Simply put, CTI is about turning information into insight, before a threat happens.

Not just collecting data on threats, but understanding who is behind them, how they operate, and what that means for your own systems.
Without that understanding, cybersecurity remains reactive. With it, organisations can anticipate, prioritise and respond with purpose.

Next week at WB3C, we will be running a four-day regional training on Cyber Threat Intelligence (CTI).
The training is designed for SOC, CSIRT and CERT teams, as well as IT professionals working within critical entities—specifically the energy sector. The choice is deliberate.

We are taking a sectoral approach to cybersecurity capacity building. Because threats are not abstract—they target specific systems, infrastructures and vulnerabilities. And the energy sector, as a backbone of economic and societal stability, requires tailored, operationally relevant skills that reflect its real risk landscape.
Over four days, participants will cover:
💡 understanding CTI in the context of critical infrastructure
💡 analysing threats and assessing their impact
💡 translating intelligence into actionable outputs

All week, we will be working closely with cybersecurity professionals from across the region’s energy sector—moving from concepts to application, and building capabilities that can directly support operational decision-making.
This is where CTI becomes operational. Protecting our energy infrastructure means protecting our economy, our security and our livelihood.

Image: Patrick https://lnkd.in/diYnZEgB

Day 3 was dedicated to direct engagement with industry.
The WB3C delegation attended presentations by leading cybersecurity companies, including Alcyconie, Sekoia.io and GATEWATCHER, gaining insight into practical solutions and operational approaches to current cyber threats.
The day continued with a hands-on workshop by Alcyconie focused on crisis management, built around a real-life scenario. Members of the delegation took part in the exercise, working through response coordination and decision-making in a simulated incident environment. There was a number of informal meetings with numerous industry representatives around the event venue.

Today, the Western Balkans Cyber Capacity Centre (WB3C) team also met with the organisers of the Forum INCYBER (FIC) to advance discussions on bringing a similar event to Podgorica this June. The meeting focused on shaping the concept, format and partnerships of what would become the first cybersecurity industry forum of this kind in the Western Balkans, formally linked to the InCyber network.

A highly productive and valuable study visit to Lille.

Western Balkans delegation had a productive day at the cybersecurity industry fair in Lille. First, they participated in a panel discussion dedicated to the topic of cybersecurity of critical infrastructure. The discussion highlighted regional experiences, key challenges and priorities in protecting critical entities while opening a direct exchange with European counterparts and exchanging views on emerging issues in critical infrastructure protection.
There was a strong interest from the audience which led to a lively discussion, opening numerous related questions. 
The panel ensured that perspectives from the region are part of the broader cybersecurity conversation and that the region receives visibility in one of the leading European industry events. 

The afternoon was reserved for attending presentations by a selected number of cybersecurity companies, followed by targeted B2B meet-ups. These meetings enabled direct introductions, exchange of practical solutions, and exploration of potential cooperation with industry partners.

Today was an excellent day for creating concrete opportunities for future cooperation and partnership development.
https://lnkd.in/dcAg6kcR

Photo credit: Forum INCYBER (FIC)