WHAT IS THE CBN CSAT:
The CBN issued a circular dated March 30, 2026, directing banks and other financial institutions to complete its newly deployed Cybersecurity Self-Assessment Tool (CSAT), introduced in line with its mandate under BOFIA 2020 and designed to assess the cybersecurity posture of regulated entities. The circular was signed by Olubunmi Ayodele-Oni for the Director of the Compliance Department.
WHO IT APPLIES TO:
All regulated institutions — Deposit Money Banks, Payment Service Banks, Microfinance Banks, Payment Service Providers, Finance Companies, and Development Finance Institutions.
DEADLINES: Three weeks for Deposit Money Banks; five weeks for all other regulated institutions.
DATA CUT-OF: Institutions are required to submit data reflecting their cybersecurity status as of December 31, 2025.
SUBMISSION: All regulated institutions are required to complete and submit the CSAT through a dedicated portal. Access credentials and detailed guidance will be communicated directly to Chief Information Security Officers and other relevant officials.
SANCTIONS: Submission of false or misleading data constitutes a regulatory breach under BOFIA 2020 and will attract sanctions. The CBN also disclosed plans to conduct validation exercises, including off-site reviews and supervisory engagements, to confirm the accuracy of submissions.
THE SIX ASSESSMENT DOMAINS:
The tool assesses critical areas including governance structures, risk management frameworks, technology systems, third-party risk exposure, incident response capacity, and overall operational resilience.
World-Leading AI-Powered Cybersecurity Solutions for Nigeria’s Digital Future
Solutions built to meet Nigeria’s unique cybersecurity and compliance landscape
Core Service Areas
Partnership
Cybersecurity Consultancy
Gain clarity and direction with expert guidance on your cybersecurity posture. Our Cybersecurity Consultancy Services (CCS) include:
Virtual CISO & CTO Service: Our Virtual CxO service provides expert leadership to design and execute cybersecurity strategies aligned with your business goals. We deliver tailored roadmaps, governance, and oversight—without the cost of a full-time executive.
Cybersecurity Risk Assessment: Uncover vulnerabilities across your systems and operations to proactively mitigate threats and strengthen your security posture.
Compliance & Regulatory Advisory: We help organisations navigate complex local and international standards like NDPR, CBN, ISO 27001, and GDPR with precision. We ensure your organisation is audit-ready and operates in full compliance.
Peace of Mind
Managed Security Services
Let us handle your cybersecurity operations, so you can focus on your core business. Our Managed Security Services (MSS) include:
Managed Security Operations: 24/7 threat detection and response across your entire infrastructure—network, endpoints, and cloud—delivered through our SOC-as-a-Service platform.
Identity & Access Management (IAM) Services: Ensure only the right people have access to the right resources. We manage user identities, enforce strong authentication, and enable Zero Trust architecture.
Firewall & Network Security Management: We manage and optimise your firewalls, intrusion prevention systems (IPS), and network security configurations to ensure your perimeter stays protected and compliant.
Empowerment
Cybersecurity Training
Equip your team with the knowledge they need to defend against cyber threats. Our Training, Education & Awareness Services (TEA) include:
Cybersecurity Awareness Programs: Interactive training tailored to employees across all levels, helping them recognise phishing, social engineering, and other common cyber threats.
Executive Cybersecurity Briefings: Strategic briefings for boards and senior leadership to understand cybersecurity risks, regulatory responsibilities, and crisis response expectations.
Cyber Talent Development & Internship Programs: Structured programs to upskill Nigerian youth, graduates, and professionals—nurturing the next generation of cybersecurity talent through internships and mentorship.
How We Work
Our Process
01
Discovery
We begin by understanding your business, cybersecurity goals, and existing infrastructure to identify key risks and opportunities.
02
Assessment
Our experts conduct in-depth evaluations of your systems, policies, and processes to uncover vulnerabilities and compliance gaps.
03
Design
Based on insights gathered, we craft a tailored cybersecurity strategy and architecture aligned with your business needs and regulatory requirements.
04
Deploy
We implement best-in-class security solutions, tools, and configurations to establish a resilient and secure environment.
05
Manage & Support
Ongoing management, real-time monitoring, and expert support ensure your cybersecurity defenses remain strong and adaptive.
06
Innovate & Improve
We optimise your security posture with emerging technologies, threat intelligence, and process improvements to stay ahead of evolving threats.
Strategic
Partnerships
We forge strategic partnerships with leading technology providers and local Nigerian stakeholders to deliver AI-powered cybersecurity solutions that align with national compliance standards and accelerate digital resilience across industries.
✓ Tailored to Nigerian Businesses
✓ Ensuring Compliance
