News Investigators/ The Nigerian Communications Commission (NCC) has taken a significant step toward bolstering the nation’s cybersecurity defenses, unveiling plans for a comprehensive framework to safeguard its rapidly expanding telecommunications industry.
Aminu Maida, the Executive Vice Chairman (EVC) of the NCC, who was represented by Abraham Oshadami, Executive Commissioner, Technical Services, NCC, said this during a Cybersecurity Framework Development Regulatory Meeting on Wednesday in Lagos.
Mr Maida highlighted the impressive growth of Nigeria’s telecom sector, which moved from fewer than half a million connected lines in 2001 to over 172 million active subscribers today, with internet users exceeding 141 million.
This expansion, he said, firmly positioned the sector as a cornerstone of economic development, social inclusion, and national transformation.
Mr Maida, however, said that the sector’s growth also brought heightened exposure to cyber threats such as malware, ransomware, and phishing, which were constantly evolving.
He warned that government infrastructure, forming the core of Nigeria’s critical national information infrastructure, remained a prime target for cybercriminals and hostile actors.
“To counter these growing dangers, the NCC initiated the framework’s development with clear objectives.
“Some of the objectives are to foster a unified and resilient cybersecurity posture across the industry, enhance the protection of telecom infrastructure, shield consumer data and privacy, and align with both the National Cybersecurity Strategy and international best practices.
“The framework also aims to build industry-wide expertise to anticipate, detect, respond to, and recover from cyber incidents, while proactively identifying and mitigating future risks,” he said.
The EVC pointed out that the current regulatory landscape, including acts like the Cybercrime Prevention Procedures Act of 2015 and the Nigerian Data Protection Act 2003, now mandated robust cybersecurity measures for critical sectors like telecommunications.
Referencing reports from the United Nations Economic Committee for Africa, Maida said that 10 per cent increase in cybersecurity maturity could lead to substantial per capita GDP growth across the continent.
Mr Maida stated that the framework would outline minimum cybersecurity expectations for all operators, offering clear guidance on incident reporting, risk management, information sharing, and collaboration between agencies.
He stressed the importance of jointly creating the framework, inviting active participation from network operators, internet service providers, data centre operators, government agencies, academia, and technology providers.
Also, Abraham Oshadami, Executive Commissioner of Technical Services at NCC, reinforced the critical nature of the initiative, emphasising the industry’s reliance on digital platforms and the importance of strengthening network resilience and protecting consumer data.
He said that cybersecurity was no longer optional but a mandatory requirement.
Mr Oshadami noted that the meeting was aimed at formally engaging the industry to gather valuable insights and feedback to craft a practical and effective framework.
In his presentation, Kazeem Durodoye, the Chief Executive Officer of Cybernovr, reiterated the necessity of securing cyberspace amid rapid digitisation and the emergence of new risks.
He noted that advancements in mobile technologies, such as Open RAN and network virtualisation, have significantly altered the risk profiles of 2G, 3G, and 5G.
Mr Durodoye emphasised that the framework must be holistic, considering dependencies within the sector and empowering policymakers to respond to real-time threats.
Speaking on the core principles guiding the framework’s development, he said they included robust stakeholder engagement, resilience to emerging threats such as quantum-level cryptography, and the impact of artificial intelligence and machine learning on cyberattacks.
He said that the framework would be shared with the industry for review within the coming weeks.
“It will categorise licensees into different tiers, ensuring that companies handling significant data or critical activities receive appropriate attention,” Durodoye said.
Babagana Digima, Chairman of the Committee on Development of Cybersecurity Framework, said the framework was designed to structure cybersecurity efforts and address existing gaps in the telecommunication sector.
He stressed the importance of a baseline study to understand the industry’s present standing before implementing new control measures.
Mr Digima also reaffirmed the commission’s commitment to collaborating with all stakeholders to build a secure, resilient, and trusted computational ecosystem in Nigeria.
NAN