Assess Your Cyber Hygiene by taking our Quiz!

Security starts with awareness. Take our quick self-assessment. At NCSA, we work to Nurture awareness, Collaborate for stronger defenses, Secure the Maldives' digital future, and Adapt to emerging cyber threats.

Take the Quiz quiz

account_balance About NCSA

NCSA stands for National Cyber Security Agency and was established under the Presidential Directive on 18th March 2024, NCSA is the central authority for coordinating and implementing national cybersecurity initiatives in the Maldives.

We are a regulatory body empowered to develop policies, manage cyber incidents, promote awareness, and foster collaboration to protect the nation's critical infrastructure and digital assets, operating under the Ministry of Homeland Security and Technology.

spa
Nurture

Fostering awareness & capability growth.

groups
Collaborate

Building strong public & private partnerships.

shield
Secure

Protecting national digital infrastructure.

sync
Adapt

Evolving with the cyber threat landscape.

Our Core Objectives

policy
Framework & Policyarrow_upward

Develop and implement comprehensive policies, regulations, and standards.

Framework & Policyclose

Develop and implement comprehensive cybersecurity policies, regulations, and standards adhering to international best practices to create a robust legal and operational foundation.

shield_lock
National Capabilitiesarrow_upward

Establish capabilities for cyber incident detection, prevention, and response.

National Capabilitiesclose

Establish and maintain national capabilities for effective cyber incident detection, prevention, response, and recovery, including operating the MV-CSIRT and National SOC.

hub
Collaborationarrow_upward

Foster cross-sector coordination and lead international cooperation efforts.

Collaborationclose

Foster effective cross-sector coordination between public institutions and the private sector. Lead international cooperation initiatives to share intelligence and best practices.

school
Awareness & Capacityarrow_upward

Improve cybersecurity awareness and build national capacity through training.

Awareness & Capacityclose

Improve cybersecurity awareness among citizens and organizations nationwide. Build national capacity through targeted training, education programs, and skills development initiatives.

gavel
Guidance & Enforcementarrow_upward

Provide expert advice, technical guidance, and enforce regulations.

Guidance & Enforcementclose

Provide expert advice and technical guidance to stakeholders. Enforce cybersecurity regulations effectively to safeguard national digital interests and ensure compliance.

trending_upCurrent Posture

Our strategic vision is to elevate the Maldives to the top tier of global cybersecurity readiness within the next five years.

ITU Global Cybersecurity Index (GCI)

Our current GCI Score (2024): 14.82 / 100

Our Goal (2029): Achieve Tier 1 Ranking (>85 / 100)

Areas for Improvement

  • gavelLegal (4.52/20)
    Pass Cyber Security Act, Establish baseline & regulatory frameworks, License professionals.
  • memoryTechnical (0/20)
    Establish National SOC & CERT/CSIRT, Certify NCSA professionals, Implement CI/GRC measures, Secure Software Dev. Model.
  • groupsOrganizational (4.88/20)
    Endorse national strategy, Formalize NCSA legally, Child Online Protection initiatives, Regular security audits.
  • schoolCapacity Building (3.16/20)
    National awareness campaigns, Integrate cyber into curricula, Sustainable talent pipeline (MNU, colleges), Target 50 certified individuals/year.
  • publicCooperation (2.26/20)
    Formal public-private partnerships, International agreements (CERTs), Inter-agency collaboration reporting.

calendar_todayVision 2.0 Initiatives

Mapping the journey of the President's Digital Transformation Vision for national cybersecurity.

This timeline outlines the key phases and milestones planned under the Maldives 2.0 initiative to enhance our cyber resilience and capabilities.

Phase Details

  • gavel Phase I: Legal & Institutional Framework (2024-2025)

    Establishing the foundational legal and organizational structures.

    Key Milestones:
    • check_circle NCSA Establishment (Presidential Directive)
    • check_circle Cyber Security Act Drafted
    • check_circle Stakeholder Consultation of the draft act Conducted
    • check_circle Baseline Cybersecurity Framework Developed
    • schedule Secure Software Development Maturity Model Published
    • schedule Ratification of the Cyber Security Act
    Overall Phase Progress:
  • settings_suggest Phase II: Operational Readiness (2026)

    Building core operational capabilities, implementing key frameworks, and onboarding key sectors.

    Key Milestones:
    • schedule National SOC Establishment & Initial Operation
    • schedule MV-CSIRT Establishment & Initial Operation
    • schedule Identification & Designation of Critical Infrastructure Sectors
    • schedule Initial Threat Intelligence Platform Integration
    • schedule Cybersecurity Service Provider Licensing Framework Implemented
    Overall Phase Progress:
  • school Phase III: National Capacity Building (2027–2028)

    Enhancing national skills, promoting awareness, and protecting vulnerable groups online.

    Key Milestones:
    • schedule National Cyber Security Podcast Launched (in Association with PSM)
    • schedule National Skills Pipeline Program Launched (with Higher Education Instututes)
    • schedule National Cybersecurity Awareness Campaign Rollout
    • schedule Child Online Protection Initiatives Enhanced
    • schedule 50 Cyber Security Professionals Certified
    Overall Phase Progress:
  • emoji_events Phase IV: Maturity & Regional Leadership (2029)

    Achieving top-tier GCI ranking and establishing regional influence.

