Experts have warned that Nigeria's expanding digital ecosystem is facing growing exposure to cyberattacks, infrastructure vulnerabilities, financial fraud, and other emerging security threats. Industry leaders highlighted that weak institutional coordination and reactive response systems are deepening risks across critical sectors of the economy.
The warning came at the inaugural Enterprise Security Risk Management Conference organised by the Association of Enterprise Risk Management Professionals (AERMP). Experts said rising dependence on digital infrastructure across banking, telecommunications, healthcare, governance, and enterprise operations is increasing institutional vulnerability and exposing organisations to interconnected security risks.
Conference Highlights
Speaking at the conference, themed: “Repositioning Enterprise Security Risk Management in an Evolving Global Threat Landscape: A Multi-Stakeholder Imperative,” the Chairman of the occasion and Chief Executive Officer of Advantec Marine Services, Bolanle Ati-John (Rtd), said Nigeria’s evolving threat landscape now extends beyond conventional security concerns to include cybercrime, fraud, infrastructure vandalism, supply chain disruption, disinformation, economic shocks, and institutional trust deficits.
According to him, risks confronting institutions are no longer isolated or predictable. He warned that attacks on critical systems could quickly spread across multiple sectors with wider economic and national consequences.
“A cyberattack on a bank is not merely an IT problem. It can become a financial stability problem. An attack on a transport corridor is not merely a logistics problem. It can become a full security problem as well,” he said.
Ati-John stressed the need for anticipatory systems, intelligence sharing, and coordinated response mechanisms as threats increasingly migrate across physical, digital, and operational environments.
NCC's Warning
In a speech delivered on behalf of the Executive Vice Chairman of the Nigerian Communications Commission (NCC), Dr Aminu Maida, the commission warned that Nigeria’s growing dependence on digital infrastructure is increasing exposure to cyberattacks, telecom infrastructure vandalism, financial fraud, and operational disruptions across critical sectors.
The NCC disclosed that more than 27,000 fibre cuts and over 4,000 cyberattacks were recorded in 2025 across banking, telecommunications, healthcare, and government institutions. It warned that AI-powered attacks, ransomware-as-a-service, and data breaches are increasing the sophistication of cyber threats confronting organisations and businesses.
According to the commission, nearly 90 per cent of Nigeria’s data remains hosted outside Africa, creating significant data sovereignty risks as the country’s dependence on interconnected digital systems continues to expand. The NCC also warned that the expansion of 5G, artificial intelligence, and smart technologies will continue to widen Nigeria’s attack surface without stronger security governance and operational resilience measures.
The commission said it had introduced a Cyber Resilience Framework for the communications sector to strengthen threat detection, incident response, and risk management, while intensifying collaboration with security agencies and operators to protect telecommunications infrastructure designated as Critical National Information Infrastructure.
The commission said its Cyber Resilience Framework for the Nigerian Communications Sector would mandate critical incident reporting, operational resilience measures, and stronger risk management systems across licensed operators beginning from February 2027.
NCC also said boards within the telecommunications industry are now expected to define risk appetite and strengthen internal risk management and audit systems to improve accountability and compliance.
Expert Perspectives
Chief Information Security Officer of Quest Merchant Bank, Maji Alamogu, warned that cyber risks have evolved beyond technical and IT concerns into major enterprise threats capable of disrupting operations, exposing customer data, and threatening institutional survival.
According to her, the growing dependence on digital systems has increased organisational exposure to ransomware attacks, third-party supply chain vulnerabilities, AI-driven threats, and operational disruptions across sectors.
“It is no longer for the CISOs or heads of IT alone. It is now a concern for the board,” she said.
Alamogu stressed that security management must move beyond reactive IT structures to enterprise-wide governance systems integrating cybersecurity, operational resilience, data protection, compliance, and risk management into strategic decision-making.
Also speaking, Director of Halogen Security Risk Advisory and Consulting, Dr Adewale Adeagbo, said the growing complexity of insecurity is increasing operational and economic vulnerability for businesses, institutions, and citizens across the country.
According to him, security threats are becoming increasingly dynamic, interconnected, and less predictable, requiring organisations and governments to adopt more proactive and strategic risk management systems.
Representing former Ogun State governor and Chairman of the Senate Committee on Navy, Gbenga Daniel, Dr Babatunde Onadeko warned that increasingly interconnected security threats are exposing weaknesses in institutional coordination and enterprise risk management systems.
“One attack, multiple victims, and yet no single ownership of the risk,” he said, warning that “risk travels faster than responsibility” in today’s interconnected environment.
Onadeko stressed the need for governance-driven and multi-stakeholder security frameworks capable of improving coordination, intelligence sharing, institutional resilience, and proactive response systems across sectors.
Director-General of the Association of Enterprise Risk Management Professionals, Dr Olayinka Odutola, also called for more holistic and anticipatory approaches to security management, warning that many institutions still respond to threats reactively rather than proactively.
“We must be intentional. We must be anticipatory. We must be holistic, serious and focused,” he said, adding that enterprise risk management provides institutions with a framework to identify vulnerabilities early, improve preparedness, and strengthen coordinated response systems across sectors.
