16 June 2025

The Nigerian Communications Commission (NCC) is actively working to bolster the country’s telecom industry against escalating cyber threats by developing a robust national cybersecurity framework.

Aminu Maida, NCC’s Executive Vice Chairman, announced this initiative during a recent regulatory meeting in Lagos, emphasizing the urgent need to enhance cybersecurity protections as Nigeria’s telecom sector continues to grow rapidly.

Nigeria’s telecom landscape has expanded dramatically — from fewer than 500,000 lines in 2001 to over 172 million active subscribers and 141 million internet users today — making the industry a prime target for cybercriminals. Maida highlighted that this surge in connectivity, while fuelling economic progress, has increased vulnerabilities, especially as government infrastructure becomes a key target for cyber-attacks.

The new cybersecurity framework aims to establish a unified and resilient security posture across the telecom sector, focusing on safeguarding infrastructure, protecting consumer data, and ensuring privacy. It will set baseline cybersecurity standards for operators, covering incident reporting, risk management, information sharing, and engagement with regulators. The framework also seeks to build industry-wide expertise in anticipating, identifying, responding to, and recovering from cyber incidents, as well as proactively preventing future threats.

Maida referenced a UN Economic Commission for Africa report, noting that a 10% increase in cybersecurity maturity could significantly boost per capita GDP across Africa, underscoring the economic importance of strengthening cyber defenses. The NCC’s efforts will build upon existing regulations, such as the Nigerian Data Protection Act of 2023 and the Cybercrime Prevention Act of 2015, to enforce stricter security measures in critical sectors.

Babagana Digima, head of the Cybersecurity Framework Development Committee, stressed the importance of conducting a comprehensive baseline assessment of Nigeria’s current cybersecurity posture before implementing new protections. He emphasized that cybersecurity is now a mandatory component for industry resilience, especially as emerging technologies like Open RAN, network virtualization, AI-driven cyber threats, and quantum cryptography introduce new risks.

The proposed framework will categorize telecom licensees based on their risk exposure, allowing for tailored security controls — particularly for operators managing sensitive data or critical infrastructure. A draft version of the framework will soon be shared with industry stakeholders for review and feedback, signalling Nigeria’s proactive approach to creating a safer, more secure telecommunications environment.