Jerry Sarfo, Director for Corporate Affairs at GTEC, speaking on behalf of Director-General Prof. Ahmed Jinapor Abdulai, noted that the tertiary education sector had become a prime target for cybercriminals because of the large volumes of sensitive personal, financial, and intellectual property data held by universities.
A separate technical workshop for IT directors and cybersecurity leads from the participating institutions followed the vice-chancellors’ session, covering vulnerability management practices and the use of scanning and monitoring tools to identify and remediate weaknesses in university networks and digital infrastructure.
The scale of the threat landscape underlines the urgency of the initiative. The CSA received 23,363 cyber incident reports in 2025, with online fraud accounting for 39 percent of all reported cases.
The Chair of Vice-Chancellors’ Ghana, Prof. Richard Kwasi Amankwah, commended the CSA for the engagement and called for sustained collaboration between the authority and tertiary institutions going forward.
