Indicator
Cybersecurity
Implemented
Not Implemented
Not Applicable
| Level | ALB | BIH | KOS | MNE | MKD | SRB |
|---|---|---|---|---|---|---|
| Key performance indicators and data related to cybersecurity (ex. number of incidents) are continuously updated and are publicly available. | ||||||
| Good co-operation between the national Computer Security Incident Response Team and other public and private sector Computer Security Incident Response Teams is ongoing. *Limited development. | ||||||
| Computer Security Incident Response Teams have been established in the public and private sector and co-operate with international counterparts. *Partly. | ||||||
| The framework is comprehensive and promotes managing digital security risk of the government’s own activities, mitigating cybercrime and the establishment of Computer Security Incident Response Teams in the public sector, as well as private sector counterparts. | ||||||
| A cybersecurity policy and legal framework is in place. *Under development. | ||||||
| The national Computer Security Incident Response Team has adequate financial, human and technical resources to fulfil its responsibilities. *Not fully. | ||||||
| A national cybersecurity authority or National Information Systems (NIS) authority has been established as a primary point of contact for other international competent authorities. | ||||||
| The framework also promotes the establishment of cybersecurity certification in public procurement and recruitment and the strengthening of cybersecurity skills and awareness in the public administration and wider population. | ||||||
| Cybersecurity programmes are fully government-funded. *No evidence of significant donor funding, but no data to assess the size of government funding. Institutional cybersecurity resources are limited. | ||||||
| There is evidence of active participation in international bodies and exchange of good practices, with the goal of aligning with international standards and good practices in the area of cybersecurity. | ||||||
| The implemented cybersecurity framework is fully aligned with EU cybersecurity policy, | ||||||
| The implemented cybersecurity framework is broadly aligned with international good practices such as the OECD Recommendations on Digital Security Risk Management, National Digital Security Strategies and Digital Security of Products and Services. *Pending. | ||||||
| The cybersecurity framework is being regularly monitored and evaluated and results of monitoring and evaluation analysis are being used for the improvement of future cybersecurity policies. *No evidence of external evaluations taking place. |
Note that for Bosnia and Herzegovina, “State” stands for the state level, while “FBiH” stands for the Federation of Bosnia and Herzegovina and “RS” stands for Republika Srpska - the two entities of Bosnia and Herzegovina. Note that the presented scoring criteria system is not a full representation of the scoring methodology used to determine the score for an indicator. For more information, see the Methodology section.