Nigeria’s drive to secure its Critical National Information Infrastructure (CNII) is coming under renewed scrutiny, as industry and policy stakeholders warn that weak enforcement, limited legal backing, and low public awareness are undermining efforts to protect the country’s digital backbone.
At a communications infrastructure summit convened on Thursday in Lagos by Advocaat Law Practice, experts say that while Nigeria has made policy advances in safeguarding telecoms and digital assets, implementation remains inconsistent and, in some cases, ineffective.
Rotimi Akapo, Partner and head of the Telecommunications, Media and Technology (TMT) practice group at Advocaat Law Practice. Image credit: Technology Times/Rilwan Oladapo.
“For anyone to access a base station and remove components, that individual must have a good understanding of the environment and equipment. That points to a failure in awareness and protection systems,” he says.
Enforcement gaps threaten CNII gains
Benito Eze, Assistant Commandant General of the Nigeria Security and Civil Defence Corps (NSCDC), says infrastructure protection efforts must extend beyond policy pronouncements to operational execution.
“The assignment of infrastructure protection should be all-encompassing. There is lack of collaboration and issues around training—training to meet modern threats and the challenges in protecting digital infrastructure,” he says.
His remarks highlight systemic gaps, including weak inter-agency coordination, evolving threat vectors, and insufficient capacity building among enforcement personnel.
Stakeholders at the summit identify vandalism and sabotage of telecoms infrastructure as persistent risks, often enabled by insider knowledge and low public awareness of the consequences.
Eze calls for grassroots advocacy to bridge this gap.
“What I will suggest is grassroots advocacy to enable Nigerian citizens to understand the impact of damaging this infrastructure,” he says.
He adds that the technical nature of telecoms infrastructure attacks suggests that perpetrators often possess operational knowledge of network environments.
“For anyone to access a base station and remove components, that individual must have a good understanding of the environment and equipment. That points to a failure in awareness and protection systems,” he says.
Legal experts are also questioning the robustness of Nigeria’s current CNII framework. Rotimi Akapo, Partner and Head of the Telecommunications, Media and Technology (TMT) practice at Advocaat Law Practice, argues that enforcement remains the weakest link.
He raises concerns over whether vandals are being effectively prosecuted and whether existing penalties are strong enough to deter future attacks.
“What we’re looking at here is an executive order. In the hierarchy of laws, an executive order is not on the same level as a statutory instrument—it is a subsidiary instrument,” Akapo says. “We can definitely do a lot better to meet global standards.”
According to him, Nigeria’s reliance on executive directives to drive CNII protection leaves critical gaps when compared to jurisdictions with stronger statutory frameworks.
Akapo also points to fragmented institutional coordination as a structural weakness. Despite the involvement of multiple agencies, ranging from regulators to security bodies, collaboration remains limited and often siloed.
“Are these institutions working effectively together? Do they need a unified framework to ensure implementation and enforcement are no longer fragmented?” he queries.
The lack of a harmonised operational model, stakeholders say, continues to dilute the impact of existing policies.
CNII framework: progress and limitations
The summit, themed “Operationalising the Critical National Information Infrastructure Framework: Lessons, Achievements, Gaps and Next Steps,” reviews Nigeria’s progress in protecting critical digital assets while identifying persistent implementation challenges.
Nigeria’s CNII framework is designed to identify and secure systems, networks, and infrastructure whose disruption could significantly impact national security, economic stability, and public safety.
Momentum for the framework increased following the Federal Government’s 2024 executive order designating telecommunications infrastructure as critical national infrastructure. The move builds on provisions of the Cybercrimes (Prohibition, Prevention, etc.) Act, which criminalises attacks, vandalism, and unauthorised access to digital systems.
Under the CNII designation, it is illegal to damage or interfere with telecoms infrastructure, with penalties including fines and imprisonment. The framework also mandates collaboration among government agencies, operators, and security institutions.
High stakes for Nigeria’s digital economy
Stakeholders say that while the CNII designation marks a significant policy milestone, its effectiveness will depend on enforcement, legal strengthening, and coordinated execution.
Telecoms infrastructure vandalism has long disrupted service delivery, increased operating costs for network providers, and degraded connectivity for millions of Nigerians.
As Nigeria deepens its digital transformation agenda, experts warn that failure to close enforcement and coordination gaps could expose critical systems to continued risk—undermining both national security and the growth of the digital economy.
Stay ahead with real-time reports, breaking news, and exclusive insights delivered directly to your phone. Don’t settle for outdated information. Join TECHNOLOGYTIMES NEWS on WhatsApp for 24/7 updates.
A University of Jos student, John Arum Azi, who spent about two weeks in captivity arrived Jos, the Plateau State capital, on Wednesday at about 10pm, after regaining his freedom.
The victim was abducted while travelling to Kaduna from Jos. A video of him being tortured by his captors generated reactions across the country and beyond.
His abductors later moved Azi from Kaduna to Zamfara, prompting rumours that he had been killed.
A short video on Tuesday circulated online showing that he had been released and was in the company of someone who appeared to be his relative.
His elder brother, Bulus, confirmed that he has been reunited with the family and has been admitted to the Jos University Teaching Hospital (JUTH) for treatment.
Bulus said Azi told the family upon arrival that he was not abducted on his way to Kaduna as widely reported, but in Zaria, where he had gone for a job.
According to him, “Azi had already arrived in Zaria and was on his way to meet his contact for the job he went for when he was kidnapped and taken into the bush.”
Bulus, while narrating how Azi was released, stated that their family had been in touch with the kidnappers since the victim was kidnapped, saying that they were always sendingmoney to them for recharge cards upon their request.
Sometimes, he explained that they would tell them that they are sick themselves and that they should send money for their drugs, stressing that they kept negotiating the ransom, which they had earlier agreed to be N6 million.
He noted that when the kidnappers saw the crowdfunding activities online, they increased the ransom to N15 million, pointing out that they appealed to them, and eventually settled at N10,315,000, and that was what they eventually paid the kidnappers.
Azi and another abductee, he explained were transported on motorcycles from Zamfara to Zaria, with an armed member of the abductors following behind upon payment of the ransom.
Upon arriving in Zaria, Bulus also explained the other abductee — a Muslim boy from Toro in Bauchi State — contacted a relative, who rushed them to a hospital where they were immediately given drips.
He explained that after the initial Zaria treatment, they then chartered a vehicle from Jos to Zaria to bring him back, saying that Azi arrived on Thursday night at about 10pm, and was rushed to JUTH for proper treatment.
He lamented that all Azi’s body has stripes from the flogging he received from the kidnappers.
Asked whether security agencies or government officials were in contact with them during the incident, he further explained that they reported the matter to the police when the video first surfaced, and that the DSS also contacted them at the initial stage.
However, after Azi was released, he said the police only reached out after seeing the video online and offered to assist in escorting them home, but arrived after the family had already picked him up and taken him to JUTH.
Residents of a community in Jos, Plateau State, on Friday staged a protest against soldiers stationed at a checkpoint in the area, expressing anger over continued insecurity and alleged killings.
The aggrieved residents, who gathered near the checkpoint, accused security operatives of failing to protect them despite their presence in the community.
“Our people are being killed, they can’t do anything,” one of the protesters lamented, reflecting the frustration among locals.
According to eyewitnesses, the protest caused temporary tension in the area as residents demanded immediate action to address the security situation.
The demonstrators called on relevant authorities to urgently intervene and ensure the safety of lives and property, stressing that the current situation has left many in fear.
As of the time of filing this report, security agencies had yet to officially respond to the allegations.
