Lagos Moves to Strengthen Cybersecurity as Nigeria’s Losses Reach $500m

Lagos cybersecurity guidelines arrive as Nigeria loses $500m yearly to cybercrime—will businesses act fast enough to stay protected?

Lagos has taken a fresh step to tackle rising cyber threats. The state government has introduced new Lagos cybersecurity guidelines aimed at protecting businesses, institutions, and residents.

The move comes at a critical time. Nigeria reportedly loses about $500 million, roughly N250 billion, to cybercrime each year. As a result, pressure is growing on authorities to respond quickly. The announcement came through the Commissioner for Information and Strategy, Gbenga Omotoso. He said the framework will help organisations improve their digital safety.

Lagos cybersecurity guidelines target rising risks

The new Lagos cybersecurity guidelines arrive as digital activity expands across the state. While growth brings opportunity, it also increases exposure to cyber attacks.

The government explained that the framework offers practical steps for organisations of all sizes. It covers small businesses, large companies, and public institutions.

It stated:“While Lagos is rapidly evolving into a SMART City, this progress brings heightened vulnerability to cyber threats.”

The statement continued:“The newly issued guidelines… outline clear, practical, and scalable cybersecurity best practices for small businesses, medium and large enterprises, and Ministries, Departments, and Agencies (MDAs).”

Because of this, the state hopes to build a stronger and more secure digital environment.

What businesses must now consider?

The Lagos cybersecurity guidelines place clear expectations on organisations. They encourage better data protection and faster response to incidents. Businesses are expected to limit unnecessary data collection. They should also secure stored information using encryption. In addition, firms need clear response plans for cyber incidents.

Importantly, the framework highlights reporting obligations. Organisations must notify relevant authorities within 72 hours of a breach. They must also inform affected customers when necessary. The government stressed that the guidelines are not strict laws. However, they serve as a strong advisory tool for improving cybersecurity practices.

A broader push for digital trust

The Lagos cybersecurity guidelines align with national policies already in place. These include the Cybercrime Act (2024), the Nigeria Data Protection Act (2023), and the National Cybersecurity Policy. This alignment signals a wider effort to strengthen Nigeria’s digital economy. Stronger security can improve trust among users and investors.

The government also pointed to shared responsibility. It noted that secure systems support economic stability and attract global investment. As part of this, organisations must review third-party risks. This includes vendors, cloud providers, and external partners.

Why this move matters now

Cybercrime continues to evolve quickly. As attacks grow more sophisticated, organisations face higher risks. The Lagos cybersecurity guidelines aim to close this gap. They encourage businesses to act early rather than react after damage occurs.

The government urged organisations to assess their current systems. It also advised investment in staff training and awareness. Furthermore, continuous monitoring remains key. Tracking performance can help organisations improve over time.

The initiative also reflects collaboration across sectors. The Lagos State Cybersecurity Advisory Council, led by Fene Osakwe, contributed to the framework. Lagos is positioning itself as a leading digital hub in Africa. However, that ambition depends on strong cybersecurity foundations.

With losses already hitting $500 million annually, the stakes are high. The Lagos cybersecurity guidelines may not be mandatory, but they send a clear signal.