RCC CyberPulse 2025: Regional Stakeholder Join Forces in Cybersecurity

02.07.2025

The High-Level Western Balkans Cybersecurity Conference – CyberPulse 2025: Tracking Progress, Building Resilience, Driving Change – gathered government representatives, EU institutions, regional organizations, cybersecurity experts and private sector leaders to address the growing cyber threat landscape in the Western Balkans.

CyberPulse 2025 focused on three priorities:

addressing current gaps in regional cyber capacities,
exploring the role of emerging technologies, and
operationalising joint initiatives and partnerships.

Opening Remarks

The conference opened with high-level messages of commitment to regional cyber resilience:

Amer Kapetanović, Secretary General of the RCC, highlighted the sharp rise in cyber incidents and stressed that trust, political will and coordinated regional action are the strongest “firewall” against threats. He also announced the development of the new regional cybersecurity needs database.
Filip Ivanović, Deputy Prime Minister of Montenegro for Foreign and European Affairs, emphasized Montenegro’s adoption of European cybersecurity standards and its vision of a secure, resilient digital future as part of EU integration.
Michael Docherty, speaking on behalf of the European Commission Delegation, reaffirmed EU support for the region through initiatives with ENISA and the Council of Europe, underlining that cybersecurity is now a central element of the EU Growth Plan for the Western Balkans.
Gilles Schwoerer, Head of WB3C, noted that while digital transformation offers many opportunities, it also expands the attack surface, underscoring the urgent need for secure digital pathways and collective resilience.

Conference Panels

High-Level Panel: Stronger Connectivity, Smarter Security, Resilient Future (moderated by Danijela Gačević, Head of the Programme Department, RCC)
Senior government representatives from the region exchanged views on national priorities, institutional capacities, and EU integration in the field of cybersecurity.
- Governments stressed the shortage of cybersecurity professionals as a critical challenge.
- Kosovo*’s representative emphasized dependence on external consultants and the need to train public servants internally.
- Montenegro focused on intersectoral cooperation and the role of NATO and EU support.
- North Macedonia presented its new Ministry for Digital Transformation and its national cybersecurity strategy.
  Panelists:
- Bardhyl Dobra – Deputy Minister of Internal Affairs, Pristina
- Naim Gjokaj – State Secretary, Ministry of Public Administration, Podgorica
- Radoslav Nastasijevikj Vardjiski – Deputy Minister for Digital Transformation, Skopje
Navigating Cyber Threats in the Western Balkans: The Evolving Role of AI and Emerging Technologies (moderated by Mirza Jamaković, Prosecutor's Office Sarajevo)
Experts from Europol, law enforcement, and the private sector discussed the opportunities and risks of AI, from forensic tools to the misuse of generative AI by organized crime groups.
- Europol described using machine learning to analyze millions of data points in criminal investigations.
- Concerns raised about organized crime groups developing their own AI tools, including large language models, for cybercrime.
- Calls for explainable and transparent AI outcomes in cybersecurity decision-making.
- Oracle warned against uploading confidential data into public AI tools, stressing regulatory gaps.
  Panelists:
- Emmanuel Kessler – Europol
- Jelena Zelenović Matone – WomenCyberForce / Women4Cyber
- Nenad Bogunović – Cybercrime Unit, Belgrade
- Amar Dedović – Oracle
Empowering Talent: Skill-Building for the Future in the Western Balkans (moderated by Andreja Mihailović, Women4Cyber Montenegro)
The session focused on education, workforce shortages, women’s participation in cybersecurity, and ways to redirect youth talent from informal digital activities to formal opportunities.
- Highlighted that women’s participation in cybersecurity remains below 20% in the Western Balkans.
- Croatia shared progress from 30% to 52% female participation in the UN Cybersecurity Working Group between 2019 and 2024.
- Albania’s Cybersecurity Agency argued for education reform starting at primary school.
- Open Society Foundation raised concerns about youth involvement in grey/illegal digital activities, calling for redirection into formal sectors.
  Panelists:
- Tamara Tafra – Deputy Minister of Foreign and European Affairs, Zagreb
- Igli Tafa – Director, National Cybersecurity Agency, Tirana
- Andi Dobrushi – Open Society Foundation
- Fabio di Franco – ENISA
Integrating Experience and Strategy: A Multisector Dialogue on SOC Advancement (moderated by Vanja Madžgalj, WB3C)
Panelists shared good practices for building and operating Security Operations Centres, stressing the importance of policy alignment, inter-sectoral cooperation and trust-building between public and private actors.
Albania’s national experience showed that the 2022 cyberattack became a catalyst for building SOC capacity and adopting “zero trust” and defense-in-depth strategies.
Differences between public and private sector approaches to threat intelligence were emphasized, with trust and data-sharing seen as barriers for public institutions.
North Macedonia introduced a new law placing the Ministry for Digital Transformation as the central cybersecurity authority.
Panelists:
- Franc Zyliftari – Head of Incident Response Team, Tirana
- Philippe Gillet – Gatewatcher, Paris
- Aleksandar Acev – Cyber Balkans, Skopje
Sectors United Against Cyber Threats: Building Bridges Across Sectors (Milan Sekuloski, e-Governance Academy, Tallinn)
This discussion brought together public institutions, civil society, academia, and the private sector, highlighting how multi-stakeholder collaboration is essential to strengthening regional resilience.
- Pristina shared good practices in bringing all relevant actors together regularly on critical infrastructure protection.
- Civil society organizations were recognized as important but vulnerable actors requiring targeted cyber hygiene tools and support.
- SMEs were highlighted as particularly exposed, requiring systemic support from the public sector.
- The EBRD linked its investment strategy to cybersecurity, showing that infrastructure projects cannot be sustainable without integrated cyber risk management.
  Panelists:
- Lulezon Jagxhiu – Prime Minister’s Cabinet, Pristina
- Predrag Puharić – Cybersecurity Centre of Excellence, Sarajevo
- Ivona Dabetić – NGO Secure, Podgorica
- Roy Yarom – European Bank for Reconstruction and Development (EBRD)