    Key Milestones:
    • schedule Achieve ITU GCI Tier 1 Ranking (>85/100)
    • schedule Establish Regional Cyber Safe Summit
    • schedule Formalize International Cooperation Agreements (CERTs, etc.)
    • schedule Mature Public-Private Partnership Program Assessment
    Overall Phase Progress:

library_booksPublications

Explore the core components of our National Strategy or download official documents.

National Cyber Security Strategy Components

verified_user Core Values
  • checkCyber Sovereignty: Maintain control over the nation’s digital landscape and data.
  • checkBalanced Security: Secure digital spaces while enabling innovation and growth.
  • checkPeople, Process, Technology: Strengthen cybersecurity through skilled personnel, effective processes, and advanced technology.
  • checkResilience: Develop the capacity to withstand, respond to, and recover from cyber incidents.
  • checkResponsible Digital Citizenship: Encourage responsible digital consumption and behaviour across society.
track_changes Strategic Objectives
  • arrow_forwardProtect National and Public Interests: Secure government systems, businesses, and citizens against cyber threats.
  • arrow_forwardEnhance Cyber Resilience: Build and promote the capacity to withstand, respond to, and recover from cyber incidents.
  • arrow_forwardPromote Global and Regional Leadership: Achieve international recognition in cybersecurity while safeguarding Maldivian interests.
  • arrow_forwardSupport Economic Growth: Foster a secure digital environment that encourages innovation and economic development.
  • arrow_forwardFoster Collaboration: Strengthen cooperation between government, private sector, and civil society to achieve collective cybersecurity goals.
Strategy Pillars
gavel Governance & Policy

NCSA leadership, Legislation, GRC Standards & Audits.

handshake Public & Private Interests

GRC Support, Toolkits, Support Hub, Testing & Certification, Provider Registry.

security Cyber Defence & Resilience

CI Protection, Incident Response Plan, Proactive Monitoring, Resilience Testing, Threat Intel Sharing.

campaign Public Awareness & Education

School Programs, Parental Support, Nationwide Campaigns, Digital Citizenship.

public Int. Partnerships & Leadership

Global Collaboration, Regional Leadership, Cross-Border Cooperation, Legal Cooperation.

download Donwload the Strategy file_downloadPDF

schoolTraining Engagements

Highlighting cybersecurity awareness and skills development sessions conducted for various organizations.

STELCO Training Session
STELCO

groups Face-to-Face

people_alt Participants: 65+

Information Security for Middle Managers: Securing Critical Infrastructure.

Civil Service Commission Training
Permanent Secretaries - CSC

groups Face-to-Face

people_alt Participants: 20+

Briefing on NCSA roles and the challenges of achieving national cyber safety.

Councils Online Training
SGs of Councils

laptop_mac Online

people_alt Participants: 200+

Developing a Cybersecurity Mindset for local council leadership.

Supreme Court Training
Judicial Academy: Supreme Court

groups Face-to-Face

people_alt Participants: (Justices)

Specialized cybersecurity training session for Supreme Court Justices.

Superior Courts Online Training
Judicial Academy: Superior Courts

laptop_mac Online

people_alt Participants: (Judges & Magistrates)

Online cybersecurity training covering key principles for Judges and Magistrates.

Ministry of Health Training
Ministry of Health - IT Staff

groups Face-to-Face

people_alt Participants: 30+

Technical training focused on securing Microsoft Office 365 environments.

quizCyber Hygiene Quiz

Take this short quiz to assess your cyber hygiene practices and awareness of online scam tactics. Get personalized recommendations to enhance your digital safety.

info_outline This assessment is based on elements from academically tested instruments like the Cyber Hygiene Index (CHI) and Online Fraud Susceptibility Questionnaire (OFSQ) concepts, adapted to promote awareness and self-reflection. Results are indicative and intended for educational purposes.

help_outlineFAQ

Understanding the National Cyber Security Act and NCSA.

  • labelWhat is the main purpose of the National Cyber Security Act?
    The Act provides a framework to promote the security and resilience of people, processes, technology, and critical infrastructure in the Maldives against cyber threats and threat actors. The act also provide legal authority the NCSA and address Critical Infrastructure regulations, National SoC and a National Cyber Indicdent response center and its roles and jurisdictions among other things.
  • label_outlineWho does the Act apply to?
    The Act applies generally to cybersecurity activities within the country
  • label_outlineWhat is the National Cyber Security Agency (NCSA)?
    NCSA is the central authority established by a Presidential Directive. The act that will provide legal authoirty has been drafted is expected to reach the Parliment soon
  • label_outlineWhat are the NCSA's main functions/directives?
    NCSA's main function is to be a regulatory body to standardise cyber security and make sure proper policies and porcess are in place to protect the nation.
  • label_outlineWhat is National SoC?
    The National Cyber Security operation center that will be the primary center for actively monitoring cyber threat inteligence feeds from all the public sector instutions legally under NCSA jurisdiction.
  • label_outlineWhat is considered Critical Infrastructure?
    Any digital assest or service that is vital for the running of the counrty. We are working to create the regulatory framework for identifying and designating Critical Infrastructure and its responsibilities.
  • label_outlineDo I need a license to offer cybersecurity services?
    Yes, once the regulatory framework is published, cyber security professionals are required to register and managed sercurity service providers are required to get a license to offer their services.