CYBERSECURITY IN HEALTHCARE, BANKING, AND INSURANCE SECTORS REGULATIONS, SIMILARITIES AND DIFFERENCES INSIGHTS FROM NORTH MACEDONIA
Keywords:
Cybersecurity, Healthcare, Banking, Insurance, client data, data safetyAbstract
The roots of cybersecurity legislation can be traced to 2008, with the initiative of drafting of the first European Critical Infrastructure (ECI) Directive, which focused primarily on transport and energy infrastructure. While this Directive laid the groundwork for establishing a unified approach, it did not yet address cybersecurity-related risks. Since, North Macedonia has been progressing in cybercrime regulation, prevention, and treatment. Cybersecurity poses particular challenges in healthcare, banking, and insurance, sectors that have similarities but also significant differences, because of the types of data, regulations, and risks they manage. The progress of information and communication technologies, the digitalization of almost all areas of the society, provide benefits for the citizens and institutions but at the same time face risks and challenges of data protection, breach of protocols, and various aspects of violations of cybersecurity. According to available data, the National Cybersecurity Index is 66.67 which falls in the category of “good” but not “top tier”. National legislation, strategic documents, and sectoral action plans feed towards fighting cybercrime. Healthcare, banking and insurance sectors are facing particular risks, and experience similarities and differences with respect to the specifics of the customer/ client data scope, storage, and usage. Research on cybersecurity in healthcare, banking, and insurance reveals significant social and economic consequences, including the loss of sensitive data, weakened public trust in essential services, and increased systemic vulnerabilities. This research aims to identify legislative documents and country achievements in respect to cybersecurity challenges, as well as the specifics of those in particular sectors, such as healthcare, banking and insurance. The research is based on available data analysis, official documents on legislation and cybersecurity strategies and action plans, as well as theory specifics of cybersecurity in health, banking, and insurance sectors. This research will evaluate the effectiveness of policies designed to address cybersecurity issues in those industries in North Macedonia, exploring how the consequences can be prevented and risks mitigated. These findings highlight the urgent need to address regulatory gaps, technological weaknesses, and workforce shortages to strengthen defenses, maintain stability, and ensure sustainable sectoral development. It is evident that detailed research and analysis should be further carried for each sector separately, so the purpose of this paper is to identify similarities and differences rather than to give detailed, in-depth recommendations for each sector. But the path is obvious: by addressing the issues regarding cybersecurity in these three important sectors, through legislation, country strategy and action plans, as in light to constant development of the information and communication technologies, and the sophistication of the cyber-attacks, North Macedonia can transform this challenge into an opportunity for long-term growth and development.
References
Asset Voyager. (2024). Understanding the Cybersecurity Risks in Banking Sector: A Critical Overview. Asset Voyager. https://assetvoyager.com/cybersecurity-risks-in-banking-sector/
Belfry Software. (2024). How To Do Bank Security Right: Best Practices for 2024. Belfry. https://www.belfrysoftware.com/blog/bank-security/
Cheema, R. (2023, May 15). 5 least digitized industries that are ripe for digital transformation. Insider Monkey. https://www.insidermonkey.com/blog/5-least-digitized-industries-that-are-ripe-for-digital-transformation-1150942/?singlepage=1
Duncan, C. (2024, April 2). Cybersecurity in banking: 5 biggest threats in 2025. DeskAlerts Blog. https://www.alert-software.com/blog/cybersecurity-in-banking
e-Governance Academy. (n.d.). National cyber security index. NCSI. https://ncsi.ega.ee/ncsi-index/
European Central Bank (ECB). (2024, July 26). Cyber resilience in the banking sector. ECB Banking Supervision Blog. https://www.bankingsupervision.europa.eu/press/blog/2024/html/ssm.blog240726~7bfb4e2267.en.html
European Commission. (2022, December 27). Directive (EU) 2022/2555 of the European Parliament and of the Council of 14 December 2022 on measures for a high common level of cybersecurity across the Union (NIS2 Directive). Official Journal of the European Union. https://eur-lex.europa.eu/eli/dir/2022/2555/oj
European Union. (2016, May 4). Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation). Official Journal of the European Union. https://eur-lex.europa.eu/eli/reg/2016/679/oj
European Union Agency for Cybersecurity (ENISA). (2023). Cybersecurity in the healthcare sector: Threat landscape. ENISA. https://www.enisa.europa.eu/publications/cybersecurity-in-healthcare-sector
European Union Agency for Cybersecurity (ENISA). (2022). Financial sector cybersecurity: Threat landscape. ENISA. https://www.enisa.europa.eu/publications/financial-sector-cybersecurity-threat-landscape
Gandhi, P., Khanna, S., & Ramaswamy, S. (2016, April 1). Which industries are the most digital (and why)? Harvard Business Review. https://hbr.org/2016/04/a-chart-that-shows-which-industries-are-the-most-digital-and-why
GlobalSign. (n.d.). Difference and similarities: Digitization, digitalization, and digital transformation.
Grand View Research. (2025, February). Cyber security market size, share & trends analysis report by offering (hardware, software, services), by security (endpoint security), by organization size (large enterprises), by deployment (cloud), by solution, by end use, by region, and segment forecasts, 2025–2030 [Industry report]. https://www.grandviewresearch.com/industry-analysis/cyber-security-market
Honeywell. (2023, November). What is digitalization? And why is it important?. Honeywell. https://www.honeywell.com/us/en/news/2023/11/what-is-digitalization-and-why-its-important
Karanovic & Partners. (2025, May 16). North Macedonia government approves key draft laws for digital future.
Macedonian Banking Association (MBA). (2024). Commission for information security. https://mba.mk/w/en/events/commission-for-information-security
Manyika, J., Pinkus, G., & Ramaswamy, S. (2016, January 21). The most digital companies are leaving all the rest behind. McKinsey Global Institute. McKinsey & Company.
Ministry of Digital Transformation. (2025, May 15). Gov’t approves electronic communications and cybersecurity laws. MIA News Agency.
Oentoro, A. (2024, January 11). Digitization, digitalization, and digital transformation explained. Agility CMS.
https://agilitycms.com/blog/digitization-digitalization-and-digital-transformation-explained
Security Boulevard. (2024, June). Cybersecurity in banking. https://securityboulevard.com/2024/06/cybersecurity-in-banking/
Schniering, M. (2023, September 13). Five ways to beat the odds on digital transformation. Boston Consulting Group. https://www.bcg.com/news/13september2023-five-ways-to-beat-odds-on-digital-transformation
TransforMe.AI. (2025, April 15). Why 70% of digital transformation projects fail—and how to beat the odds.
Van Tonder, C., et al. (2023). Internal organizational factors driving digital transformation for business model innovation in SMEs. Journal of Business Models, 11(2), 86–109.
Weisser H.C. & Nagyfejeo, Е. (2018). Cybersecurity Capacity Review Former Yugoslav Republic of Macedonia (FYR Macedonia). SSRN Electronic Journal. https://www.researchgate.net/publication/344018776_Cybersecurity_Capacity_Review_Former_Yugoslav_Republic_of_Macedonia_FYR_Macedonia
World Economic Forum. (2025, January 13). Global cybersecurity outlook 2025.
https://reports.weforum.org/docs/WEF_Global_Cybersecurity_Outlook_2025.pdf