The conference concluded that cybersecurity in the Western Balkans can no longer be treated as a purely technical issue but must be recognized as a strategic priority, requiring long-term cooperation, sustained investment and coordinated regional action.

Other news and events

Upcoming

Regional Conference on Foreign Information Manipulation and Interference and Disinformation

Regional Conference on Foreign Information Manipulation and Interference (FIMI) and Disinformation

REGIONAL CONFERENCE ON FIMI AND DISINFORMATION

📅 6–7 May 2026
📍 Science and Technology Park, Podgorica (Conference Hall Unicorn, II floor)

Held under the Chatham House Rule, the conference explores how governments and societies can anticipate (prebunk), prevent, and respond (debunk) to malign information operations. Filming and recording is allowed only in the opening session. The preparation of this conference is supported by the Atlantic Council of Montenegro.

Conference programme:

DAY 1 – Wednesday, 6 May 2026

🕘 09:00 – 09:30 | OPENING REMARKS

Objectives, Chatham House Rule, Expected Outcomes

Conference host: Vanja Madzgalj, Senior Project Manager, WB3C

Speakers:

Gilles Schwoerer, WB3C
Filip Ivanović, Deputy Prime Minister for Foreign and European Affairs, Montenegro
EU representative (TBC)

🕤 09:30 – 10:15 | KEYNOTE ADDRESS

FIMI as a National Security and Governance Challenge

How foreign influence exploits governance gaps — a historical reflection and how states respond without undermining freedoms.

Speaker: David Colon, PhD, Associate Professor, Sciences Po, France

🕥 10:15 – 11:15 | CASE STUDY

Anatomy of Disinformation Operations: Case Study and Lessons Learned

From storyline to impact: mapping actors, vectors, and decision-making pressure points.

Speaker: Ronan Mouchoux, Co-founder and CTO, XRATOR, France

☕ 11:15 – 11:45 | NETWORKING BREAK

🕦 11:45 – 12:30 | PANEL 1

How FIMI Operations Actually Work

What distinguishes organic debate from coordinated manipulation? Evidence thresholds: what is enough to act as a government? How can early detection enable prebunking of emerging narratives before they take hold?

Speakers:

Lejla Turčilo, PhD, Full Professor at the Faculty of Political Science, University of Sarajevo
Miroslav Sazdovski, Senior Analyst, European Centre of Excellence for Countering Hybrid Threats
Filip Stojanovski, Metamorphosis Foundation

Moderator: Marko Banović, Digital Forensic Centre, Montenegro

🕧 12:30 – 13:15 | CASE STUDY

Disrupting a Covert Influence Operation: The REST Media / Rybar Case

A deep dive into a Russian state-affiliated influence operation, examining tactics, attribution, and links to the Western Balkans. The session will also explore how such networks can be exposed and disrupted, including legal and operational approaches to tackling FIMI infrastructure.

Speaker: Jakub Kubś, PhD, Researcher at GLOBSEC

🍽 13:15 – 14:15 | LUNCH BREAK

🕑 14:15 – 15:00 | PANEL 2

Election Integrity: Building Resilience

A whole-of-society approach to countering FIMI — institutions, platforms, media, and rapid response protocols for the final mile including prebunking of electoral manipulation narratives.

