The government of North Macedonia adopted its National Cybersecurity Strategy 2025–2028 in January 2025, filling a gap of more than three years since the previous 2018–2022 strategy expired. Minister for Digital Transformation Stefan Andonovski presented the strategy at a press conference on January 21, 2025, stating that the country had experienced “an alarming rise in cyber attacks and hybrid threats” during the period without a national strategy.
According to the strategy document published on the Ministry of Digital Transformation’s website, the framework is built around five priority areas, including the establishment of a new cybersecurity sector within the Ministry and the protection of critical infrastructure systems in energy, healthcare, and financial services. The strategy aligns with EU directives, particularly the NIS2 Directive and the EU Cybersecurity Act, as well as ITU guidance and ENISA tools.
As an EU candidate country, North Macedonia’s alignment with the NIS2 framework places it within the scope of the European Commission’s April 2024 recommendation on post-quantum cryptography (PQC) migration. That recommendation calls on member states and associated countries to begin transitioning to PQC by the end of 2026 and to complete critical infrastructure migration by 2030. The cybersecurity strategy’s emphasis on securing critical infrastructure and aligning with EU cybersecurity standards provides the policy framework through which any future PQC migration requirements would be implemented nationally.