The public sector is rapidly transitioning to digital procurement to enhance transparency, reduce costs, and streamline processes. While e-procurement offers significant benefits, Nigeria’s adoption faces major cybersecurity risks, raising concerns about whether these systems are secure against cyber threats.

Currently, Nigeria’s e-procurement systems face multiple vulnerabilities, including data breaches, phishing attacks, malware infiltration, and insider threats.

Fraudulent activities such as bid manipulation and invoice tampering further weaken the integrity of procurement systems, while corruption hampers the enforcement of cybersecurity measures. Additionally, Distributed Denial-of-Service (DDoS) attacks can cripple procurement platforms, delaying essential government projects and disrupting service delivery.

Despite the existence of cybersecurity policies like the National Cybersecurity Policy and the efforts of the Nigerian Computer Emergency Response Team (ngCERT), challenges such as weak infrastructure, limited staff training, regulatory gaps, and underfunding continue to undermine e-procurement security. The increasing sophistication of cybercriminals, who exploit weak authentication, outdated software, and poor access controls, further exacerbates the problem. A single breach can lead to data manipulation, financial fraud, and a loss of trust in public procurement processes.

A recent study highlights that cyber threats targeting e-procurement platforms have escalated, with SQL injection attacks among the most damaging. Hackers exploit weak authentication protocols and outdated software, manipulating procurement databases to gain unauthorized access to sensitive data. Additionally, DDoS attacks have rendered entire e-procurement platforms inoperative, disrupting procurement cycles and causing significant delays in public-sector operations.

To mitigate these risks, cybersecurity must be integrated from the system design phase. Multi-factor authentication, real-time security monitoring, data encryption, and regular system updates are critical in protecting procurement records. Organizations must also strengthen incident response frameworks, conduct frequent security audits, and develop disaster recovery plans to minimize operational disruptions in the event of an attack.

Moreover, building cybersecurity awareness through consistent training for public sector employees is essential, as human error remains a major cause of security breaches. Enhancing regulatory enforcement, promoting public-private partnerships, and ensuring transparency in procurement activities will also strengthen Nigeria’s cybersecurity posture. Investment in secure IT infrastructure, global cybersecurity best practices, and stronger legal compliance will reinforce the resilience of e-procurement systems.

Cybersecurity threats continue to pose significant risks to Nigeria’s e-procurement landscape. Addressing these vulnerabilities requires sustained government investment, collaboration with cybersecurity experts, and widespread awareness initiatives. Securing public procurement is not just a government responsibility but a collective effort that involves businesses and individuals working together to protect the integrity of Nigeria’s digital transformation.