Nigeria is taking a significant step toward strengthening its national cybersecurity framework with a new policy direction that would require organisations to disclose cyber attacks. The move comes in response to a sharp rise in digital threats targeting businesses, government institutions, and critical infrastructure across the country.
The proposed regulation is expected to improve transparency and enhance national preparedness against cybercrime. By mandating disclosure, authorities aim to ensure that incidents such as data breaches, ransomware attacks, and system infiltrations are reported promptly. This will allow regulators and cybersecurity agencies to respond faster, reduce damage, and prevent similar attacks from spreading across sectors. Nigeria has seen a steady increase in cyber threats in recent years, driven by the rapid expansion of digital banking, e-commerce, and online public services. As more organisations adopt digital systems, attackers have also become more sophisticated, targeting weak security infrastructures and exploiting gaps in incident reporting. Many cyber incidents currently go unreported, making it difficult for authorities to assess the true scale of the problem or coordinate an effective national response.
Under the new framework, organisations will likely be required to notify relevant regulatory bodies within a specified timeframe after discovering a breach. This approach aligns Nigeria with global best practices seen in countries that enforce mandatory breach disclosure laws. It is also expected to encourage businesses to invest more heavily in cybersecurity systems and risk management strategies.
Experts believe that the policy could improve trust in Nigeria’s digital economy. Transparency in reporting cyber incidents helps consumers and investors make informed decisions while also pushing organisations to adopt stronger data protection measures. However, some businesses have expressed concerns about compliance costs and reputational risks associated with public disclosure of cyber attacks.
Despite these concerns, cybersecurity professionals argue that secrecy often worsens the impact of attacks. Without timely reporting, threats can remain active longer and affect more victims. Mandatory disclosure is therefore seen as a necessary step to build a more resilient digital ecosystem.
As Nigeria continues its digital transformation journey, the push for cyber attack disclosure signals a broader commitment to safeguarding data, strengthening institutional accountability, and protecting critical digital infrastructure in an increasingly connected economy.
Leave a Reply