Nigeria: Designation and Protection of Critical National Information Infrastructure Order 2024 entered into force

On 25 June 2024, the Designation and Protection of Critical National Information Infrastructure Order 2024 was published in the official gazette and subsequently implemented, establishing cybersecurity measures across 13 economic sectors. The Order designates specific computer systems, networks and communication infrastructure as Critical National Information Infrastructure (CNII), placing them under enhanced protection and oversight by the Office of the National Security Adviser (ONSA). The legislation mandates the development of a Critical National Information Infrastructure Protection Plan (CNIIPP), establishes a Trusted Information Sharing Network (TISN) for threat intelligence sharing, and implements periodic audits of protected systems. The Order covers essential sectors, including power, water, telecommunications, banking, healthcare, defence, transport and emergency services, with provisions for updating designated infrastructure as technologies evolve.