Skip to main content
NEW · COHORT-BASED

Cybersecurity for Businesses

Protect Your Business, Website, and Customer Data From Digital Threats

Cyber attacks against Nigerian businesses are increasing. In 2024, Nigeria ranked among the most targeted countries in Africa for phishing, ransomware, and business email compromise. Most of these attacks succeed not because of sophisticated hacking — but because of weak passwords, unpatched plugins, and staff who couldn't spot a phishing email.

This cohort course gives Nigerian business owners, IT managers, and non-technical managers the practical knowledge to protect their business online. No acronym-heavy jargon. No assumptions of technical background. Real threats, real solutions, and Nigeria-specific compliance obligations under the NDPA 2023.

Join the Waitlist

This course runs in cohorts. Join the waitlist and you’ll be the first to know when the next cohort opens — plus priority booking and early-bird pricing.

Who this course is for

This course is for you if…

  • You're a Nigerian business owner responsible for your company's digital security
  • You manage IT or operations for an SME and need to understand cybersecurity practically
  • You work in HR, admin, or finance and want to recognise and resist phishing and social engineering
  • You're a marketing manager responsible for your company's website and social accounts
  • You need to understand your NDPA 2023 data protection obligations as a business

This course is NOT for you if…

  • You're a trained cybersecurity professional seeking certifications like CISSP, CEH, or CompTIA Security+ — this is a business-focused, not technical-certification, course
  • You want deep technical content on penetration testing, network security architecture, or exploit development
  • You work in enterprise IT with a dedicated security operations team

What you'll be able to do

  • Identify and explain the most common cyber threats facing Nigerian businesses
  • Harden your WordPress website against the most frequent attacks
  • Implement a password and access management policy for your organisation
  • Recognise and respond to phishing, business email compromise, and social engineering attempts
  • Understand your legal obligations under the Nigeria Data Protection Act 2023 (NDPA)
  • Build a basic incident response plan so your team knows what to do when something goes wrong
  • Assess the cybersecurity posture of your business and identify your biggest vulnerabilities
  • Create a security-aware culture so your staff become your first line of defence

Course curriculum

  • Why Nigerian businesses are prime targets for cybercrime
  • The most common attacks in Nigeria: phishing, ransomware, BEC, and account takeover
  • How attackers find and select targets — and what makes your business attractive to them
  • High-profile Nigerian cyber incidents and what we can learn from them
  • The cost of a breach: financial, reputational, and legal consequences
  • NDPA 2023 overview — your obligations as a data controller or data processor
  • The difference between cybersecurity, privacy, and compliance — and why you need all three

Exercise: Complete a business risk self-assessment to identify your most exposed areas

  • Why WordPress sites are the most attacked platforms in the world — and how to protect yours
  • The security plugin stack: Wordfence, Sucuri, and iThemes Security
  • Keeping WordPress, themes, and plugins updated — the single biggest security action
  • Secure login: strong passwords, two-factor authentication, and login attempt limiting
  • Hiding your WordPress login page and admin URL
  • Database prefixes, file permissions, and disabling XML-RPC
  • Backups: the UpdraftPlus setup that protects you from ransomware and server failures
  • SSL/HTTPS: how it works, why it's mandatory, and how to enforce it

Exercise: Security audit and hardening of a WordPress site using a Brela security checklist

  • Why password reuse is the most common reason accounts get compromised
  • Password managers: what they are, how they work, and which to use (Bitwarden for businesses)
  • Creating and enforcing a password policy for your organisation
  • Two-factor authentication (2FA): setting it up on email, social media, banking, and hosting
  • Principle of least privilege: who should have access to what — and why not everyone needs admin
  • Offboarding security: revoking access when staff leave
  • Shared accounts: why they are a security risk and how to eliminate them

Exercise: Conduct an access audit of your business accounts and identify vulnerabilities

  • What phishing is and why it succeeds even against smart people
  • Types of phishing: email phishing, SMS phishing (smishing), WhatsApp phishing, and voice phishing (vishing)
  • Business email compromise (BEC): the attack that has cost Nigerian companies billions
  • How to recognise a phishing email: the red flags checklist
  • Pretexting and impersonation: how attackers pose as your CEO, bank, or FIRS
  • Safe practices for wire transfers and payment instruction changes
  • What to do if you click a suspicious link or enter your credentials on a fake page
  • Training your staff to be your first line of defence — not your weakest link

Exercise: Phishing simulation exercise — can you and your team spot the fakes?

  • What the Nigeria Data Protection Act 2023 requires of businesses
  • Data controllers vs data processors: which are you and what does it mean
  • Lawful bases for processing personal data under NDPA 2023
  • Data subject rights: access, correction, deletion, and portability
  • Data Protection Impact Assessments (DPIA): when they are required and how to conduct one
  • Privacy notices and consent collection: what your website, forms, and systems need
  • Cross-border data transfers under NDPA 2023 and GAID 2025
  • Breach notification: what to do and when to report to NDPC
  • Appointing a Data Protection Officer (DPO): who needs one and what they do

Exercise: Audit your current data practices against the NDPA 2023 checklist

  • What to do in the first 24 hours after a cyber incident
  • Building a simple incident response plan for an SME
  • Communication during an incident: internal, external, and regulatory notifications
  • Business continuity: keeping operations running during and after an attack
  • Recovery: restoring from backups and getting back online safely
  • Post-incident review: what went wrong and how to prevent recurrence
  • Building a security-first culture: training, policies, and ongoing awareness
  • Security tools every Nigerian SME should be using (and most aren't)
  • Course close: certificate information, your personalised security action plan, and next steps

Requirements

  • No technical background required
  • Suitable for business owners, operations managers, HR professionals, and IT staff without a cybersecurity specialism

Course summary

  • Cohort-based — 6 live sessions over 6 weeks (Zoom)
  • 6 weeks · approximately 2.5 hours per live session
  • Maximum 15 participants
  • Yes — Brela Certificate of Completion
  • Live Q&A in every session + WhatsApp group throughout
  • Live on Zoom · recordings and materials via Selar

85,000 / $60

per seat

What's included

Course materials

  • 6 live Zoom sessions (2.5 hrs each)
  • Session recordings within 24 hrs
  • Business risk self-assessment template
  • WordPress security hardening checklist
  • NDPA 2023 compliance checklist
  • Phishing red flags reference card
  • Incident response plan template
  • Lifetime access

Support

  • Live Q&A in every session
  • WhatsApp group for the 6-week cohort + 30 days after
  • Between-session exercise feedback
  • Peer discussion with cohort members

After completion

  • Brela Certificate of Completion
  • Suitable for LinkedIn and professional portfolios
  • Personalised security action plan
  • Alumni community access

Pricing

NGN — pay via Paystack on Selar₦85,000 per seat
USD — pay via Stripe$60 per seat
Group booking (5+ seats)Contact us at [email protected]
Corporate teams (10+)See corporate training programme

Need training for a team of 5 or more? See our corporate training programme.

Join the Waitlist

This course runs in cohorts. Join the waitlist and you’ll be the first to know when the next cohort opens — plus priority booking and early-bird pricing.

Cybersecurity for Businesses common questions

Ready to join the waitlist?

Join the waitlist and we'll notify you the moment the next cohort opens, plus priority booking and early-bird pricing.