Nigeria's Cybersecurity Wake-Up Call: Why Silence on Breaches Is No Longer an Option

Nigeria is entering a new phase in its digital evolution, one where cybersecurity transparency is no longer optional. At the center of this shift is Kashifu Abdullahi, Director-General of the National Information Technology Development Agency (NITDA), who is calling on banks, fintechs, and organisations to break the long-standing culture of silence around cyberattacks.

The Problem: Silence in a Highly Connected System

For years, many Nigerian organisations have chosen not to disclose cyber breaches, primarily due to fear of reputational damage. But that approach is now being challenged. According to Abdullahi:

"If one organisation is compromised, it can become a launch pad for others."

In today's interconnected ecosystem, a single breach is no longer isolated. It can trigger chain reactions across financial systems, payment platforms, and government infrastructure. A recent example highlighted how attackers moved from a compromised bank into Remita, demonstrating how vulnerabilities can cascade across systems.

The Data Tells a Bigger Story

Despite rising threats, reporting remains alarmingly low. The Nigeria Inter-Bank Settlement System (NIBSS) reported that only 60 out of 163 institutions disclosed fraud incidents in 2023. That is a compliance rate of just 37%.

Meanwhile, the scale of cybercrime continues to grow. The Financial Institutions Training Centre (FITC) recorded ₦5.26 billion lost across 14,697 fraud incidents in Q3 2025 alone. This gap between actual incidents and reported cases is exactly what regulators are trying to fix.

What Is Changing: From Secrecy to Shared Intelligence

Nigeria's regulators are not just asking for transparency. They are pushing for structured intelligence sharing. NITDA is working alongside the Office of the National Security Adviser and the Ministry of Communications, Innovation, and Digital Economy with one goal: build a coordinated national cybersecurity response system.

A New Cybersecurity Framework Is Emerging

Nigeria is beginning to align with global best practices. Three key developments are shaping the new landscape:

1. Cybersecurity Coordination Council

Announced by Minister Bosun Tijani, this council will focus on accountability, intelligence sharing, and policy alignment across government and private sector institutions.

2. Central Bank Intervention

The Central Bank of Nigeria (CBN) has introduced a Cybersecurity Self-Assessment Tool (CSAT) and formally recognised the role of AI in combating financial crime.

3. Multi-Agency Collaboration

Government bodies are now working together instead of operating in silos, which is critical for tackling system-wide threats that cross institutional boundaries.

Why AI Changes Everything

Abdullahi highlighted a key driver behind the urgency: Artificial Intelligence. AI is making attacks more sophisticated, increasing the speed and scale of breaches, and enabling attackers to exploit multiple systems simultaneously. This means traditional, isolated defence strategies are no longer effective.

Global Context: Nigeria Is Catching Up

Nigeria's push for transparency mirrors global trends. Europe's GDPR mandates breach notifications. Algeria requires reporting within 5 days. Kenya mandates disclosure within 48 hours. South Africa's Protection of Personal Information Act (POPIA) enforces both regulator notification and user notification.

Globally, the direction is clear: you do not hide breaches. You report them quickly and act collectively.

The Real Issue: Reputation Versus Reality

The biggest barrier is not technology. It is mindset. Many organisations still believe that disclosure equals reputational damage. But in reality, non-disclosure equals system-wide vulnerability. As attacks become more interconnected, silence does not protect reputation. It amplifies risk.

What This Means for Developers, DevOps and Tech Teams

If you are building or managing systems, this shift affects you directly. Expect mandatory reporting requirements, stronger compliance frameworks, and increased auditing and monitoring across all digital infrastructure.

You will need better logging and incident detection, real-time monitoring systems, and secure architecture, especially around APIs and third-party integrations. Most importantly, you will need a culture of transparency and rapid response embedded into your engineering practice from day one.

Final Thoughts

Nigeria is at a turning point. The move led by Kashifu Abdullahi and NITDA is not just about compliance. It is about survival in a connected digital economy.

Silence used to be a strategy. Now, it is a liability. The question is no longer whether organisations should disclose breaches. It is how fast they can share intelligence before the next attack spreads.

For the next generation of DevOps engineers, cybersecurity professionals, and software developers, this is the environment you are entering. Build systems that are not just functional, but transparent, auditable, and resilient.