Kosovo Safety and Security Programme-Combating Cyber Crime in Kosovo (C3K)

Report Cover Image
Evaluation Plan:
2021-2025, Kosovo
Evaluation Type:
Final Project
Planned End Date:
08/2021
Completion Date:
09/2021
Status:
Completed
Management Response:
No
Evaluation Budget(US $):
13,000

Share

Document Type Language Size Status Downloads
Download document TOR - FINAL Evaluation Specialist.pdf tor English 284.59 KB Posted 2
Download document C3K Project Implementation Evaluation Report - FINAL.pdf report English 1139.74 KB Posted 1
Title Kosovo Safety and Security Programme-Combating Cyber Crime in Kosovo (C3K)
Atlas Project Number: 00100185
Evaluation Plan: 2021-2025, Kosovo
Evaluation Type: Final Project
Status: Completed
Completion Date: 09/2021
Planned End Date: 08/2021
Management Response: Yes
UNDP Signature Solution:
  • 1. Governance
Corporate Outcome and Output (UNDP Strategic Plan 2018-2021)
  • 1. Output 2.2.1 Use of digital technologies and big data enabled for improved public services and other government functions
  • 2. Output 2.2.3 Capacities, functions and financing of rule of law and national human rights institutions and systems strengthened to expand access to justice and combat discrimination, with a focus on women and other marginalised groups
  • 3. Output 3.2.2 National and local systems enabled and communities empowered to ensure the restoration of justice institutions, redress mechanisms and community security
SDG Goal
  • Goal 16. Promote peaceful and inclusive societies for sustainable development, provide access to justice for all and build effective, accountable and inclusive institutions at all levels
SDG Target
  • 16.1 Significantly reduce all forms of violence and related death rates everywhere
  • 16.4 By 2030, significantly reduce illicit financial and arms flows, strengthen the recovery and return of stolen assets and combat all forms of organized crime
  • 16.6 Develop effective, accountable and transparent institutions at all levels
  • 16.8 Broaden and strengthen the participation of developing countries in the institutions of global governance
  • 16.a Strengthen relevant national institutions, including through international cooperation, for building capacity at all levels, in particular in developing countries, to prevent violence and combat terrorism and crime
Evaluation Budget(US $): 13,000
Source of Funding: Project budget
Evaluation Expenditure(US $): 6,050
Joint Programme: No
Joint Evaluation: No
Evaluation Team members:
Name Title Email Nationality
Krenar Loshi Local project evaluation consultant krenar.loshi@gmail.com KOSOVO
GEF Evaluation: No
Key Stakeholders: Ministry of Internal Affairs, Kosovo Police
Countries: KOSOVO
Lessons
1.

Ensuring continuous close communication with all stakeholders is paramount in avoiding pitfalls due to frequent changes in the government or ministerial leadership.


2.

Demand driven activities and joint design of such, ensures high degree of implementation, even at challenging times, as it has been during the Covid19 pandemic.


Findings
1.

UNDP over the years through KOSSAC and KSSP programmes, and through C3K project has established a credible profile in the field of security and enjoys full trust from all institutional CERTs, which paves the way for future engagement with MIA and respective security institutions.


2.

The project, specifically through the trainings, has contributed to improved performance of institutional CERTs, especially KP?s CCIS and Digital DFU, and the RAEPC.


3.

The project is on track to achieve the targets set forth in the logframe. The overwhelming majority of interviewees was of the opinion that the project team is very committed, professional, and supportive.


4.

Generally, and despite a difficult situation in 2020 due to Covd19 pandemic, the institutional partners speak favourably about their collaboration with the project and are fully satisfied how the project managed to adapt the activities on-line, while maintaining a high level of quality.


5.

The forthcoming Law on Cyber Security is expected to add to the quality of the interventions and improve the institutional capacities for leadership and coordination.


Recommendations
1

Focus more on cybersecurity capacity development and awareness raising activities, covering prevention and advocacy aspects, and policy making and coordination processes, build around MIA, as main lead partner, in cooperation with KP, RAEPC and AIS.

2

The technical aspects, related to specialised equipment, software and trainings (e.g. digital forensics) required for cybercrime investigation and prosecution, besides requiring significant resources, they are largely covered by other donors such as the U.S. and the EU programmes respectively, thus ought to be covered only if necessary under a separate outcome or even a separate project of more technical – procurement centred nature.

3

Focus on providing policy support to completion of the legal infrastructure and development of the new Strategy Cyber Security, through sponsoring relevant local surveys, analysis and research papers in the domain of cybersecurity.

4

Identify suitable local partner Experts, CSOs and Think Tanks and commission analysis and research papers which are very scarce, yet necessary to feed into the policy making processes in the field of cybersecurity.This also contributes to strengthening of non-government sector capacities in the field of cybersecurity and overall sustainability of results.

5

The anticipated establishment of the Cyber Security Authority by the government, most probably under the MIA, is expected to lead and coordinate all cybersecurity efforts, and should be the centre of focus in terms of capacities to gather, analyse and disseminate information amongst relevant stakeholders.

6

Further strengthen capacities of KP first responders in regional and local KP stations, in preliminary investigation techniques related to reported cybercrime, as this stage determines the effectiveness of later more advanced investigation stages.

7

Ensure continuity of provision of specialised professional trainings and certification to CERTs in demand driven basis.

8

Advocacy and awareness should be further enhanced, both in terms of protection from potential cyber threats, as well working with various local IT labs, to target more women to specialise on cybersecurity.

9

Engage with MEST to strengthen awareness and advocacy actions targeting schools, pupils and students.

10

Engage with institutions and businesses to open up and encourage ethical hacking activities in testing their cybercrime prevention capacities. Offer awards to successful hacks.

11

Identify Champions of Change and support their engagement in TV debates, presentations, lectures, etc.

12

Maintain demand driven approach to development of trainings, and where possible spread out trainings over time to provide more space for stakeholders to participate while being able to carry out their daily duties uninterrupted.

13

Develop a comprehensive M&E mechanism to ensure quality analysis not only on progress reporting, but also in feeding into research, policy studies, papers and publications. If resources allow, engage an additional staff covering Monitoring, Evaluation and Learning aspects of the project.

Latest Evaluations

Contact us

1 UN Plaza
DC1-20th Floor
New York, NY 10017
Tel. +1 646 781 4200
Fax. +1 646 781 4213
erc.support@undp.org