The Nigerian Communications Commission (NCC) is firming up a cybersecurity framework for securing digital infrastructure and enhancing online safety for consumers in the Nigerian communications industry.
The framework, with likely implementation timeline by telecom licensees set for 2026, will address security challenges arising from the emerging technologies towards creating a more secure digital economy in Nigeria.
During the second phase of the cybersecurity framework development meeting with relevant stakeholders, hosted by the Commission in Abuja on Wednesday, following the initial meeting held earlier in the year, NCC’s Executive Commissioner, Technical Services (ECTS), Abraham Oshadami, stressed the need for a water-tight approach to addressing the sophistication of cyber threats in the industry.
Oshadami said given the increasing digitalization of services, the rapid growth of data exchange, and the sophisticated nature of modern cyber threats, the need for a robust, adaptive, and inclusive cybersecurity framework has never been more urgent.
According to him, as emerging technologies reshape the landscape, cybersecurity now extends beyond the traditional triad of confidentiality, integrity, and availability (CIA), adding that intensifying geopolitical tensions and increasingly sophisticated threats are heightening risks to critical infrastructure irrespective of whether they are built on interconnected devices or legacy systems.
“Both state and non-state actors are targeting essential sectors—including ours – through coordinated cyber and physical attacks. These attacks frequently target control systems and data integrity, underscoring the critical risks posed to operational technology (OT)—especially in our sector.
“As cyberthreats evolve, they endanger not only system performance but also human safety, amplifying the severity and consequences of disruptions to vital communications infrastructure. Cybersecurity now encompasses human safety and must address the real risk to people’s lives when a system is attacked or compromised,” he said.
While emphasizing the need to develop the framework, Oshadami said as telecommunications industry continues to serve as the backbone of Nigeria’s digital economy, its critical role in national development, economic transformation, and societal interaction makes it a strategic asset and unfortunately, a prime target for cyber threats.
Oshadami further explained that the second stakeholders meeting on the cybersecurity framework was to present the progress made since the initial meeting, including the refined framework based on stakeholder input; and to further validate key components, design principles, and implementation strategies of the proposed framework, among others.
The ECTS stated that as the national regulator, the NCC remains committed to an inclusive and consultative process, recognizing that sustainable cybersecurity outcomes can only be achieved through shared responsibility and strong public-private partnerships. “With your continued expertise, insight, and collaboration, we are confident that we can co-create a framework that not only secures our digital infrastructure but also fosters innovation, competitiveness, and long-term industry growth,” he said.
The presentation of the proposed framework by the Chief Executive Officer of CyberNover, the consultants to the Commission on the project, Dr. Kazeem Durodoye, further provided details of the framework to stakeholders at the invents, cutting across representatives of telecom licensees and government agencies in the digital economy ecosystem.
Meanwhile, the NCC’s Head of Cybersecurity and Internet Governance, Babagana Digima, while stating that the project is supported by the World Bank, commended all stakeholders for their input, saying while it was expected that the proposed framework will be finalized by end of third quarter of 2025, its implementation is expected to take off in early 2026.
The forum provided a platform to consolidate a shared understanding of the strategic relevance of the proposed cybersecurity framework in enhancing national cybersecurity preparedness and sector resilience; and review and refine the preliminary inputs gathered during the first engagement, incorporating technical perspectives and sector-specific concerns, among others.
