Nigeria is facing an escalating cybersecurity crisis that is often underestimated. In Q1 of 2025 alone, more than 119,000 user accounts were breached, according to Surfshark, and by mid-year, that number had risen to 150,000 compromised accounts. Long-term data reveal the scale to be even more alarming. Since 2004, over 23.3 million accounts in Nigeria have been exposed, including millions of passwords and email addresses. At an organisational level, reports indicate that Nigerian businesses endured an average of 6,101 cyberattacks every week in July 2025.
While external breaches dominate headlines, the most overlooked risk comes from within. Insiders, employees, contractors, or partners with legitimate access are often the starting point of a breach. Negligence, poor security culture, or deliberate misuse of privileged access can compromise even the most advanced technical safeguards. Global research from the Ponemon Institute shows insider-related incidents now cost organisations an average of $11.45 million annually, a figure that resonates strongly in Nigeria’s vulnerable digital economy.
As businesses digitise and hybrid work reshapes operations, the human factor has become the hidden variable in cybersecurity. This article explores how insider threats manifest in Nigeria, why traditional defences fail to stop them, and what leaders must do to build resilience against risks that arise from within.
Insider Threats: The Overlooked Risk Within
When organisations think of cybersecurity threats, the mind often jumps to hackers, ransomware groups, or nation-state actors launching sophisticated attacks from the outside. However, one of the most persistent and damaging risks frequently originates much closer to an insider in the organisation. These risks are not as sensational as external cyberattacks, yet they have the potential to cause equally, if not more, significant harm to an organisation’s financial health, reputation, and operational resilience.
The Hidden Nature of Insider Risks
What makes insider threats particularly dangerous is their subtlety. Unlike external attackers who must break through perimeter defences, insiders already have authorised access to sensitive systems, networks, and data. This makes detecting malicious or negligent behaviour far more difficult.
Insider risks can manifest in different forms:
- Malicious insiders who intentionally exploit access to steal intellectual property, commit fraud, or sabotage systems.
- Negligent insiders who, through carelessness or lack of awareness, create vulnerabilities—for example, by mishandling sensitive data or clicking on phishing links.
- Compromised insiders whose credentials are stolen and used by external attackers, often without the employee’s knowledge.
The challenge for organisations lies in the fact that insider threats blend in with normal, day-to-day activities, making them harder to detect with traditional monitoring tools.
Nigeria’s Growing Vulnerability in the Cybersecurity Landscape
Nigeria’s rapid adoption of digital technologies and remote work models has ushered in unparalleled opportunities but also increased risks. The country’s digital economy, spanning fintech, telecommunications, e-commerce, and public services, thrives on connectivity and data. However, this growth has outpaced the expansion of cybersecurity infrastructure and skilled security personnel, leaving exploitative cracks open.
The insider threat risk is compounded by human factors, including negligence, inadequate security awareness, disgruntled employees, and even compromised insiders whom external actors unknowingly manipulate. Nigerian organisations often rely on traditional perimeter defences that are ill-equipped to detect or prevent threats arising from authorised users acting maliciously or negligently.
Insiders may intend to harm the organisation for financial gain, retaliation, or ideological motives (malicious insiders), cause damage through careless actions (negligent insiders), or be unwitting pawns with hijacked credentials (compromised insiders). Each category requires nuanced understanding and tailored responses, particularly in Nigeria’s unique socio-economic context.
Strategic Imperatives for Organisational Resilience
Business leaders in Nigeria must embrace a human-centred cybersecurity strategy that recognises people as both the most significant asset and the greatest risk. Effective management of insider threats requires a harmonious integration of people, processes, and technology, grounded in leadership commitment and cultural transformation.
Below are five strategies for mitigating insider threats in any firm:
-
Building a Security-Conscious Culture:
The foundation of insider threat management is fostering a security-aware workforce. Nigerian organisations need continuous, context-driven training programs that educate employees on recognising cyber risks, phishing attempts, safe data handling, and compliance with information security policies. Security culture is best reinforced by making cybersecurity everyone’s responsibility and encouraging transparency and reporting. A proactive environment where employees feel safe to report suspicious behaviour can often prevent incidents before they escalate.
-
Implementing Robust Access Governance
Applying the principle of least privilege ensures employees, contractors, and partners can access only what is necessary for their roles, limiting opportunities for misuse. Nigerian firms should adopt regular access reviews and automated deprovisioning of accounts when roles change or people leave. Security protocols must be enforced rigorously, striking a balance between ease of access and protective controls. Strong passwords, multi-factor authentication, and encryption technologies form crucial pillars of access governance.
-
Insider Threat Detection Programmes
Establishing dedicated insider threat programmes is vital. Such programmes combine expertise from human resources, IT security, legal, and executive leadership to monitor behavioural indicators, investigate anomalies, and act decisively. Leveraging advanced security analytics, such as User and Entity Behaviour Analytics (UEBA), Security Information and Event Management (SIEM) systems, and Data Loss Prevention (DLP) tools, enables organisations to detect suspicious activities, including unusual file access patterns, large data downloads, or repeated policy violations. In the absence of sufficient cybersecurity-trained personnel, Nigerian firms may consider managed security service providers specialising in insider threat detection.
-
Integrating Cutting-Edge Security Technologies
AI and machine learning-powered tools are critical for real-time anomaly detection, correlating unusual user behaviour across systems and networks. Encrypting sensitive information, employing endpoint detection and response (EDR), and mandating multi-factor authentication reduce the attack surface and insider risk. Security investments tailored to Nigerian business realities, including scalable tools that integrate with existing infrastructure, should be prioritised.
-
Developing and Testing Response Plans
Preparedness is essential. Nigerian organisations should develop incident response plans specific to insider threats, including clear protocols for containment, investigation, communication, and recovery. Regular simulation exercises help ensure readiness. Coordination with legal and human resources is crucial for implementing disciplinary measures and maintaining regulatory compliance. When necessary, collaboration with law enforcement must be fast and thorough to mitigate reputational and financial damages.
Insider threats have a devastating impact beyond direct financial loss. They erode customer trust, expose organisations to regulatory penalties, and tarnish brand reputation. As Nigeria’s digital economy expands rapidly, failure to control insider risks could deter investment and innovation, ultimately impairing broader national development.
Conclusion: Building a Human-Centric Cyber Defence
Today, successful cybersecurity in Nigeria hinges less on firewalls and more on comprehensive management of the human dimension. Organisations that embed security awareness in their culture, enforce stringent access controls, deploy advanced detection technologies, and have well-rehearsed response plans will stand resilient.
October’s Cybersecurity Awareness Month offers an opportunity for Nigerian leaders to renew their commitment to insider risk management. By leading change, investing wisely, and adopting a human-centric approach, Nigeria can transform its insider threat challenge into a strategic advantage.
The greatest threat and strength lie within the people. Ensuring their alignment with organisational security goals will be decisive for Nigeria’s digital future.
Written by:
Abiodun Adeosun
DTC