fbpx
Facebook GitHub Instagram Linkedin Mail TikTok Twitter
Saturday, July 27, 2024
Cybersecurity
Updated:

Nigeria Data Protection Law Can Create 500,000 Jobs – Cybersecurity Analyst

Destiny Young
By Destiny Young
77
0

Must Read

Destiny Young
Destiny Younghttp://linktr.ee/youngdestinya
Destiny Young is a highly credentialed information technology professional with over 14 years of industry experience. An HND/BSc (Hons) in Computer Science graduate. He holds a Master of Technology degree in Information Technology from the prestigious University of South Africa (UNISA). He is a Distinction-grade MBA alumnus of Nexford University, Washington, DC, where he also obtained a First-class MSc degree in Digital Transformation. His professional development direction is in Cybersecurity, Digital Transformation, and Business Intelligence. He is a member of the British Computer Society (BCS), the Chartered Institute of Administration of Nigeria (CIA), the Nigeria Computer Society (NCS), etc.

Tinubu projects 500,000 jobs with Nigeria Data Protection Law (NDPB 2023)

Yes, it possible – Destiny Young

As I opined here:

https://web.facebook.com/youngdestinya/posts/pfbid0WeTrUmh8KWa78M1e8SyJzZTW2B7pUUVcpMj3qkBQ5oTXBkbueF5sJeS5RTjVCTEzl

Yesterday, I made an opinion concerning the signing of the Nigeria Data Protection Law 2023 by President Bola Ahmed Tinubu. In that exposition, I was economical when I stated that the Law, having established the Nigeria Data Protection Commission (NDPC) as a government agency to “regulate and formulate policy frameworks around Data privacy and compliance in Nigeria”, will create job opportunities for IT, Cybersecurity and Legal Professionals.

Truthfully, I only made that personal submission after just reading a news headline that Mr President has signed the Bill into Law.

I am a contributor to the bill. The Bill is the brainchild of National Information Technology Development Agency NITDA Nigeria

Link to the NDPB Bill 2023:

https://acrobat.adobe.com/link/review?uri=urn:aaid:scds:US:0d285dbd-aa38-4441-97a0-531a0eebfbe3

I was part of those who contributed opinion for that bill through a memo communicated to the Agency.

The Law is fundamentally a legal instrument meant to provide for what is called CIA in the information security industry. CIA stands for Confidentiality, Integrity, and Availability. It is an information security model that IT team must use to design organisational IT systems to guarantee the safety of:

1. Personally Identifiable Information (PII)

2. Sensitive Personally Identifiable Information (SPII)

3. IT Infrastructure and Data

4. Network resources

Confidential is a set of rules that limits access to information, Integrity is the assurance that the information is trustworthy and accurate, and Availability is a guarantee of reliable access to the information by authorized people.

To protect personal information, organisations must ensure that appropriate security controls are put in place to ensure that CIA is maintained across the organisation’s IT value chain.

For example, using a Bank.

To open an account, potential customers are requested from the bank to fill a form, and in the most cases, the form requires: Full Name, Date of Birth, Email, Address, Contact Address, LGA, BVN, NIN, etc, all these are Individual’s personal information.

It is the responsibility of the bank to ensure that the information supplied by customer are well protected and that on no account should the bank allow that information be used for other purposes other than for the creation of customer’s account and those data must protected from security breach.

The Bank’s responsibility to safeguard the customer information lies with the Management of the Bank. The management is sometimes made up of Directors, the Head of Legal Department, the Chief Information Technology Officer, the Chief Information Security Officer, etc.

The NDPB 2023 requires that companies and organisations handling personal information of Nigerian Citizens should designate Officers within the organisation that should be responsible for the processing and custody of these data so that in the event of a breach of this information, someone should be held responsible. This brings me to the concept of Data Controller, Data Processor, and Data Subject as enshrined in the NDPB 2023.

Data Controller:

The data controller is the person (or company) who determines the purposes for which, and the way in which, personal data is processed. In the case above, the Bank

If you are classed as a data controller, you are responsible for ensuring that you comply with the NDPB and demonstrate compliance with the regulation’s data protection principles.

A bank (controller) collects the data of its clients when they open an account, but it is another organisation (processor) that stores, digitizes, and catalogs all the information produced on paper by the bank. These companies can be datacentres or document management companies.

Data Processor:

A data processor is a person, company, or other body which processes personal data on the data controller’s behalf.

Data Subject:

Data subject refers to any individual person who can be identified, directly or indirectly, via an identifier such as a name, NIN number, location data, BVN, email address, contact address, etc.

Going by the above, it means, with the signing of the NDPB into Law, companies and organisations that process or manage any kind of personal information and operating in Nigeria must have people who ensure that appropriate legal and information security guidelines are followed to ensure the privacy of individual’s personal information.

Impliedly, professionals in the legal, IT, Information Security and allied professions will be employed.

In conclusion, there is a possibility of a significant job opening arising from the enactment of this NDPB 2023.

Destiny Young

Cybersecurity Analyst

Writes from Uyo

Destiny Young
Destiny Young
Destiny Young is a highly credentialed information technology professional with over 14 years of industry experience. An HND/BSc (Hons) in Computer Science graduate. He holds a Master of Technology degree in Information Technology from the prestigious University of South Africa (UNISA). He is a Distinction-grade MBA alumnus of Nexford University, Washington, DC, where he also obtained a First-class MSc degree in Digital Transformation. His professional development direction is in Cybersecurity, Digital Transformation, and Business Intelligence. He is a member of the British Computer Society (BCS), the Chartered Institute of Administration of Nigeria (CIA), the Nigeria Computer Society (NCS), etc.
Previous article
Tinubu signs data protection bill into law
Next article
What you know about Nigeria Data Protection Act 2023
- Advertisement -spot_img

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisement -

Latest News

ITDestiny Young -

National Digital Economy and E-Governance Act 2024: THE DIGITAL TRANSFORMATION ERA

For effective execution of the provisions under this Act, there shall be established in every public institution an ICT Unit with such number of staff as may be required for efficient performance, effective service delivery, and digital transformation of functions in the respective public institution.
- Advertisement -

More Articles Like This

- Advertisement -

LATEST POSTS

National Digital Economy and E-Governance Act 2024: THE DIGITAL TRANSFORMATION ERA

Destiny Young - 0
For effective execution of the provisions under this Act, there shall be established in every public institution an ICT Unit with such number of staff as may be required for efficient performance, effective service delivery, and digital transformation of functions in the respective public institution.

National Digital Economy and E-Governance Act 2024

Destiny Young - 0
The bill aims to create a legal framework for the digital economy in Nigeria and improve the way the government delivers services to citizens

CrowdStrike: Revolutionizing Cybersecurity

Destiny Young - 0
CrowdStrike is a leading cybersecurity company dedicated to protecting organizations from cyber threats

Data Lifecycle Management: EXPLAINED

Destiny Young - 0
Data lifecycle management (DLM) is a policy-based approach to managing the flow of an information system's data throughout its lifecycle: from creation and initial storage to when it becomes obsolete and is deleted.

LATEST TECH TIP

Facebook

How Hackers Use Fake Facebook Copyright Infringement Flags to hack your account

Destiny Young - 0
If you receive a message saying your Facebook account has been blocked for copyright violation, don’t panic. It’s most likely just another phishing scam.

CATEGORIES

© Copyright 2024 | Young, Destiny A | All Rights Reserved