The Nigerian Communications Commission (NCC) has unveiled plans to develop a comprehensive cybersecurity framework aimed at protecting Nigeria’s rapidly expanding telecommunications sector.
Speaking at a Cybersecurity Framework Development Regulatory Meeting held on Wednesday in Lagos, the Executive Vice Chairman (EVC) of the NCC, Dr Aminu Maida represented by Mr Abraham Oshadami, Executive Commissioner for Technical Services outlined the initiative’s objectives.
Dr Maida highlighted the remarkable growth of Nigeria’s telecommunications industry, which has grown from fewer than 500,000 connected lines in 2001 to over 172 million active subscribers today. The number of internet users has also surpassed 141 million. This growth, he noted, has firmly established the sector as a critical driver of economic development, social inclusion, and national progress.
However, he warned that the sector’s rapid expansion has made it increasingly vulnerable to evolving cyber threats, including malware, ransomware, and phishing attacks. He pointed out that government infrastructure, which forms the backbone of Nigeria’s critical national information systems, remains a key target for cybercriminals and hostile actors.
“In response to these escalating risks, the NCC has initiated the development of a cybersecurity framework with clear goals,” he said.
These include promoting a unified and resilient cybersecurity stance across the industry, strengthening infrastructure protection, safeguarding consumer data and privacy, and ensuring alignment with Nigeria’s National Cybersecurity Strategy and international best practices.
The framework will also seek to build industry-wide capability to predict, detect, respond to, and recover from cyber incidents while proactively identifying and mitigating emerging risks.
Maida emphasised that the existing regulatory environment, including the Cybercrime (Prohibition, Prevention, etc) Act 2015 and the Nigeria Data Protection Act 2023, now requires robust cybersecurity provisions for critical sectors like telecommunications.
Citing data from the United Nations Economic Commission for Africa, he noted that a 10 per cent increase in cybersecurity maturity could yield significant growth in per capita GDP across the continent.
Also Read:Â NCC Directs Telecoms to Alert Users on Major Network Outages
The proposed framework will establish minimum cybersecurity standards for all operators, offering guidance on incident reporting, risk management, information sharing, and inter-agency collaboration.
Maida called on stakeholders network operators, internet service providers, data centre operators, government bodies, academics, and technology providers to actively participate in the framework’s development.
Also speaking at the meeting, Mr Abraham Oshadami reiterated the critical nature of the initiative. He highlighted the telecommunications sector’s increasing reliance on digital technologies and the urgent need to protect both networks and consumer data.
“Cybersecurity is no longer optional; it is an imperative,” Oshadami said, adding that the meeting was organised to gather valuable input from the industry to ensure the framework’s effectiveness and relevance.
In his presentation, Dr Kazeem Durodoye, Chief Executive Officer of Cybernovr, stressed the importance of securing Nigeria’s digital environment amidst growing digitisation and emerging threats.
He observed that technologies like Open RAN and network virtualisation have significantly altered the threat landscape for legacy and next-generation networks (2G, 3G, and 5G). According to him, the framework must adopt a holistic approach, accounting for interdependencies within the sector and enabling policymakers to address real-time cyber threats.
Durodoye said that the framework would be guided by key principles, including strong stakeholder engagement, preparedness for emerging threats such as quantum cryptography, and awareness of the impact of artificial intelligence and machine learning on cybersecurity.
He noted that the draft framework would be circulated to industry stakeholders for review in the coming weeks. It will categorise licence holders into tiers, ensuring that organisations handling sensitive data or critical functions receive appropriate regulatory focus.
Mr Babagana Digima, Chairman of the Cybersecurity Framework Development Committee, said the framework would help structure the industry’s cybersecurity response and close existing gaps in the telecom sector.
He stressed the importance of conducting a baseline study to assess the current state of cybersecurity readiness before implementing new control measures.
Digima reaffirmed the NCC’s commitment to working collaboratively with stakeholders to build a secure, resilient, and trustworthy digital ecosystem in Nigeria.
