WHY COMMUNICATION MATTERS IN CYBERSECURITY POLICY

 Governments should prioritise building cyber resilience through strategic investment, robust legal frameworks, and concerted regional cooperation, argues Femi Odewunmi

Nigeria’s disastrous roll-out of a cybersecurity levy offered a master class on how not to implement critical national policies. What should have been a vital step to fortify the nation’s digital defenses was derailed by a devastating breakdown in public communication and trust. The episode underscores why strategic messaging and proactive stakeholder engagement must be central to any major policy push— particularly on sensitive issues of security that directly impact citizens.

The mounting threat is real. Last year, cybercrimes cost the African economy an estimated $4 billion, according to Interpol. From crippling ransomware attacks that hobble critical infrastructure to widespread financial fraud, state-backed hackers and criminal syndicates are intensifying their assaults. Nigeria’s financial sector has been a prime target, absorbing billions of Naira losses annually due to cyberattacks. But the repercussions reverberate far beyond the economic toll. 

Africa is particularly vulnerable given its swiftly expanding digital footprint and the sophistication of bad actors. Rapid technology adoption, coupled with the rise of mobile banking and digital public services, expands the attack surface. At the same time, cybersecurity talent remains scarce and underfunded across much of the continent. Too many African nations are woefully unprepared. 

The imperative could not be clearer. Governments must prioritize building cyber resilience through strategic investment, robust legal frameworks, and concerted regional cooperation. Nigeria’s central bank has taken a laudable step by mandating robust cybersecurity protocols for financial institutions. But a patchwork of fragmented efforts won’t suffice. Comprehensive national cybersecurity strategies, backed by significant and sustainable public funding, must be urgently enacted.

The core mission was sound: Shoring up Nigeria’s cybersecurity infrastructure has become an existential necessity as threats from criminal hackers and hostile states intensify. Just last year, cyberattacks cost the Nigerian economy upward of $500 million in losses, endangering the nation’s financial system and digital ambitions. A modest levy on electronic transactions to fund cybersecurity upgrades seemed a reasonable proposal. 

But a series of self-inflicted missteps by institutions communicating the police change quickly eroded an already waning public confidence. At the outset, there was a glaring absence of transparency. The government provided scant details about how the 0.5% levy would be collected and allocated, fueling public skepticism that the funds could be siphoned for other purposes. Mixed messaging and poor planning further muddied the waters.

As angry reactions mounted across mainstream media and digital channels, the tone-deaf response from authorities only compounded the crisis. Rather than acknowledging legitimate public concerns over the levy’s timing and economic burden during inflationary turmoil, officials resorted to dismissive bromides— framing dissent as misinformed hysteria. Such an insular approach inflamed an already incendiary situation. 

Eventually, the institutions of the NSA and the CBN caved to overwhelming backlash and suspended the levy. But the damage had been done. Public trust in the government’s handling of cybersecurity policies lay in tatters.  

The debacle offered a textbook example of how not to implement policy changes that directly impact citizens. Strategic communication should have been the backbone from the onset—not an afterthought once chaos erupted. 

A proactive public education campaign could have preemptively built awareness around escalating cyber threats and the costs of inaction. Outlining a transparent road map detailing how funds would bolster critical infrastructure and staffing needs could have engendered public buy-in. Soliciting input and exploring alternative funding models should have been a key factor in defusing opposition.

Once the media protests flared up. with tracked negative sentiments peaking at 91.3%, damage control required deft crisis communications—something that was sorely lacking in the case. Promptly acknowledging miscues, expressing empathy for economic strains, and mapping a path forward through open stakeholder dialogue could have gone a long way to restoring trust. 

The media response was a chaotic mess of conflicting tactics, rather than a well-defined strategy. In an era of emboldened civic activism and erosion of public faith, strategically crafted transparency is now the entry fee for successful policymaking. Without this two-way dialogue, even the most critical national goals can crumble under the weight of a credibility crisis.

Security cannot be segregated from the vital bonds of trust between government and citizenry. The cybersecurity levy saga exposed how frayed those bonds have become in Nigeria. Rebuilding them must be the urgent priority for a nation seeking digital resiliency in an era of multiplying cyber perils. For when confidence in public institutions crumbles, no security policy—cyber or otherwise—can stand on solid ground. 

 Odewunmi is Group CEO, CI Public Relations, a subsidiary of CI Group communications consultancies company

Related Articles