The National Cyber Security Authority (NCSA) organized the event “Good Governance of Cybersecurity”, with the participation of representatives from all critical and important information infrastructures.
This was the first meeting in a series of six sessions to be held in the coming weeks, aiming to establish a unified national approach to the management, standardization, and protection of cybersecurity in Albania.
Cyber governance as the foundation of security
In his opening remarks, the Director General of NCSA, Mr. Igli Tafa, emphasized that good governance is the strongest shield against cyber risks, underlining that digital security does not depend solely on technology, but above all on how work is governed and standardized within institutions.
According to him, standardizing work processes can reduce up to 80% of risks stemming from limited technological investments:
“If we govern well, we prevent most of the attacks that leave traces. Because security starts with how we manage, plan, and build standards for every process.”
Mr. Tafa pointed out that weaknesses often arise not from the lack of technology, but from poor governance, lack of coordination, and human errors occurring in daily institutional workflows.
From technology to management — building a culture of prevention
In his address, the NCSA Director underlined that cybersecurity is no longer a purely technical duty, but a broader governance process that requires synchronization, open communication, and continuous cooperation between the public and private sectors.
He added that in the face of increasingly sophisticated cyberattacks, institutions must shift from a reactive to a preventive approach, beginning with the structuring of work and the establishment of internal standards.
“It is easier to prevent than to cure. That’s why we must start today, with the foundation — good cyber governance.”
The new system for digital control and standardization
During the event, NCSA experts presented the new Security Measures Regulation (Decision of the Council of Ministers No. 531, dated 25.09.2025) and the latest developments in the digitalized system for cybersecurity control and verification.
This process marks an important step toward the modernization of cyber governance mechanisms, strengthening institutional accountability and increasing transparency in relation to cybersecurity.
