The Director-General of the National Information Technology Agency (NITDA), Kashifu Abdullahi, has said the coronavirus pandemic has escalated attempts at data breach and compromise in Nigeria and across the world.
He said financial institutions are especially targetted for personal data compromise in view of the sensitive information they store.
Mr Abdullahi stated this on Friday at the closing ceremony of a three-day virtual conference on “COVID-19 and Securing the Financial Services Industry” organised by Committee of Chief Information Security Officers of Nigeria Financial Institutions (CCISONFI).
The director-general, however, said Nigeria has recorded “impressive growth” in data protection compliance.
He said with a verifiable database of statutory audit reports filed by 588 entities, Nigeria leads the pack on the continent.
Speaking on Nigeria’s journey towards implementing Data Protection Regulation (NDPR), Mr Abdullahi noted that despite low level of awareness and various challenges faced by stakeholders, the level of compliance is growing at a fast rate.
He said, “Before the introduction of the NDPR, no Nigerian entity could boast of compliance with data protection laws. Selected multinationals had some level of compliance imposed on them by their parent companies. However, it changed drastically within one year. From near zero compliance, the country has recorded impressive growth in data protection compliance.”
Mr Abdullahi added that the banking sector is a primary target for data breach due to the perceived value of data.
He commended banks for their pro-activeness in compliance with NDPR and information technology standards and regulation.
“Your industry, the banking sector, is a primary target for data breach, and your level of compliance is building trust in your customers. Compared with other industries, you are fantastically doing well, but still, there is room for improvement for you to get to the Promised Land,” he said.
The NITDA boss revealed that, initially there was resistance from various quarters as to NITDA’s statutory powers and capacity to implement the NDPR. He said that, “The resistance helped to stimulate and focus the Agency on delivering valid results. Critical stakeholders represented by Data Protection Officers (DPO) have validated our innovative approach to NDPR implementation. And our role in pioneering data protection in Nigeria is also critical as the experiences garnered so far would be of immense benefit to the country.”
He further explained that in a survey conducted in July, 74 per cent of the respondents said NDPR met the need of the Nigerian environment; 76 per cent said the unique introduction of Data Protection Compliance Organisations (DPCO) helped in their compliance with the NDPR. 72 per cent noted that NITDA had provided the necessary support for industry adoption of the NDPR. He said the respondents put the rate of public awareness at 54 per cent, which is the lowest score, but, 85.3 per cent of the respondents stated that the NDPR compliance enhances good perception about their business.
While recalling some achievements, Mr Abdullahi said, “We have licensed 70 Data Protection Compliance Organisations (DPCO), which also created over 2,700 new jobs. The Data Protection sector is valued at N1,860,000,000, using median value of audit implementation cost. In addition to this, The African Union – Working Group on Data Protection Harmonisation and Localisation on (Policy and Regulatory Initiative for Digital Africa- PRIDA) has appointed NITDA as Vice-Chair of the working group.”