Cybersecurity in North Macedonia

The country excels in education and professional development, demonstrating its commitment to cybersecurity in primary, secondary and tertiary education. Nevertheless, there is a lack of information on associations for cybersecurity professionals.

Cybersecurity policy is also well established. There are clear indications of high-level cybersecurity leadership and policy coordination, with a corresponding strategy for 2025 – 2028 and its action plan for most of the period. However, the unit or entity in charge of policy development remains obscure.

In addition to its national endeavours, North Macedonia maintains international cyber diplomacy engagements and a strong commitment to international law in cyberspace. Unfortunately, cybersecurity research and development is underperforming.

Similar to the rest of the region’s economies, North Macedonia fulfils all personal data protection indicators with the corresponding legislation and authority.

Cybersecurity of digital enablers is missing requirements for cloud services and the ICT supply chain. However, the Law on Electronic Documents, Electronic Identification and Trust Services of 2019 presents best legislative practices for secure electronic identification, electronic signatures, trust services and the corresponding supervisory authority.

MKD-CIRT does cyber threat analysis and also shares cybersecurity awareness resources. However, public cyber threat reports are missing, and there is no clear coordinating entity for national cybersecurity awareness.

Lastly, cybersecurity requirements for public sector organisations are in place, through the Law on Electronic Management and Electronic Services of 2019; but there is no apparent identification of critical and critical information infrastructure, nor their cybersecurity requirements, nor a competent supervisory authority.

In the fight against cybercrime, North Macedonia fulfils all indicators. Subsequently, regarding cyber incident response, reporting obligations are the only item missing.

The country has prepared with multiple national and international civilian and international military exercises as part of crisis management and military cyber defence. Nonetheless, the corresponding capacities and documents seem to be missing.

North Macedonia demonstrates 66.67% and 65.89% completion rates of eGA’s NCSI and ITU’s 2024 GCI, respectively. This NCSI score surpasses the average of the EGDI and NRI digital development metrics, thus demonstrating that cybersecurity is being considered in the country’s digital transformation process.

• E-Government Survey 2024: Accelerating Digital Transformation for Sustainable Development. (2024) United Nations Department of Economic and Social Affairs. https://desapublications.un.org/
• Global Cybersecurity Index, 5^th (2024) International Telecommunication Union (ITU). https://www.itu.int/gci
• NCSI | North Macedonia. (2025) e-Governance Academy (eGA). https://ncsi.ega.ee/country/mk/
• Network Readiness Index 2024: Building a Digital Tomorrow: Public-Private Partnerships for Digital Readiness. (2024) Portulans Institute. http://www.networkreadinessindex.org

Disclaimer: This article was written in May 2025, with the data available at that time in the NCSI. If you believe the current NCSI information is wrong or outdated, please contact us at and send us your comments, questions and any updated data.