As European Cybersecurity Month progresses, it seems apt to have a look at how businesses can invest in their cybersecurity and cyber resilience in Malta, and which local authorities are at play in the cybersecurity area. After all, prevention is better than cure.
Local Authorities
Pursuant to cybersecurity legislation in Europe, such as the Cybersecurity Act and the Regulation on the European Cybersecurity Industrial, Technology and Research Competence Centre, Malta has appointed specific authorities for specific roles in cybersecurity.
The Malta Digital Innovation Authority (MDIA) is the National Cybersecurity Certification Authority (NCCA), whereas the Malta Information Technology Agency (MITA) is the National Coordination Centre (NCC) for Malta.
Essentially, the role of the NCCA, is to act as a supervisory authority but also as an assurance authority in specific instances, by:
- Issuing European cybersecurity certificate under European certification schemes, where required by the Cybersecurity Act
- Supervising and ensuring the rules of European cyber security certification schemes are adhered to
- Monitoring compliance with ICT manufacturers’ and providers’ obligations including the carrying out of conformity self-assessment
- Providing assistance to national accreditation bodies, in so far as they monitor conformity assessment bodies
- Monitoring developments in cybersecurity certification
On the other hand, the role of the NCC includes, amongst others:
- Acting as Malta’s contact point for cybersecurity matters
- Promoting EU funding programmes in Malta and assisting local entities with applying to EU-funding calls
- Adopting national cybersecurity strategies in furthering local policies
- Promoting cybersecurity competencies through awareness campaigns, educational programmes, projects and activities
It is clear that, Malta, as a jurisdiction, participates and effectively recognizes the importance of cybersecurity through the division of responsibilities to various local authorities. Notwithstanding that such designations stem from EU legislation, the cybersecurity incentives issued and implemented by these authorities demonstrate an effective momentum towards cybersecurity locally.
Local Cybersecurity Incentives
Both the NCCA and NCC have issued different schemes to fulfil their roles in terms of EU cybersecurity legislation.
In 2023, in collaboration with Tech.mt and Malta Communications Authority, MDIA introduced the Mind the Gap scheme specifically for local e-Commerce businesses to enhance their cybersecurity posture. This included a cybersecurity self-assessment and a cybersecurity improvement scheme providing financial assistance to businesses to improve the security of their e-commerce service platforms. Such schemes go to the heart of the aim of European Cybersecurity Month, ensuring that businesses are geared to face cyber-attacks.
Similarly, the NCC’s Cyber + ALT Scheme aims at assisting SMEs through grants to partially finance their investments in improving their security and resilience. In a wider context, the NCC also offers a Cybersecurity Skilling Programme involving a training course for Maltese nationals or residents in the area of cybersecurity, comprising different specialized and generic training courses at different times. Previously, a Cyber Assess Scheme was also available, intended to provide businesses with specialized cybersecurity expertise and services, such as vulnerability assessments, penetration testing, audits.
A cursory look at the local scene reveals a commitment to support businesses in upskilling and upgrading their cybersecurity capacities. The initiatives launched in Malta demonstrate that local authorities are proactive in the cybersecurity field. One can only hope that in the light of the ever-increasing cyber risks, more initiatives for local businesses will be launched soon.