Samson Echenim 
The Nigerian Communications Commission (NCC) says it has initiated the development of a robust cybersecurity framework aimed at fortifying the country’s telecommunications sector against growing digital threats.
Speaking during a regulatory meeting on the cybersecurity framework fevelopment in Lagos on Wednesday, the Executive Vice Chairman of the NCC, Dr. Aminu Maida—represented by Abraham Oshadami, Executive Commissioner for Technical Services—said the new strategy is essential to protect the sector’s critical infrastructure and consumer data.
Dr. Maida noted the rapid expansion of Nigeria’s telecom industry, which has grown from fewer than 500,000 phone lines in 2001 to over 172 million active subscribers and 141 million internet users today. While this growth has spurred economic development and digital inclusion, he warned that it has also made the sector a prime target for cyberattacks, especially on government infrastructure.
In response, the NCC is crafting a national framework designed to bolster cybersecurity resilience across the telecom ecosystem.
“The initiative aims to establish a unified cybersecurity posture, protect telecom infrastructure, safeguard user data and privacy, and align with Nigeria’s National Cybersecurity Strategy as well as global best practices,” Maida said. “It will also enhance the industry’s capacity to detect, respond to, and recover from cyber incidents while proactively managing future risks.”
Citing a report by the UN Economic Commission for Africa, Maida emphasized that a 10% improvement in cybersecurity maturity can significantly boost GDP per capita across the continent.
Maida explained that the proposed framework will define baseline cybersecurity standards for telecom operators. These will cover areas such as incident reporting, risk management, information sharing, and coordination with regulators.
The framework will be anchored in existing legislation, including the Cybercrime (Prohibition, Prevention, etc.) Act of 2015 and the Nigerian Data Protection Act of 2023, which mandate heightened cybersecurity protocols for critical infrastructure sectors.
Also speaking at the meeting, Abraham Oshadami underscored the importance of stakeholder engagement in the process. “Cybersecurity is no longer optional; it is a regulatory imperative,” he said. “This framework must be shaped by the realities of the industry, and that’s why we are involving operators and other key players early in its development.”
The NCC said the feedback gathered from the meeting will help refine and finalize the cybersecurity strategy before its rollout.
