The Nigeria Data Protection Commission (NDPC) has issued a regulatory advisory to all data controllers and processors across the country, warning of increasing threats to Nigeria’s data security architecture. According to the Commission, recent technical assessments have revealed coordinated activities by malicious actors targeting financial systems and critical digital infrastructure……
The Nigeria Data Protection Commission (NDPC) has issued a regulatory advisory to all data controllers and processors across the country, warning of increasing threats to Nigeria’s data security architecture.
According to the Commission, recent technical assessments have revealed coordinated activities by malicious actors targeting financial systems and critical digital infrastructure nationwide.
The NDPC emphasised the urgency for both public and private sector organizations to strengthen their data protection frameworks.
The Commission referenced a presidential directive by Bola Ahmed Tinubu, which underscores the importance of data as a strategic national asset.
The directive calls on Ministries, Departments, and Agencies (MDAs) to ensure proper data collection, management, and protection in line with the Nigeria Data Protection Act, 2023.
In response to the evolving threat landscape, the NDPC has advised organizations to urgently reinforce their technical and organizational safeguards to protect personal data and ensure compliance with existing regulations.
Key recommendations include the appointment of certified Data Protection Officers, implementation of robust privacy policies, regular data protection impact assessments, and deployment of advanced security measures such as multi-factor authentication and zero-trust architecture.
The Commission also stressed the need for continuous system monitoring, encryption protocols, vulnerability testing, and regular data backup and recovery processes.
Furthermore, organizations are urged to secure cloud systems, APIs, and databases, while maintaining strict control over access credentials to prevent unauthorized breaches.
The NDPC reiterated its readiness to provide regulatory guidance and support to institutions in achieving full compliance.
It warned that failure to implement the prescribed measures could result in legal consequences under the Nigeria Data Protection Act, 2023.
The Commission reaffirmed its commitment to safeguarding personal data, enhancing institutional resilience, and ensuring adherence to data protection standards across all sectors.
