Activities of cybercriminals, especially in the financial sector, have been immense lately. What is causing this spike?
Nigeria’s cybersecurity framework has been widely criticized for being largely reactive rather than proactive. This means the country often addresses cyber threats only after they occur, rather than anticipating and preventing them. Despite growing digital adoption across sectors like banking, telecommunications, government services, and e-commerce, Nigeria’s cybersecurity preparedness has not kept pace with the expanding digital landscape.
One major issue is the absence of a robust, forward-looking national cybersecurity strategy. Although Nigeria has developed policies like the National Cybersecurity Policy and Strategy (NCPS) and established agencies such as the Nigerian Cybercrime Advisory Council, many of these frameworks are outdated or poorly implemented. The lack of consistent updates to policy documents and insufficient coordination between relevant agencies weakens Nigeria’s ability to counter evolving cyber threats.
Furthermore, enforcement of existing cyber laws is often weak, with limited prosecution of cybercriminals. The Cybercrimes Act of 2015 remains the primary legal tool, but enforcement agencies face capacity constraints, outdated tools, and a shortage of skilled personnel. The country lacks adequate investment in cyber defense infrastructure and in training cybersecurity professionals, leaving both public and private institutions vulnerable to attacks like phishing, ransomware, and data breaches.
Another challenge is the slow pace of incident response. Often, organizations and government institutions react to breaches only after substantial damage has occurred. There is also limited information sharing between the government, private sector, and the public, which hampers collective cyber threat intelligence and resilience.
International cooperation has also been underutilized. Although Nigeria is a member of global cybersecurity bodies and signatory to some international conventions, it has yet to fully leverage these platforms to build local capacity or adopt global best practices.
In contrast to more proactive nations, Nigeria lacks continuous threat monitoring systems and real-time security operations centers across most sectors. This leaves the country exposed to sophisticated cyber threats that evolve rapidly.
To shift from a reactive to a proactive cybersecurity posture, Nigeria needs to invest significantly in infrastructure, training, policy updates, inter-agency collaboration, and public awareness. Proactive risk assessments, timely updates to frameworks, and partnerships with global cybersecurity stakeholders are essential. Without these changes, Nigeria remains at risk of increasing cyberattacks that can undermine national security, economic growth, and digital trust.
Leave a Reply