Strengthening Cybersecurity Defenses in Nigeria

As cyberattacks become more frequent and interconnected, Nigeria is implementing new regulations to enhance cybersecurity across critical sectors. The National Information Technology Development Agency (NITDA) is pushing for mandatory disclosure of breaches or at least intelligence sharing from organizations like banks, fintechs, and government agencies.

Addressing Rising Cyber Risks

The move comes amid a surge in cyber incidents targeting both financial institutions and public sector entities. NITDA Director-General Kashifu Abdullahi emphasized that attacks now leverage technologies like AI and create ripple effects across interconnected systems. He noted that when one organization is compromised, it can serve as a launchpad for others.

Improving Reporting Compliance

Current reporting rates remain low—in 2023, only 60 out of 163 institutions reported fraud incidents to the Nigeria Inter-Bank Settlement System (NIBSS), representing a compliance rate of just 37%. The amount involved in these cases reached ₦5.26 billion across 14,697 incidents in Q3 2023.

The reluctance to report stems from reputational concerns that Abdullahi argues are outdated in today’s digital ecosystem. Instead, regulators seek structured information sharing to prevent attacks from spreading.

Coordinated National Response

To improve coordination, NITDA is collaborating with the Office of the National Security Adviser and the Ministry of Communications on several fronts:

• Establishing a cybersecurity coordination council focused on building resilience through accountability and intelligence sharing
• Requiring financial institutions to use a cybersecurity self-assessment tool (CSAT)
• Formally recognizing AI as a tool in combating financial crime

These measures align with global trends toward mandatory breach disclosure, seen in regulations like Europe’s GDPR and similar requirements in Algeria, Kenya, and South Africa.

The International Monetary Fund has highlighted that stronger reporting and information sharing can significantly improve collective resilience against cyber threats. By forcing greater transparency, Nigerian regulators aim to create a more secure digital ecosystem for all users.