WorldStage Newsonline– The National Information Technology Development Agency (NITDA) on Friday said outdated frameworks, inadequate expertise, and poor awareness are limiting cybersecurity interventions.
Its Deputy Director, Cybersecurity Department, Dr Ayodele Bakare, said this on the sidelines of the agency’s meeting with some United Kingdom (UK) delegates on building a national cybersecurity infrastructure in Abuja.
Bakare noted that cybersecurity was a borderless issue and required collaborations, both local and international, and strategic interventions to address cyber threats.
The director stated that the country had existing cybersecurity frameworks and policies but doubted if they could address emerging threats, especially with the adoption of Artificial Intelligence (AI).
Some of the frameworks he mentioned included the Cyber Crime Act 2015, recently amended in 2024 and the Nigerian Data Protection Act 2023, which were pivotal in driving the country’s cybersecurity architecture.
“NITDA, seven years ago released the National Public Key Infrastructure as a regulation. We also have other sectoral frameworks, the Risk-Based Cybersecurity framework for financial institutions released by the Central Bank of Nigeria.
“Given the fact that we have all these frameworks, their effectiveness is still a question and I think the first thing is for a rebase line on the basis that informs the existing frameworks.
“Majority of the frameworks were issued far before now, and there are emerging risks like the AI-driven threats and some of the frameworks that we have are not really addressing them,’’ he said.
The director mentioned that in spite of significant efforts in public awareness campaigns, cyber threats, such as device code phishing, continued to persist across the country.
Sharing a personal experience of nearly falling victim to such an attack, Bakare stated that it demonstrated that many Nigerians still lacked awareness of modern cyber threats.
He stressed that enhanced and more interactive awareness programmes were necessary to educate the public on the dangers of cybercrime.
Bakare also said that Nigeria had a shortage of skilled cybersecurity experts, with about 8,300 cybersecurity experts to 220 million people, adding that there was a need to develop skills in that area.
The Director called for more affordable training platforms and certification programmes to help develop a larger pool of cybersecurity professionals in the country.
“We are looking for platforms that can provide an efficient way of training people and we are also looking at collaborations that can help bring down the cost of cybersecurity certification courses.
“Averagely, you see Nigerians spending between 2,000 dollars to 5,000 dollars for this certification which is very expensive and reducing the cost will increase the number of experts,’’ he said.
Another concern he raised was the issue of governance, risk management and compliance among government institutions.
According to him, NITDA is working on a regime that will audit government organisations and ensure compliance with cybersecurity frameworks.
He also said the country required more efficient threat intelligence platforms that could gather, analyse and share information on cybersecurity threats.
Bakare further stated the need to adopt cloud-based solutions to improve vulnerabilities, adding that it could assist in identifying external threats in institutions.
“The government is making efforts to ensure the management and effective utilisation of the National Public Key Infrastructure (PKI) to secure online transactions and communications in collaboration with stakeholders.
“For government institutions, we are working on a framework for Zero Trust which should create an efficient platform.
“The platform will ensure that before you access any information-based system, either cloud-based or on-premise, you have to go through a Zero Trust platform.
“This is to ensure that digital trust is effectively maintained and that the incidences of data leakages are reduced,’’ Bakare said.
He added that they were working on developing a National Cybersecurity Architecture expected to consolidate various cybersecurity initiatives and frameworks into a single source of truth.
“We are working towards an architecture that will serve as the single source of truth for Nigeria’s National Cybersecurity Strategy and help streamline efforts for effective management of cyberspace,’’ he said.
