Nigeria's CAC Confirms Cybersecurity Breach, Urges Resilience

On April 15, 2023, Nigeria's Corporate Affairs Commission (CAC) confirmed it suffered a cybersecurity breach, where unauthorized actors gained access to part of its IT system. The full scope of the breach remains unclear.

This incident underscores the urgent need for Nigeria to shift its cybersecurity strategy towards a broader resilience framework, as outlined by Kashifu Inuwa, Director General of the National Information Technology Development Agency (NITDA). The evolving cybersecurity landscape necessitates moving beyond traditional technical solutions, as many breaches are attributed to human error, often driven by psychological factors such as stress and fatigue.

The incident reflects the importance of safeguarding institutional frameworks that underpin the trust in Nigeria's business environment. It emphasizes that no system is entirely immune to breaches, and a strong response capability is essential for managing risks and restoring confidence.

The ongoing review involves relevant bodies to address these challenges, highlighting the critical role of human factors in cybersecurity resilience.