The Nigeria Data Protection Commission (NDPC) is taking bold steps to strengthen data privacy and cybersecurity measures. Starting in 2025, the NDPC will begin prosecuting offenders who violate data privacy regulations. This announcement, made during a cybersecurity awareness campaign in Abuja, underscores the Commission’s commitment to enforcing responsible data handling and protecting Nigeria’s cyberspace from evolving threats.
The NDPC’s Head of Legal Enforcement and Regulation, Babatunde Bamigboye, emphasized that the Commission has spent its formative years building awareness of data privacy rights and obligations. Speaking at the event themed “Utilising AI-Powered Services for Proactive Cybersecurity,” organized by SOPHOS UK in collaboration with SPOKES Network and Net-Trix Solutions, Bamigboye highlighted the significant implications of data breaches and the need to ensure compliance.
“At this moment, we have investigated quite a number of cases, and in terms of prosecution—as you know, as a lawyer, this means going to court—but we haven’t taken any matters to court yet,” he explained. Instead, the Commission has focused on remedial actions, addressing violations without pursuing criminal charges. However, beginning in 2025, enforcement will intensify, and data controllers and processors found in breach of the law will face prosecution.
Bamigboye reassured stakeholders of the safety of Nigeria’s cyberspace for digital transactions. “Nigerian cyberspace is safe; otherwise, we wouldn’t be experiencing the smooth flow of digital transactions. It is safe but not without threats, and we are doing our best as a country to combat these threats,” he noted.
The Abuja event also served as a platform for discussing the role of Artificial Intelligence (AI) in strengthening cybersecurity. The session brought together industry experts to explore how AI-powered solutions can proactively address threats. Christopher Odutola, a Sales Engineer at SOPHOS UK, provided valuable insights into the limitations and potential of cybersecurity tools.
“A lot of people will come to you and say, ‘We can give you 99.9% or 100% cybersecurity.’ It’s not true. Nobody can provide 100% security anywhere in the world. What they can do is reduce the risk for you,” he said. Odutola explained that cybersecurity measures, including firewalls, antivirus software, and email security, are designed to minimize risks rather than eliminate them entirely.
He also introduced the concept of cybersecurity breach protection warranties. For example, SOPHOS offers a warranty covering up to $1 million in response costs for incidents like data breaches or ransomware attacks when managing a client’s Security Operations Center (SOC). This approach reassures businesses that, while complete protection is unattainable, significant measures can mitigate the financial and operational impacts of breaches.
Odutola stressed the importance of comprehensive risk assessments, particularly for third-party vendors, who often introduce vulnerabilities into an organization’s network. He emphasized that senior management must be involved in cybersecurity strategies to address gaps effectively.
The Chief Executive Officer of Net-Trix Solutions, Harrison Oloye, shared a similar perspective, highlighting the need for public and private sector awareness of cyber threats. “What we did as Net-Trix Solutions Limited, in conjunction with SPOKES Network, is to create awareness and educate the public and private sectors on how to use Artificial Intelligence (AI) to combat cyber threats,” Oloye said.
As part of their Corporate Social Responsibility (CSR), Net-Trix Solutions has trained numerous individuals on recognizing and managing cyber threats. This initiative complements the broader goal of fostering a safer cyberspace in Nigeria.
Ms. Sifon Ufot, Head of Business at SPOKES Network, underscored the importance of staying proactive in cybersecurity efforts. “We need to stay cyber-safe because hackers working behind the scenes are not joking—they work 24/7. For us, staying proactive is essential. With the help of AI, we can stay proactive; it provides information beforehand and even prevents some attacks from reaching us,” she explained.
The NDPC’s forthcoming enforcement measures, coupled with advancements in AI-powered cybersecurity solutions, signal a new era of data protection in Nigeria. While the Commission prepares to hold offenders accountable, organizations are encouraged to adopt proactive strategies to minimize cyber risks. Collaborative efforts, like the Abuja campaign, highlight the importance of awareness, innovation, and robust defenses in safeguarding Nigeria’s digital future.
Sources
- https://www.thisdaylive.com/index.php/2024/11/22/data-privacy-breach-ndpc-to-prosecute-offenders-next-year/#google_vignette
- https://von.gov.ng/ndpc-to-prosecute-data-privacy-offenders-from-2025/