The Cybersecurity Department was established in proactive response to the myriads of cyber incidences and breaches suffered by multinationals and nation-states culminating in monumental financial losses, reputation, with the attendant implications for business continuity. It is therefore, mandated to coordinate the activities to achieve sustainable national development by harnessing the positives of cyberspace while avoiding and criminalizing its negatives aspects.
Through effective regulation, it standardizes the setting up of cybersecurity structures in MDAs, private sector and trickling down to individual behavior in terms of what to avoid, partake of, and how to report and act when eventual incidence occur. In collaboration with relevant agencies of government, domestic and international bodies, it is encouraging partners to effectively enforce extant legislation, and propose regulation that would encourage innovation, build enterprise and penalize criminality.
The main objectives of the Department are to:
- Ensure effective regulation of the sector through development of standards and guidelines to enhance Nigeria’s cybersecurity resilience;
- Enlighten all Nigerians on what to do and avoid while in cyberspace;
- Ensure that Nigeria has mechanisms for building enormous human capacity to defend our cyberspace and perform offensive operations when necessary; and
- Ensure that Nigeria’s rating in international indices is improved.
The Cybersecurity Department is subdivided into four units:
- Computer Emergency Readiness and Response Team (CERRT)
- Public Key Infrastructure Development (PKID)
- Business Continuity Management (BCM)
- Digital Security Professional Development (DSPD)
The major functions of the Department are:
- To track local and global cyber activities/programmes/incidences/research, analyze and share ensuing strategies with Nigerians;
- To develop policies and guidelines on how to identify, protect, respond, and recover from threats in cyber space, particularly as it affects MDAs.
- To institute mechanisms for monitoring compliance with such guidelines.
- To coordinate nationwide participation to realize national strategy and cybersecurity objectives;
- To facilitate the establishment of a national PKI with internal structure and governance mechanisms to ensure effectiveness of a dependable Trust chain for online transactions;
- To conduct studies to decipher global direction of cyber activities and knowledge requirements, and provide the enabling environment for active participation of all, to produce a constant stream of quality manpower for servicing internal needs and exporting skilled human capacity;
- To develop framework for institutional capacity for professional skills development and align it with certification authorities globally, and broker alliances with local vendors for mutual benefits;
- To keep track of such capacity in a national database and repository where needy agencies could access it;
- To conduct research into risks and opportunities inherent in the business landscape of the Agency; and
- To formulate guidelines on Business continuity for MDAs and businesses, including recovery mechanisms so as to forestall service outages.