The International Telecommunications Union (ITU) has categorized Nigeria as a tier-3 country in its Global Cybersecurity Index (GCI) 2024, which evaluates nations based on their cybersecurity measures. The GCI 2024 assesses national progress across five critical pillars: legal, technical, organizational, capacity development, and cooperation.
Nigeria’s Performance in Cybersecurity
Nigeria’s strongest score was in the legal measures category, achieving an impressive 19.52 out of a possible 20 points. This achievement is likely linked to the enactment of the Cybercrime Act in 2015, which was amended in 2024 to strengthen the country’s legal framework regarding cybersecurity.
Tier Classification Explained
The ITU ranks 194 countries into five tiers based on their cybersecurity commitments:
- Tier 1: “Role modelling” with strong commitments across all five pillars, comprising 46 countries.
- Tier 2: Demonstrates solid legal, technical, and organizational measures.
- Tier 3 and Tier 4: These countries, including Nigeria, have expanded digital services but still need to incorporate cybersecurity into their connectivity goals.
- Tier 5: Lags in all five pillars of cybersecurity.
Currently, over 105 countries are classified within tiers 3 and 4.
Regional Advances and Challenges
The GCI 2024 report indicates that the African region has made notable advancements in cybersecurity since 2021. Although the world’s least developed countries (LDCs) are starting to show progress—matching the cybersecurity levels of many non-LDC developing nations in 2021—land-locked developing countries (LLDCs) and small island developing states (SIDS) still grapple with resource and capacity constraints.
ITU Secretary-General’s Remarks
ITU Secretary-General Doreen Bogdan-Martin emphasized the importance of building trust in an increasingly complex digital landscape. She noted that the advancements reflected in the GCI signify the need for ongoing efforts to ensure safety and security in managing cyber threats globally.
Cosmas Luckyson Zavazava, Director of ITU’s Telecommunication Development Bureau, remarked on the significant improvements made by countries focusing on essential legal measures, capacity-building initiatives, and cooperation frameworks—particularly in bolstering incident response capabilities.
Key Insights from the GCI 2024
The GCI, initiated by the ITU in 2015, serves as a tool for countries to identify their cybersecurity shortcomings and to motivate them to enhance their capabilities across the five pillars.
However, the report highlights alarming threats, including ransomware targeting government services, cyber breaches in critical industries, and privacy violations affecting individuals and organizations. In 2023, over 8 billion records were breached across more than 2,800 reported incidents, with the average cost of a data breach rising by 15% over the past three years.
In response, countries are implementing regulations focused on personal data protection, privacy rights, and breach notification to safeguard users and set clear expectations for organizations managing data.