EU support guarantees AKSHI and AKSK in Albania access to world-class cybersecurity software

Cyber threats are becoming more frequent and complex every day, the need for resilient digital infrastructure and cybersecurity professionals, with the skills and knowledge to combat these evolving threats, has never been more urgent.

In response to large-scale cyberattacks affecting the Western Balkans in 2022, the European Union launched the project “Rapid Response Measures for Cybersecurity for Albania, Montenegro, and North Macedonia 2.0,” an initiative implemented by the Academy of e-Governance (eGA).

The project has worked closely with the National Agency for Information Society (AKSHI) and the National Authority for Electronic Certification and Cybersecurity (AKCESK) in Albania to establish and expand operational cybersecurity capacities.

Both institutions play a central role in Albania’s cybersecurity, acting as 24/7 centers where cybersecurity professionals continuously monitor, detect, and respond to threats in real-time.

“We are proud that, through this project, Albanian cybersecurity institutions, AKSHI and AKSK, have gained access to world-class cybersecurity software. Tools such as GreyNoise, Acunetix, and Cognyte Luminar empower them to detect threats faster, reduce false positives, and respond effectively to complex cyber risks,” said Merle Maigre, head of the Cybersecurity Competence Center and project team leader for “Rapid Response to Cybersecurity 2.0.”

However, she emphasizes that strengthening cybersecurity resilience is not achieved solely by enabling advanced tools, but local institutions need to be equipped with the necessary knowledge, skills, and operational readiness to respond to today’s complex threats.

The mission of the National Authority for Cybersecurity (AKSK) is to ensure a secure digital environment for institutions, critical sectors, and Albanian citizens.

“Previously, entry analysis and incident correlation were done manually on disconnected systems, which often delayed the response. Analysts had to rely on isolated tools and limited capacity to identify structures. There was no structured system to gather information from open sources or to monitor malicious behavior on the deep and dark web, which could identify potential attacks on Albanian institutions,” explains Esmeralda Kazia, director of the Monitoring and Incident Response Directorate at AKSK.

Kazia noted that this new infrastructure has enabled AKSK to transition from fragmented and partially manual processes to a completely centralized system, providing continuous monitoring, categorization of entries, and rapid response to incidents.

By providing four high-performance VxRail servers, AKSK now has a resilient and scalable foundation that supports the centralization of data and the protection of national assets. The project also offers access to the threat intelligence platform, Cognyte Luminar, which provides visibility across multiple layers of the network, allowing analysts to track indicators and compromises and monitor threats or suspicious behaviors.

This enables the identification of potential risks to critical infrastructure and provides real-time notifications regarding malicious actors targeting the Albanian digital space.

In addition, the project has significantly enhanced the capacities of the National Agency for Information Society (AKSHI), assisting in the development of special programs against malicious activities, as well as training experts.

“Through various activities such as workshops, simulations, and regional training, the project has improved the technical skills of cybersecurity specialists, providing them with theoretical knowledge and practical experience. To further strengthen security, our institution has been provided with two systems: Acunetix, which scans the source code of websites to identify weak and vulnerable points, and GreyNoise, an intelligence platform that detects IP addresses where malicious activity is observed. These systems increase staff efficiency, integrate with existing solutions, and standardize the incident reporting process,” emphasizes Enis Ylli, director of the Monitoring and Cyber Protection Directorate for e-Government Systems and Infrastructure at AKSHI.

Ylli explains that GreyNoise provides comprehensive information about malicious actors by enriching data with location and type of activities.

“It allows us to create proactive protection on our SIEM/SOAR platforms, relying on the vulnerabilities identified by Acunetix. Their integration with existing solutions expands the scope of technical protective measures, enabling effective responses to both sophisticated and modest state-sponsored actors,” he added.

According to him, artificial intelligence accelerates actions in real-time and significantly expands the scale and sophistication of cyberattacks. This brings an unending battle, where international conflicts transcend regional borders, and protective mechanisms face unknown threats and innovative technologies.

The systems provided through the project assistance improve existing solutions, enhancing interaction and operational efficiency.

Through this strategic support, Albania is now better equipped to secure digital frontiers, in line with EU standards for cybersecurity, and contributes to information sharing at the regional and cross-border level.

The project “Rapid Response Measures for Cybersecurity for Albania, Montenegro, and North Macedonia 2.0” is an initiative launched by the European Union and implemented by the Academy of e-Governance (eGA), in response to large-scale cyberattacks affecting the Western Balkans in 2022. The project was developed following similar previous efforts. (October 3)