Should the typical citizen in North Macedonia today feel safe online?
I think that low awareness, insufficient cyber culture, low cyber hygiene, as well as poor information literacy of the general population in general make our fellow citizens indifferent to online security, and therefore not much attention is paid to cyber security by the citizens themselves, and if you ask them if you feel safe online, 90% of them will answer YES and add that they think they would never be the target of a hacker attack or potential abuse, so they pay no special attention to cyber security and privacy.
But if you ask me if I feel safe, the answer is yes because I follow the best practices to be safer in cyberspace, i.e. I try to reduce the risk of possible abuse to the lowest possible level, because there is no 100% security, and if I want to assess the security of the systems where my, i.e., our personal data are processed, I can freely say that I do not feel safe because I know and see how little money and effort is invested in cyber security, i.e., for that data to be safe and not to end up in the wrong hands and to be used for some malicious purposes.
Are there ways to protect oneself from online threats, that everyone can employ?
Of course, there are ways to prevent and protect against possible threats that are all around us, and especially in the Internet space where there are no more limits and no limits of internet usage, but the question is how many of us practice it and how many of us follow the principles and best practices for preserving a safe environment around us.
Here is a small example that is commonplace in our society, and that is that we still have people who tell their PIN number to the cashier in a market out loud without paying attention to whether it will be used by a third party, although it is perhaps one of the most sensitive data we have.
However, while there are ways to protect ourselves, we should use them, it is the same as in the Covid Pandemic we have recommendations to protect ourselves from the threat called Corona virus, which are the well-known wearing masks, keeping social distance and not grouping in indoors space.
We can mention a few general recommendations for citizens to practice in order to protect themselves from general threats in the hybrid world, i.e. in normal life and life on the Internet, and that can be using strong passwords, using different passwords, changing and updating them regularly, prohibiting the sharing of personal information by unauthorized persons, double or triple verification of requested information by third parties, updating the systems you work with, using well-known anti-virus solutions and many, many other recommendations that may help deal with potential threats in an open society called the Internet.
What is the most common threat from which data is being stolen/manipulated in North Macedonia (in recent years)?
As a basic threat I will emphasize again the low awareness of people regarding Cyber security and secure data and information management, but here I cannot fail to mention the weak investment of the state and companies in Cyber Security in order to reduce the opportunities for exploitation of potential threats. However, the main and basic threat is the people themselves and not investing in resources related to Cyber Security.
How do Macedonians value privacy, especially their online privacy?
In my opinion, Macedonians do not pay much attention to online privacy, what is owned is not valued enough in terms of personal and confidential information. Proof of this is the presentation of their personal data and information on all social networks or not following the security practices for online shopping and not paying attention to where, to whom and why they enter their financial and personal information on a particular website that requested such kind of data, especially when it comes to non-existent prize games which is one of the most successful attacks in our country.
Are Macedonian institution safe from cyber-attacks? Are we doing enough to protect our critical infrastructure?
We can say and write a lot on this issue, but sometimes I regret that the time spent writing and pointing is in vain when it does not reach and affect the persons responsible, who should implement the thing to be better and different.
Therefore, on this issue I would like to be very brief and clear, Cyber Security of the Macedonian institutions, with honourable mentions of the few exceptions, is at a catastrophic level, and what I mean by catastrophic level, I mean a 14-year-old child can sit down and scan the entire state infrastructure will be able to cause major problems without anyone noticing.
Maybe I am wrong, maybe there are investments, but I am not aware of them, but the real and successful hacker attacks prove the opposite, and further more - the successful hacker attacks that are publicly announced, and how many are not reported and published? ... That is already a question for the persons responsible who take care and manage the cyber security of our Macedonian institutions, and here I will again refer to the aforementioned how safe and comfortable Macedonians are in the online space, that the institutions themselves are not safe.
I cannot accept in the 21st century with such modern solutions and experts not to provide a critical server to a particular Ministry, and once there is an announcement by an anonymous group of hackers that the server is compromised and all data is downloaded, especially that the download process took longer for a week, without anyone noticing or reacting.
That is why I say that we are not doing anything regarding the cyber security of the critical infrastructure, and I assure you that if we become a target as state institutions of an anonymous hacker group we will surely be hacked and hacked everywhere, especially the critical infrastructure, in a word in our language, I would say, I think we are "swiss cheese" in terms of cyber security.
Is the business sector following the latest trends in cyber-security & safety? Are private companies investing in security?
I can say that the business or the private sector is one step ahead and that a good part of them invest in cyber security, but I can freely say that it is up to a level to satisfy a certain regulation or policy that is imposed or investments are made after an incident, that is a bit late, but an investment nonetheless.
I do not put the financial institutions such as banks in that basket, which I can freely say that they really follow all world safety standards and investments in prevention are at a significant level.
However, I still think that cyber security awareness in the SME (small-and medium-enterprise) sector is still low and investing in cyber security is still considered a cost and not an investment in their business. That's why I encourage them to start thinking about investing in their own security, because it protects their business and they will most likely not encounter unpleasant situations where the cost will be much higher than the investment itself.
Are parents, teachers, and school children sufficiently aware of the cyber landscape, vis-à-vis online education? Are they informed enough to protect their data?
On this issue I think there are some positive vibes and moves forward regarding the protection of data in children, because as far as I know many schools organize lectures and workshops to direct children to think a little more about their privacy and their data, so for that reason to take care where and to whom they leave the data on the internet portals, games or online education.
How would you describe the trend in the recent years in terms of digital safety & privacy in our country?
Definitely the increasing trend for digital literacy and privacy has been on the rise in recent years, primarily due to the need and implementation of digitalization and digital services that retailers set as part of their business. Innovation does its thing, and streamlining processes in everyday life automatically motivates people to think about digital security. I must say that the security and privacy regulations that have been enacted in the last 2 years in our country have given a little wind in the back for more serious thinking and moving forward to increase digital security and privacy among people and companies.
How do you see the media’s role in raising awareness about privacy & cyber-security issues going forwards?
Perhaps the media has one of the key roles in the development of people's digitalization, privacy and cyber literacy, I would like to encourage them to establish themselves as one of the key players in literacy and raising people's awareness of their privacy and safe management of their personal data.
What would be your message to our fellow citizens – what should they avoid & be especially careful about?
I would like to emphasize that in the 21st century, Humans must no longer be the weakest link in the chain of cyber security, and we will achieve this only by investing in our cyber culture, in our cyber security, because as we protect our health through preventive measures, we also need to protect and nurture our systems, digital devices and personal data to be safe and secure in the environment in which we work.