NCC sets 2026 timeline for new cybersecurity framework

Joy Agwunobi

The Nigerian Communications Commission (NCC) is advancing plans to establish a sector-wide cybersecurity framework aimed at safeguarding digital infrastructure and strengthening online safety across Nigeria’s communications industry, with implementation expected to commence in 2026.

The Commission disclosed this during the second phase of its consultative meeting with industry stakeholders in Abuja, convened to review progress made since the initial engagement earlier in the year. The framework, developed in collaboration with industry players and supported by the World Bank, is expected to serve as a national guide for mitigating evolving cyber threats in the telecom sector and by extension, the wider digital economy.

Abraham Oshadami, executive commissioner, technical services (ECTS) of the NCC, underscored the urgency of developing a robust and adaptive cybersecurity system. He explained that the sophistication of modern cyber threats, combined with the rapid digitalisation of services and exponential growth in data exchange, requires a “water-tight” approach.

“Both state and non-state actors are targeting essential sectors—including ours—through coordinated cyber and physical attacks. These attacks frequently compromise control systems and data integrity, posing serious risks to operational technology. As cyber threats evolve, they endanger not only system performance but also human safety, amplifying the consequences of disruptions to vital communications infrastructure,” Oshadami warned.

He added that cybersecurity is no longer limited to the traditional pillars of confidentiality, integrity, and availability (CIA), but now extends to protecting human lives, given the real risks posed by breaches to critical infrastructure.

L-R: Promise Digos, president, International Youth Parliament; Amin Dayekh, chief executive officer, Megamore Wireless Limited; Abraham Oshadami, executive commissioner, technical services, Nigerian Communications Commission (NCC); Babagana Digima, head, Cybersecurity and Internet Governance Department, NCC; Kazeem Durodoye, chief executive officer, Cybernover, at the 2nd Cyber Security Stakeholder Workshop Hosted by the Nigerian Communications Commission in Abuja, recently

Highlighting the central role of telecoms as the backbone of Nigeria’s digital economy, Oshadami noted that the sector’s strategic importance to national development, economic growth, and societal interaction makes it a prime target for cyberattacks. He explained that the new framework is designed to reinforce resilience while creating an enabling environment for innovation and competitiveness.

The Abuja session, he said, was convened to present refinements to the draft framework based on stakeholder input, validate its design principles, and further review the proposed implementation strategies. “As the national regulator, we remain committed to an inclusive and consultative process. Sustainable cybersecurity outcomes can only be achieved through shared responsibility and strong public-private partnerships,” Oshadami said, adding that collaboration will be crucial to co-creating a framework that balances security with growth.

During the meeting, Kazeem Durodoye, chief executive officer of CyberNover—the consulting firm engaged by the NCC—gave a detailed presentation of the framework, highlighting its key provisions. The discussion drew participation from representatives of licensed telecom operators, government agencies, and other actors within Nigeria’s digital economy ecosystem.

In his remarks, Babagana Digima, head of cybersecurity and internet governance at the NCC, confirmed that the framework is expected to be finalised by the third quarter of 2025, with implementation slated for early 2026. He commended the contributions of stakeholders, stressing that their insights are critical to shaping a resilient and future-ready cybersecurity framework.