This article was created by
Radu Serrano, eGA
Share this article!
Cybersecurity in Montenegro
This article is powered by eGA’s National Cyber Security Index (NCSI), a global live index, which measures the preparedness of countries to prevent cyber threats and manage cyber incidents. Available at https://ncsi.ega.ee/, the NCSI is also a database with publicly available evidence materials and a tool for national cybersecurity capacity building.
Montenegro demonstrates a relatively high, almost equalising level of responsive and preventive cybersecurity, followed by a decreasing emphasis on strategic cybersecurity. Cybersecurity development slightly transcends its digital development, providing important confidence in the overarching digital transformation process.
Strategic cybersecurity
Montenegro’s contribution to global cybersecurity is well established. It has multiple cyber diplomacy engagements, an official position on the application of international law in cyberspace, and support for capacity building at the regional level.
The country’s cybersecurity policy indicators are well complemented by established leadership, a policy coordination format, and a national strategy in effect until 2026. However, the corresponding action plan for these last years of the national strategy remains elusive, and the strategy development entity remains unknown. Unfortunately, cybersecurity research and development are underperforming.
Preventive cybersecurity
Like the rest of the region’s economies, Montenegro fulfils all personal data protection indicators with the corresponding legislation and authority. In the same light, it is one of the three countries that fulfils all indicators relative to the cybersecurity of critical and critical information infrastructure.
The Law on Electronic Identification and Electronic Signature legislates most of the items related to the cybersecurity of digital enablers, but requirements for cloud services and the ICT supply chain are missing.
CIRT.ME makes public awareness resources available, but the rest of the indicators for threat analysis and awareness-raising coordination seem to be unavailable.
Responsive cybersecurity
Among the region’s economies, Montenegro is one of three that fulfils all cyber incident response indicators. Nevertheless, in the fight against cybercrime, the procedural law provisions seem elusive.
The country has prepared through internationally led civilian and military cyber exercises. Nonetheless, the remaining corresponding capacities and documents relative to crisis management and cyber defence seem to be missing.
Overall
Montenegro demonstrates 64.17% and 74.83% completion rates of eGA’s NCSI and ITU’s 2024 GCI, respectively. This NCSI score surpasses the average of the EGDI and NRI digital development metrics, thus demonstrating that cybersecurity is being considered in the country’s digital transformation process.
Additional references
- E-Government Survey 2024: Accelerating Digital Transformation for Sustainable Development. (2024) United Nations Department of Economic and Social Affairs. https://desapublications.un.org/
- Global Cybersecurity Index, 5th (2024) International Telecommunication Union (ITU). https://www.itu.int/gci
- NCSI | Montenegro. (2025) e-Governance Academy (eGA). https://ncsi.ega.ee/country/me/
- Network Readiness Index 2024: Building a Digital Tomorrow: Public-Private Partnerships for Digital Readiness. (2024) Portulans Institute. http://www.networkreadinessindex.org
Disclaimer: This article was written in May 2025, with the data available at that time in the NCSI. If you believe the current NCSI information is wrong or outdated, please contact us at and send us your comments, questions and any updated data.
