Early in 2018 the GCSCC conducted its CMM review of North Macedonia at the invitation of the Ministry of Information Society and Administration and in cooperation with the World Bank through the Korea-World Bank Group Partnership Facility.
Key observations from the review:
- At the time of the review, the country had no official national cybersecurity document. As a result of the assessment a working group was created, followed by a National Cybersecurity Strategy which was finally adopted by the government in July 2018. This development demonstrated the country’s willingness and efforts to act upon key priorities and recommendations. In addition, a multi-stakeholder, inter-agency coalition was formed, bringing together the Ministries of Information Society and Administration, Defence and Interior.
- The cyber ecosystem in North Macedonia was still in its early stages, primarily because internet users were not aware of the associated risks. Ultimately, however, participants explained that, in some government agencies and leading companies, a cybersecurity mind-set has started to develop.
- North Macedonia has been active in promoting a safer Internet and has had a regular engagement with the EU’s Safer Internet Day initiative since 2010. Such initiatives exemplify the increase in cybersecurity awareness-raising efforts, although these are mostly completed on a voluntary basis with limited resources by non-governmental organisations and with ad-hoc support from the government.
- Around 70% of the CMM recommendations were incorporated into their National Cybersecurity Strategy (adopted July 2018); the remaining recommendations are planned to become part of the follow-up Action Plan for 2018–22.
- Training on electronic evidence provided by the Academy for Judges and Public Prosecutors of Macedonia was shown to be in place, although the capacity of prosecutors and judges to handle cybercrime cases, and cases involving digital evidence, was considered by review participants to be limited and ad-hoc.
North Macedonia was keen to use the momentum resulting from the CMM review and launched an awareness-raising campaign in October 2018 to conduct promotional activities related to cybersecurity and to create educational resources for distribution via different media channels.
The direct translation of the CMM recommendations into the National Cybersecurity Strategy and the action plan for its implementation, which ensued in December 2018, showed that the CMM can both provide a bench mark for decision-making and practical support when countries are drafting their national strategy.
For more information and lessons learnt of the overall program click here