Cyber security – a national priority
Cyber security is currently a top priority for the Government. Albania, from the point of view of cyber security, is one of the most developed countries in the Western Balkans region, as far as the regulatory framework of the field is concerned. Our goal is to turn Albania into the best-prepared country for cyber attacks in the region and beyond. To achieve this goal, AKCESK has a clear strategic plan.
The Authority’s new strategic plan foresees 6 main pillars:
The first pillar covers the technological analysis of the cyber ecosystem of critical infrastructures, relying on a proactive and reactive approach. This approach requires a technical analysis of the conformity of devices located in critical infrastructures, to be resilient to cyber attacks coming from internal and external actors.
The second pillar is related to the establishment and control of information security standards to critical infrastructure services according to a well-defined methodology. The methodology determines in advance the classification of services as critical or important with an impact on society, the environment, people’s health, etc.
The third pillar is related to trusted services and electronic certification, where every transaction is analyzed and controlled securely, according to a dedicated procedure.
The fourth pillar concerns the awareness and education of the responsible staff in critical information infrastructures as well as the citizens themselves, creating a sustainable security environment. AKCESK is working to establish an Inter-University Academic Center, with the aim of creating a sustainable educational system for new recruits as part of the National Cyber Security Authority or CSIRTs and critical infrastructure sectors.
The fifth pillar is related to the creation of a well-structured network with public and private institutions in Albania as well as with international information security agencies. The authority has a clear plan for increasing the number of cooperation with international cyber security agencies. AKCESK is in continuous cooperation with international organizations such as NATO, OSCE, UN, in fulfillment of commitments in the field. The authority also cooperates and coordinates its work with public and private institutions, in the capacity of operators of critical information infrastructures, exchanging human resources and information, with the aim of increasing cyber sustainability at the national level. It is worth mentioning here, the sectors where information infrastructure operators belong, starting with the government sector, second-tier banks, the Bank of Albania, the energy sector, the telecommunications sector, the transport sector, microfinance, the fintech sector, the companies of insurance, water and waste sector, tourism, independent agencies, etc.
The sixth and final pillar relates to the online protection of children from illegal and harmful online content. Based on statistics, a rapid increase in the use of the Internet among teenagers has been evidenced. AKCESK will create a platform for reporting online abuse against children, drafting and monitoring policies for their protection. Our goal is to raise awareness for the creation of a safe ecosystem for children in our public, private schools or other environments.
Fulfilling the new strategic vision requires the implementation of advanced technologies to enhance detection and prevention capabilities, as well as strengthening the human capacities of citizens, businesses and organizations to build a sustainable cyber ecosystem. We know that we cannot achieve this alone.
AKCESK, with a full mandate from the Albanian Government, is engaged in the implementation of various collaborations with important international partners, to promote safer communications and to share information on cyber threats, in real time.
For AKCESK, protecting citizens’ data and strengthening the security of critical information infrastructures is more important than ever, at a time when cyber threats are global and affect the sustainability and economic security of countries.
Increasing national capacities to respond to cyber attacks in Albania
Cyber threats do not choose their victim, so cyber security is a shared responsibility.
From the fall of last year, AKCESK has undergone an increase in its structure, bringing the number of employees from 24 to 85. This increase reflects our commitment to provide a comprehensive cyber security framework for our country.
In order to realize its objectives and functional tasks, AKCESK is working to establish new monitoring systems, which will enable us to identify and respond to cyber threats in real time. These systems will be implemented in collaboration with our partners and stakeholders to ensure a coordinated response to cyber incidents.
There are also developments in the legal framework of the field, where the new cyber security law has been partially transposed by the EU NIS Directive. This law provides a legal framework for the protection of critical information infrastructures (CII) and aims to increase the resilience of our national networks against cyber attacks. We will work closely with CII operators to ensure that they comply with the requirements of this law.
To ensure compliance with the new law and to protect against cyber threats, AKCESK will implement technical and procedural control procedures for CII operators. These procedures will be tailored to the specific needs of each CII and will include risk assessments, incident response plans and regular audits. Through this approach, we aim to promote a culture of security and encourage CII operators to take an active role in protecting our national networks.
On the other hand, for AKCESK it is a priority and necessity to increase the professional capacities of the staff responsible for critical information infrastructures. We know that training is essential to developing the skills and knowledge needed to mitigate cyber security risks. Therefore, AKCESK has started several months ago, consultative meetings with the private sector and regular training sessions for CII operators to improve their understanding of cyber risks and to inform them about the best practices in the field.
Finally, the mission of AKCESK is the protection of information infrastructures at the national level and the preservation of citizens’ data. We will continue to work closely with our national and international strategic partners to ensure that our cyber security framework will be effective and in line with best practices at the European and global level.
AKCESK recommends all operators of information infrastructures to take an active role in the protection of networks and to participate in the training sessions that we regularly organize.
Together, we can build a safer digital environment for our country!