NDPC Flags Rising Cyber Threats, Pushes Stronger Data Protection
By Stella Enenche, Abuja
The Nigeria Data Protection Commission (NDPC) has issued a nationwide advisory warning of escalating threats to the nation’s data security architecture, calling on organisations to urgently strengthen their cyber defences.
This was contained in an advisory signed by the Head of Legal, Enforcement and Regulations at the NDPC, Babatunde Bamiboye on Thursday.
In the regulatory notice, the Commission disclosed that its technical assessment revealed coordinated attacks by suspected threat actors targeting financial systems and critical digital infrastructure across the country.
NDPC reminded public institutions of a directive by President. Bola Tinubu, which emphasises the strategic value of data and mandates strict compliance with the Nigeria Data Protection Act 2023.
The directive urges Ministries, Departments and Agencies (MDAs) to rigorously collect and safeguard data in line with the law.
According to the Commission, all data controllers and processors must immediately scale up both technical and organisational safeguards to protect personal information and ensure compliance with regulatory standards.
Among key measures outlined in the advisory are the appointment of certified Data Protection Officers, implementation of comprehensive privacy policies, and deployment of advanced security systems such as multi-factor authentication and zero-trust architecture.
Organisations are also urged to conduct Data Privacy Impact Assessments, carry out regular vulnerability testing, and ensure continuous monitoring of their digital systems.
The NDPC further stressed the need for securing cloud infrastructure, databases, and application programming interfaces, alongside enforcing encryption protocols and effective credential management.
It also called for routine backup systems and resilience testing to mitigate potential breaches.
While assuring stakeholders of regulatory support, the Commission warned that failure to comply with provisions of the Data Protection Act could attract legal consequences.
The Commission’s reiterated its commitment to safeguarding personal data and strengthening institutional resilience across all sectors.
