a few seconds agoAlbania: fines of up to 100,000 euros are expected for operators not protected by hackers
Periskopi(2 hours ago)
(2 hours ago)Failure to report a cyberattack, hiding data on digital infrastructure, or neglecting security measures can cost operators in Albania up to 10 million fine money (100 thousand euros).
This is envisioned in the new project “for cyber security” for public consultation, which toughens punitive measures and expands the competencies of responsible institutions.
According to the draft, fines for a series of violations will increase up to 10 times compared to actual legislation. In all, incorrect reporting of critical infrastructure or non-recognition of contact points will be fined by fines from 2 to 4 million new money (over 20,000 to 40 thousand euros), of the current 200-400 thousand dollars (2-4 thousand euros), reports “Albanian“.
Meanwhile, operators who fail to implement corrective measures required by the National Authority for Cyber Security, or do not take action to block threats, risk crime of up to $10m (100m euros), or more than 100,000 euros.
The bill also brings new obligations to critical and important infrastructure operators. They will need to file a self-recognition of cyber security measures that apply, as well as to report in detail the way of hosting and managing their systems, including the physical location of infrastructure and the use of remote services. The lack of such statements in terms will be punished by 5m fine money (over 50 thousand euros), while inaccurate statements of up to $3m (over 30 thousand euros).
Another important innovation is strengthening the role of the National Authority for Cyberetic Security (AKSK), which will receive new competencies, including direct protection of citizens and vulnerable groups in cyberspace.
For the first time, The AKS will also be equipped with judicial police attributes for the technical investigation of cyber incidents, in co-operation with the State Police. Meanwhile, to increase preventive capacities, the Inter-institute Cyber Intelligence Group, comprised of representatives of key security and defence institutions in the country, will be established.
According to the accompanying reply, the establishment and operation of new facilities, including sectoral CSIRTs, cyber security incidents-responsive teams, will have an annual cost of 350-450m euros (3.7m to 4.7m euros). For 2026, expenditures are projected at the $120-150m (up to nearly 1.4m euros) and will be covered by existing institutions' budgets. /Periscope
