Financial Crime World

Here is the article in markdown format:

Statewide Efforts Underway to Improve Cybersecurity Reporting

In an effort to strengthen cybersecurity across the state, authorities have been working to establish a more robust incident reporting system.

Improved Incident Reporting System

According to sources within the Macedonian National Center for Incident Response (MKD-CIRT), the main method of reporting incidents will be through PGP-encrypted emails. Additionally, an anonymous report submission feature has been added to the MKD-CIRT website.

All reports are sent directly to the MKD-CIRT’s ticketing system, which utilizes industry-standard software such as Request Tracker for Incident Response (RTIR). The agency is also working on improving information sharing and threat intelligence, relying heavily on indicators of compromise received from various sources.

International Partnerships

MKD-CIRT has established Memoranda of Understanding with international partners, including Team Cymru and national CERTs in Italy, the Netherlands, and Poland. This partnership allows for the sharing of threat intelligence and incident reporting.

In a significant development, MKD-CIRT is also working with Bulgarian CERT and counterparts in Albania and Kosovo to expand its threat intelligence service.

Incident Reporting Procedure

MKD-CIRT has established a clear procedure for incident reporting, which includes notifying law enforcement agencies if necessary. The agency uses the RTIR system for this purpose, allowing law enforcement access to incident details while also providing the option to anonymize case information.

The legal department within the Agency for Electronic Communications (AEK) decides what information can be shared and with whom.

Cooperation and Information Sharing

While MKD-CIRT has established a strong foundation for cooperation, there is still room for improvement. The agency is working on developing relationships with local banks, telecoms, energy providers, and transport sectors to establish a constituency for sharing threat intelligence and incident reports.

MKD-CIRT is also working towards becoming a member of the Forum of Incident Response and Security Teams (FIRST) and has been listed as a team on Trusted Introducer (TI).

Critical Infrastructure Protection

While MKD-CIRT has limited formal responsibilities in protecting critical infrastructure, the agency is working to develop this area. Currently, there is only a Standard Operating Procedure for attacks on critical infrastructure, which involves multiple agencies.

The agency plans to host more workshops with constituents to improve cooperation and communication. Additionally, AEK is required to hold two public meetings annually to discuss MKD-CIRT activities.

Ombudsperson’s Role

The Ombudsperson of “the former Yugoslav Republic of Macedonia” plays a crucial role in protecting citizens’ rights. The agency has recently given special provisions for the protection of children and works closely with international organizations such as the South East Europe Children’s Rights Ombudsperson’s Network.

However, MKD-CIRT has limited experience with online reporting and has received only a small number of internet-related complaints, mostly related to the publication of photos of children online.