The Nigerian Communications Commission (NCC) recently convened a stakeholders’ forum in Lagos to solicit industry input for its planned cybersecurity regulatory framework aimed at bolstering the telecommunications sector against escalating cyber threats. This initiative, supported by the World Bank Group, seeks to promote trust and resilience within Nigeria's digital ecosystem. Dr. Aminu Maida, Executive Vice Chairman of NCC, emphasized the critical need to address the increasing incidents of cyber threats, including data breaches, through a robust regulatory structure.

Nigeria's telecommunications industry has experienced phenomenal growth, expanding from 2.5 million connected lines in 2001 to 172,948,309 active subscribers by April 2025, with 141,985,207 of these being active internet users. This exponential growth highlights the sector's pivotal role as an enabler for economic development, social innovation, and national transformation. However, as Abraham Oshadami, Executive Commissioner for Technical Services at NCC, pointed out, this expanding digital access and connectivity necessitates proactive measures to secure the underlying digital infrastructure. The increasing complexity of the digital ecosystem inherently brings heightened vulnerabilities to evolving cyber-threats such as malware, ransomware, phishing, distributed denial of service (DDS) attacks, and insider threats, making the nation's communications infrastructure a prime target.

In response to these mounting challenges, the NCC has initiated the development of a comprehensive cybersecurity framework. The primary objectives of this framework are multifaceted. As outlined by Dr. Maida and Mr. Oshadami, these include promoting a unified and resilient cybersecurity protocol across the communications industry, enhancing the protection of telecommunications infrastructure from cyber-attacks, and safeguarding consumer data, privacy, and trust in digital services. Furthermore, the framework aims to ensure alignment with national cybersecurity strategies, build sector-wide competence and capacities, and effectively identify and mitigate cyber risks within the industry.

Babagana Digima, Chairman of the Cybersecurity Framework Development Committee, assured stakeholders that the developed framework would be shared with them in the coming months. Further insights were provided by Dr. Kazeem Durodoye, CEO of Cybernova and a consultant to the NCC. In his lead paper, Dr. Durodoye explained that the framework would serve telecom operators, with the NCC overseeing supervisory and compliance monitoring. It is designed to systematize information about the sector, facilitating a better understanding of common challenges, needs, and priorities. The framework will also scrutinize the communications sub-sector, emphasizing internal and external interdependencies, identify current gaps in cybersecurity practices, capabilities, and resources, and propose an actionable roadmap to enhance the sector's resilience and capacity.

The anticipated outcomes of implementing this framework are significant. They include improvements to cybersecurity governance, the regulatory framework itself, institutional capacity, and cyber risk management practices. The framework is also expected to introduce practical measures to boost operational and technical capabilities, enhance overall cyber capacity, strengthen cooperation and information sharing among stakeholders, and prioritize actions with the greatest potential impact on the cybersecurity maturity of the sector. The NCC has expressed its commitment to building a secure and trusted communication ecosystem in Nigeria, fostering continuous collaboration with all stakeholders from the development phase through to implementation to create a safer and more resilient online space.