Cyberattack disclosure has become a central issue in Nigeria’s digital economy as authorities push organisations to change how they respond to breaches. The National Information Technology Development Agency has warned firms against hiding cyber incidents, stressing that secrecy increases risk across the system.
The call follows a recent breach that affected a bank and extended to connected platforms such as Remita. The incident has raised fresh concerns about vulnerabilities in Nigeria’s financial technology infrastructure.
According to National Information Technology Development Agency, organisations must rethink their approach to cyberattack disclosure. While companies often fear reputational damage, the agency believes information sharing is critical for collective security.
Director-General Kashifu Abdullahi emphasized the need for collaboration. Speaking at the GITEX Africa event in Morocco, he explained that organisations should share threat intelligence even if they choose not to make incidents public.
“The mindset that organisations should hide attacks to protect their reputation must change,” he said. “They may not need to make incidents public, but they should share intelligence so others can protect themselves.”
The cyberattack disclosure debate has gained urgency as Nigeria’s digital ecosystem becomes more interconnected. Financial institutions, payment platforms and government systems now rely on shared infrastructure. As a result, a breach in one organisation can quickly spread to others.
Abdullahi warned that cyber threats are evolving rapidly. He noted that artificial intelligence is making attacks more sophisticated. At the same time, increased digital connectivity creates more entry points for attackers.
“If one organisation is compromised, it can become a launch pad to attack others,” he said. Therefore, he urged firms to adopt a more transparent and cooperative approach.
Meanwhile, the Nigeria Data Protection Commission has launched an investigation into the breach. The commission aims to determine the extent of the incident and protect affected individuals.
Officials say the investigation will examine the types of personal data involved. In addition, it will assess the scope of the breach and the risks to data subjects. The review will also evaluate how organisations responded and whether they applied adequate safeguards.
The commission stressed that cyberattack disclosure plays a key role in preventing future incidents. Without timely information, other organisations remain exposed to similar threats. Therefore, regulators see transparency as part of a broader security strategy.
Authorities also warned companies that fail to meet data protection standards. Firms operating digital payment systems without proper safeguards will face scrutiny. This move aligns with enforcement under the Nigeria Data Protection Act, 2023.
Dr Vincent Olatunji directed that regulators examine such organisations closely. He emphasized the need for strong technical and organisational measures to protect data.
The cyberattack disclosure push reflects a shift in regulatory thinking. Instead of focusing only on penalties, authorities now emphasize prevention and collaboration. As a result, they encourage organisations to share insights that can strengthen the entire ecosystem.
For businesses, this approach presents both challenges and opportunities. On one hand, companies must improve internal security systems. On the other hand, they can benefit from shared intelligence and collective defence strategies.
Moreover, customers increasingly expect transparency. When organisations communicate clearly about risks, they build trust. Therefore, effective cyberattack disclosure can enhance reputation rather than damage it.
The recent breach also highlights the importance of cybersecurity investment. As digital services expand, threats will continue to grow. Consequently, organisations must adopt proactive measures rather than reactive responses.
In conclusion, the call for stronger cyberattack disclosure signals a turning point for Nigeria’s digital sector. Regulators, businesses and technology providers must work together to address evolving threats. Ultimately, collaboration and transparency will determine the resilience of the country’s digital infrastructure.
