The phenomenon of data loss and cyber security issues in Ghana

Abstract

PurposeThis study aims to investigate the cyber security awareness and policies within corporate organisations in Ghana.Design/methodology/approachUsing both quantitative and qualitative approaches underpinned by questionnaire and document analysis, data were collected from 100 participants centred on cyber security awareness and information policies.FindingsThe study underscored that, although corporate organisations had a good knowledge of IT, their awareness of cyber security remains limited. It observed that most organisations in Ghana are not integrating legal aspects into their information security policies. It proposed the need to increase the security awareness of corporate organisation, particularly because of the vulnerabilities they are exposed to.Research limitations/implicationsThe implication of the paper with respect to theory, practice and future research lies in the recommendations the authors have proffered, such as the implementation of security awareness training programme, need assessment and the outsourcing of qualified service providers.Practical implicationsThe study is useful for policy makers in the management of Ghana’s IT infrastructure.Originality/valueThis study is being undertaken at a period when Ghana has made progressive development and giant steps in the IT industry compared to its counterparts in sub-Saharan Africa. The developed nature of Ghana’s IT infrastructure requires the development of policies for cyber security to prevent data loses and protect the national infrastructure from threats. Undertaking a study on cyber security in an environment where cyber issues are hardly discussed is worthwhile.