In collaboration with the World Bank (WB), the Global Cyber Security Capacity Centre (GCSCC), a review of the maturity of cybersecurity capacity in Albania was undertaken at the invitation of the National Authority for Electronic Certification and Cyber Security (AKCESK).




The objective of this review was to enable Albania to gain an understanding of its cybersecurity capacity in order to develop the country’s national cybersecurity strategy, and to strategically prioritise investment in cybersecurity capacities.


The Global Cyber Security Capacity Centre (GCSCC) conducts research to understand and identify trends in cybersecurity, to help the world prepare and respond to cyber threats. Together with a global multistakeholder community with expertise in cybersecurity capacity building, the Centre has developed a model that helps countries self-assess and identify their strengths and needs for their cybersecurity maturity. The Cybersecurity Capacity Maturity Model (CMM), which was last revised in 2021, considers cybersecurity maturity to comprise five dimensions which together constitute a wide breadth of national capacity that a country requires to be effective in delivering cybersecurity resilience. Dimension 1 looks at the country’s ability to develop and implement cybersecurity policies and strategy. Dimension 2 looks at culture and societal elements that affect public understanding and their ability to protect themselves in the cyberspace. Dimension 3 looks at the initiatives by different stakeholders in driving cybersecurity awareness among users. Dimension 4 looks at the capacity of countries to prosecute cybercrime and Dimension 5 looks at the availability of protective technologies and standards.

The GCSCC’s support to a CMM in Albania was funded by the United Kingdom, Korea-World Bank Group Partnership Facility (KWPF) under its Global Cybersecurity Capacity Program.


Among the findings and next step recommendations summarized in the report through which Albania could achieve greater cybersecurity capacity researchers highlighted the development of a National Cybersecurity Strategy and the allocation of a dedicated budget to ensure the implementation of a national cybersecurity program.

Additionally, aligning the legislative framework with provisions of the EU Directive on security of network and information systems (NIS) and the General Data Protection Regulation (GDPR) is seen as a priority to reach higher stages of maturity.

According to AKCESK, the national cybersecurity environment has been strengthened with help of the stakeholder mobilization and the capacity building conducted during the CMM deployment. These efforts were further supported by a capacity-building seminar on the identified gaps (by GCCD of KISA). All of the factors contributed to a more informed, active, and better-coordinated process with all the relevant parties involved.


The CMM report was completed in 2018.

A summary of the CMM’s findings and information on follow-on action was included in the World Bank’s report ‘Global Cybersecurity Capacity Program: Lessons Learned and Recommendations Towards Strengthening the Program’.


The CMM in-country assessment review was conducted during 3-4 September 2018. The review was conducted by the GCSCC in cooperation with the World Bank. The CMM was hosted by the AKCESK. Stakeholders representing the following sectors participated in the consultation to review Albania’s cybersecurity capacity: public sector entities, judiciary actors, universities, Internet Society and Governance and Representatives health, energy, water and transport sectors, telecommunication sector, financial sector, UN offices and embassy partners among others.

Following the CMM, the World Bank facilitated, in cooperation with the AKCESK and Global Cybersecurity Center for Development of Korea Internet & Security Agency, the 2018 GCCD Albania Cybersecurity CMM Seminar in Tirana on 6-7 December 2018. This seminar provided the opportunity to share the experience, expertise, and knowledge in the field of cybersecurity of the experts from the Korean delegation with the local stakeholders. The main focus of the workshop was on the National Cybersecurity Framework & CERT/CSIRT Operations.


AlbaniaCMMReport.pdf (

Other website links

Albania Published Cybersecurity Capacity Maturity Model Report (

World Bank Document

The Cybil project repository is being continuously updated, and the information it contains is either publicly available, or consent for publication was given by the owner. Please contact the portal manager with any additional information or corrections. Whilst every reasonable effort is made to keep the content of this inventory accurate and up to date, no warranty or representation of any kind, express or implied, is made in relation to the accuracy, completeness or adequacy of the information contained in these pages.