Our locations:

Cybersecurity is no longer an IT issue. It sits squarely with the board, carrying real commercial and legal consequences. Breaches now trigger regulatory scrutiny, disrupt operations, and expose directors and executives to personal risk. Boards are expected to understand the risk and take responsibility for it.

In this publication, TEMPLARS Partner, Ronke Sokefun, and Associates, Francis Jarigo and Onyinye Omenugha examine how this position is reinforced by Nigeria’s legal framework. The Cybercrimes Act, the Nigeria Data Protection Act 2023, sector regulations, and directors’ duties under CAMA all converge on one point: where failures stem from weak controls or poor oversight, liability can extend beyond the company to its leadership. The focus is on whether the board exercised proper care.

To mitigate this risk, cybersecurity must be embedded into governance and risk management, not treated as a compliance add-on. Boards that take a structured, disciplined approach to oversight and regulatory alignment will be better placed to limit exposure, protect value, and sustain market confidence.

View publication

Related posts

8 April 2026

Path to a Digital Economy: Navigating Nigeria’s Data Centre and Cloud Ecosystem
Nigeria’s digital economy is scaling rapidly, with data centres and cloud infrastructure emerging as core enablers of growth. Rising connectivity, AI adoption, and digital service delivery are driving sustained demand, positioning Nigeria as a hub.

26 January 2026

Data Protection Compliance in Nigeria: Audit Return Obligations for 2026
Nigeria’s data protection regime continues to tighten, with Compliance Audit Returns (CARs) now a core obligation for organisations classified as Data Controllers and Data Processors of Major Importance (DCMIs/DPMIs).

22 December 2025

The Applicable Limitation Law in Oil Spill Cases – Need for Judicial Certainty
Limitation risk has historically been a defining factor in Nigeria’s oil-spill disputes environment.