The Minister of Communications Dr. Isa Pantami has issued a directive to three agencies (The Nigerian Communications Commission (NCC), the Nigerian Communication Satellite Commission Limited (NIGCOMSAT), and the Nigerian Postal Services (NIPOST) to get ISO certification in order to curb the menace of cyber crime and enhance service delivery in the country.
The Minister gave the directive in Abuja, Nigeria, during the ISO 27001:2013 certification award presented to the National Information Technology Development Agency.
Pantami said “I am using this opportunity to direct NITDA to come up with regulatory instruments that will make it mandatory for some selected public Institutions to be certified in that regard. I also use the opportunity to direct other agencies and Parastatals like NCC, , NIGCOMSAT and NIPOST to start the process immediately and make sure they are certified and I also use this opportunity to urge all the heads of agencies/parastatals to work in synergy. The mandate is a bit interwoven, the earlier the agencies come together the better for the ministry to supervise.”
He noted that certification of other Agencies was essential because it’s a global accepted standard, “We are an IT, ICT ministry, with ICT Parastatals, leadership is by example. Government Parastatals are being inclined to ICT today. A lot has been achieved in CAC, FIRS, NDIC, CBN, NNPC and many more. Being the regulators, and ministry of ICT, we are supposed to be in the forefront of doing all these activities. Secondly, safety and security are very critical,” he stated.
He further explained that “ISO 27001 is all about improving security and safety especially of Cyber-security.
Dr. Pantami restated that NITDA happens to be the first mainstream public institution, in the IT cycle to be certified ISO 27001; 2013 Certified, adding that this achievement is unprecedented.
The Director General NITDA, Mr. Kashifu Abdullahi in his welcome address emphasised the importance of the certification.
“Earning this certification has put us on the world map of organizations that follows international best practices. I called it best practices because it is specific, it is about information security and it is comprehensive.”
He said that the Agency passed through seven milestones to earn the certification: envisioning, planning, paper work, documentation, cost, filling the gaps and embedding the right organizational culture.
Speaking to Journalists Mr. Abdullahi said that as a regulator, “we need to do before we start preaching to others to do. We are in a digital age where everything is becoming digital-everything about technology and information technology. So, the ISO-27001 is an International Globally Accepted Standard and best practices for managing information security.”
He noted that for government to achieve the vision of digitizing government services, all government agencies should start focusing on this best practices standard, because that is the only way that the three key areas of confidentiality, integrity and availability of government digital services can assured.