News Highlights:
- NCC Unveils Cybersecurity Framework for Telecom Sector
- The Framework is Stakeholder-Driven, and has a Context-Specific approach
The Nigerian Communications Commission (NCC) has officially begun the development of a comprehensive cybersecurity framework for the telecommunications sector, marking a major step toward strengthening the nation’s digital defenses.
The initiative was unveiled at a stakeholders’ meeting held at the Commission’s Lagos Zonal Office, where the Executive Vice Chairman, Dr. Aminu Maida, represented by Engr. Abraham Oshadami, Executive Commissioner for Technical Services, addressed participants.
Dr. Maida noted the impressive growth of Nigeria’s telecom industry—from under 500,000 connected lines in 2001 to over 170 million voice subscribers and 140 million internet users in 2025. However, he warned that this rapid expansion has made the sector increasingly vulnerable to cyber threats such as ransomware, phishing, and distributed denial of service (DDoS) attacks.
“Securing our infrastructure, networks, and users is now a national priority,” he said. The new cybersecurity framework, he explained, is designed to create a unified, resilient, and adaptive cybersecurity posture for telecom operators. It will also ensure data protection, align with the National Cybersecurity Policy and Strategy (2021), and adhere to global best practices.
The framework draws its mandate from key regulations, including the Cybercrimes Act (2015), the Nigeria Data Protection Act (2023), and international obligations under the ITU Global Cybersecurity Agenda. It will serve as a practical guide for risk management, incident reporting, and collaborative security efforts among stakeholders.
Engr. Oshadami had earlier in his opening remarks, stressed the sector’s central role in Nigeria’s digital economy, adding that its significance also makes it a prime target for cybercriminals. He said the meeting was part of an ongoing consultative process to ensure that the framework reflects industry realities and is both pragmatic and enforceable.
In a presentation, Dr. Kazeem Durodoye, a lead consultant on the project, emphasized that the framework treats the telecom industry as Critical Information Infrastructure (CII). It is tailored to address systemic risks and promote best-in-class cybersecurity practices. Unlike generic models, it is sector-specific, grounded in local context, and informed by assessments conducted among operators.
The framework anticipates emerging technologies such as 6G, AI, and quantum cryptography, and calls for proactive adoption of layered security, multifactor authentication, and resilience-by-design. It also sets clear expectations for operator compliance and collaboration.
Digital TimesNG understands that the framework is the result of multiple sensitization forums and stakeholder consultations. A final version is expected by mid-August 2025, after which phased implementation will begin.
As Nigeria’s digital ecosystem evolves, the NCC’s cybersecurity framework is poised to become a cornerstone of national cyber resilience—ensuring a secure, innovative, and trusted communications landscape for the future.