Nigeria: Adopted Cybercrimes (Prohibition, Prevention, etc.) (Amendment) Bill 2024, including cybersecurity regulation

On 14 February 2024, the House of Representatives adopted the Cybercrimes (Prohibition, Prevention, etc.) (Amendment) Bill 2024. The amendments to the Cybercrimes (Prohibition, Prevention, etc.) (Amendment) Act No. 17, 2015, clarify the criteria for cybercrimes and reduce the reporting timeframe for cybersecurity incidents to 72 hours, mandating reporting through sectoral Computer Emergency Response Teams (CERTs) or Security Operation Centres (SOCs). The scope of the Act is expanded to include all public and private organisations, not just financial institutions. The criteria for what constitutes a cybercrime are refined to include pornographic content and false messages intended to cause harm. The Act incorporates other payment technology means and requires the presentation of a National Identification Number for certain transactions, enhancing identity verification processes. New responsibilities are outlined, including the establishment of sectoral CERTs and SOCs, a National Computer Forensic Laboratory, capacity building, and international cooperation.