In recent years, Albania has significantly expanded its capacity-building activities, modernising both the relevant institutional apparatus and the diplomatic outreach accompanying it. Since 2017, ALCIRT, Albania’s national CSIRT, has been given an expanded mandate and merged with the National Authority for Electronic Certification and Cyber Security (AKCESK). AKCESK is responsible for preparing strategic documents relating to cybersecurity, drafting legislation, collaborating with relevant stakeholders (international organisations, civil society organisations, the private sector) and providing training. [
x] Through AKCESK, Albania has signed Memoranda of Understanding (MOU) with several regional national CERTs (Kosovo, North Macedonia, Romania) and is currently negotiating similar MoUs with Serbia, Montenegro, Cyprus, and Slovenia. [
x] AKCESK also frequently collaborates with the Council of Europe in relation to incident response and awareness training. [
x] As a member of NATO, Albania signed the MoU with the NATO Cyber Incident Response Centre (NCIRC) on enhancing cyber defence in 2013 [
x] and has participated in numerous NATO-led training initiatives, including the flagship Cyber Coalition exercise. Meanwhile, increased emphasis has been placed on the protection of critical infrastructure, with a 2015 government paper stating that future actions will be focused on “the protection and resilience capacity of critical infrastructure” and on “encouraging operators that own them to implement a full security architecture (including risk management and emergencies)”. [
x] In 2020, Albania adopted its first-ever cybersecurity regulation for the electricity sector, which establishes incident reporting and assessment criteria for electricity operators. [
x] This was reportedly only the first of many planned initiatives intended to reduce the country’s cyber vulnerabilities and increase trust in digital services.
El Salvador has taken steps towards addressing cybercrime by establishing a
Cybersecurity Policy which aims to ensure the resilience and security of strategic assets. It lays out criteria to
develop cybersecurity capacities aimed at protecting critical infrastructure, strengthening response mechanisms, and developing technical and administration skills so that the public and private institutions in El Salvador as well as citizens are aware of cybersecurity and risks related to the use of information technologies.
In matters related to cyber resilience, India has proven to be an active proponent of bilateralism. It has initiated cyber dialogues with actors like the US, the UK, Russia, Malaysia, the EU, and ASEAN, all of which include capacity-building elements. Internationally, the country has also been especially vocal on the need to establish cooperative mechanisms for developing and implementing bilateral, regional, and global confidence-building measures (CBMs).
In the context of multilateral fora, India has many a time reiterated that the issue of supply chain protection enjoys particular significance for them, especially in relation to
‘trust and trusted sources’ when it comes to preferring suppliers of ICT products and systems. It has also
noted that capacity building actually goes beyond what is being dealt with under international security and is inherently tied to discussions on international legal instruments on cyberspace, where all states are equal and have the capacity to discuss legitimate matters under the auspices of the UN.