The Lagos State Government has unveiled a new set of cybersecurity guidelines aimed at protecting businesses, public institutions, and residents from rising digital threats.
The announcement was made by Gbenga Omotoso, the Commissioner for Information and Strategy, who said the framework is part of efforts to position Lagos as a secure and globally competitive digital hub.
The move comes against the backdrop of growing cyber risks, with Nigeria estimated to lose about $500 million annually to cybercrime.
Developed in collaboration with the Lagos State Cybersecurity Advisory Council, chaired by Fene Osakwe, the guidelines provide a practical roadmap for organisations to strengthen their digital defences.
According to the government, the framework offers clear and scalable best practices tailored for small businesses, large enterprises, and government agencies. It aligns with key national regulations, including the Cybercrime Act (2024), the Nigeria Data Protection Act (2023), and the National Cybersecurity Policy and Strategy (2021).
A key focus of the guidelines is on prevention and rapid response. Organisations are encouraged to adopt data minimisation practices, secure sensitive information through encryption, and establish clear incident response plans.
They are also expected to report cyber incidents within 72 hours to relevant authorities, including the Nigeria Computer Emergency Response Team and the Nigeria Data Protection Commission, while notifying affected customers where necessary.
Although the guidelines are not mandatory, the government says they are designed to help stakeholders proactively manage cyber risks and strengthen overall resilience.
The framework also stresses that cybersecurity is a shared responsibility. Businesses are advised to assess the security standards of third-party vendors and partners, while investing in staff training and continuous system monitoring.
The initiative is being driven in part by the Commissioner for Innovation, Science and Technology, Tubosun Alake.
With Lagos recognised as one of Africa’s fastest-growing digital economies, home to over 22 million digitally active residents and a startup ecosystem valued at more than $15 billion, the stakes are high.
Globally, the average cost of a data breach stands at about $4.45 million per incident, underscoring the urgency for stronger safeguards.
By rolling out these guidelines, Lagos is signalling a shift toward more structured and proactive cybersecurity practices, aimed at protecting its digital economy while attracting global investment.
