In a recent publication, the Albanian National Authority for Electronic Certification and Cyber Strategy (ACESK) assessed the progress made in implementing the National Cyber Security Strategy. The findings emphasize the need for heightened efforts from authorities to achieve the strategy’s objectives.
The National Cyber Security Strategy, spanning from 2020 to 2025, introduces a range of provisions, notably prioritizing the protection of children in the digital realm. However, the ACESK report underscores that several provisions have yet to be fully realized.
According to the report, the progress made until 2022 can be categorized as follows: 56.8% of activities have been successfully completed (71 activities), 15.2% are currently in progress (19 activities), and 28% have not been initiated (35 activities).
The strategy’s policies revolve around several key pillars. The first pillar aims to ensure national cyber security by safeguarding information infrastructures and strengthening technical and legal measures. The monitoring reveals that 61.2% of activities in this area have been achieved, 22.5% are ongoing, and 16.3% remain unrealized.
The second policy focuses on creating a secure cyber environment through education, awareness raising, and enhancing professional standards in information security. The report indicates that 57.9% of goals have been accomplished, while 42.1% have yet to be realized.
Regarding the protection of young individuals in cyberspace, the third policy indicates that only 40.5% of strategies have been implemented, with 19% currently in progress and 40.5% remaining unrealized.
The fourth policy aims to foster national and international cooperation in the field of cyber security with strategic partners. As of 2022, nearly 90% of the objectives have been achieved, leaving only 13.3% unrealized.
After assessing the overall progress, ACESK has put forth several recommendations. These include aligning with the European Union (EU) framework on cyber security, implementing a national procedure for handling states of emergency related to cyber attacks, and establishing a dedicated unit for cyber security. The report also stresses the need to align with EU regulations on artificial intelligence, cloud computing, the Internet of Things, and 5G.
The recommendations further address regulating secure internet provision in public spaces, conducting national-level risk assessments of cyber threats, ensuring cyber security in critical information structures, introducing specialized cyber security programs in higher education, and enhancing the capacity of authorities to respond to escalating cybercrime threats.
In 2022, Albanian institutions experienced a series of cyber attacks, resulting in the disruption of e-Albania sessions and internal infrastructure. The attacks severely impacted crucial services such as the land registry, border operations, birth registrations, and tax and business activities with the government.
Attributed to Iran, these attacks were eventually mitigated with the assistance of Microsoft, specialists from the United States and the European Union, and support from NATO, of which Albania is a member.
The ACESK report underscores the urgency to strengthen Albania’s cyber security measures, urging authorities to take decisive action to protect critical systems, enhance collaboration, and prioritize the safety of children in the online world.
Follow The Balkanista!