Speakers:

Milica Kovačević, President, Centre for Democratic Transition (CDT)
Zlatko Vujović, PhD, CEO of the European Network for Election Monitoring (ENEMO)
Danijela Vojinović, Centre for Research, Transparency and Accountability (CRTA)
OSCE/ODIHR (TBC)

Moderator: Olivera Komar, PhD, Full Professor at the Faculty of Political Science, University of Montenegro

🕒 15:00 – 15:45 | PANEL 3

Response Options: What is Legitimate, Effective and Safe

Public communication under uncertainty, legal tools, cross-government coordination, institutional trust, media literacy

Speakers:

Thibaud Perrard (Mhack), THUCY, Cybersecurity expert and founder of Offensive Intelligence
Radica Zeković, Director General at the Directorate for Media, Ministry of Culture and Media of Montenegro
Jetmir Rajta, Specialist at the Sector for Statistics, Modelling and Indicator Analysis, National Authority for Cybersecurity of Albania

Moderator: Draško Jabučanin, Analyst, Digital Forensic Centre, Montenegro

🕓 15:45 – 16:00 | DAY 1 CLOSING

Reflection and Family Photo

DAY 2 – Thursday, 7 May 2026

🕘 09:00 – 09:15 | MORNING BRIEFING

Recap & Key Takeaways

🕤 09:15 – 10:15 | PANEL 4

Safeguarding the European Path: Building Resilience in the Western Balkans

Strengthening institutions, defending public trust, and reducing vulnerabilities to foreign interference.

Speakers:

Biljana Papović, State Secretary, Ministry for European Affairs of Montenegro
Natalie Pauwels, Head of the Strategic Coordination and Communication Unit, DG ENEST
Miroslav Sazdovski, Senior Analyst, European Centre of Excellence for Countering Hybrid Threats
Armela Krasniqi, Chairwoman of the Audiovisual Media Authority of Albania

Moderator: Nikoleta Đukanović, PhD, Associate Professor, Faculty for Humanistic Studies, University Donja Gorica

🕥 10:15 – 11:00 | PANEL 5

Judicial Response to FIMI and Disinformation
From digital evidence to prosecution of FIMI. Strengthening rule of law in the digital space.

Speakers:

Audrey Gerbaud, Deputy Prosecutor at the Paris Judicial Court, Cyber Department J3
Arben Murtezić, PhD, Legal Counsel at the Office of Vice President of the Federation of Bosnia and Herzegovina
Marina Barbir, Judge at Higher Court in Belgrade
Ivan Jokić, Head of Cybercrime Unit, Police Administration of Montenegro

Moderator: Ana Bukilić, Programme Manager at IDLO

☕ 11:00 – 11:30 | NETWORKING BREAK

🕦 11:30 – 12:30 | PANEL 6

Media on the Frontline of the Fight Against Disinformation

How media organisations detect, verify, respond to, and build resilience against disinformation, including AI-generated content with a focus on debunking practices and audience trust.

Speakers:

Nicolas Goinard, Journalist, Ouest-France
Marko Banović, Analyst, Digital Forensic Centre
Adelina Hasani, PhD, Head of Research at Kosovar Institute for Policy Research and Development (KIPRED)
Sunčica Bakić, Director, Agency for Audio-Visual Media Services of Montenegro

Moderator: Olivera Nikolić, Director of Montenegro Media Institute

🕧 12:30 – 14:00 | INTERACTIVE EXERCISE

War Game: Tabletop Simulation

Mixed country groups with assigned roles. Injects: manipulated video, leaked documents, coordinated hashtags, proxy media, diaspora channels, offline incidents. Participants will test both prebunking and debunking responses under time pressure.

Facilitators:

Ronan Mouchoux, Co-founder and CTO, XRATOR
Thibaud Perrard (Mhack), THUCY, Cybersecurity expert and founder of Offensive Intelligence
Nicolas Goinard, Journalist, Ouest-France

🕑 14:00 – 14:15 | CLOSING REMARKS

Conference Wrap-up and Family Photo

🍽 14:15 – 15:15 | LUNCH

✈️ DEPARTURE

III International Conference of the Association of Security Managers of Montenegro

WB3C took part in the III International Conference of the Association of Security Managers of Montenegro on 17-18 April in Budva, attended by security professionals from Montenegro and the region.

Every year, the conference creates a platform for discussion on how the security landscape is evolving, particularly in light of rapid technological change.
WB3C had the opportunity to contribute to the panel exploring “The Role of the CISO in the Post Quantum Era: Risks, Investments and Operational Shifts.” The discussion addressed what the emergence of quantum technologies means in practice: for cryptography, data protection, risk management and ultimately for how organisations structure and empower their security leadership.
Across the conference, one message was consistent: cyber resilience is becoming a core governance issue, not just a technical one. In this context, regional cooperation and alignment with European and international partners remain essential.

Our colleagues Gilles Schwoerer and Maja Miranovic took this opportunity to congratulate Dragan Radulović on his election as the next President of the Southeastern Europe Corporate Security Association (SEECSA).

CTI for Critical Infrastructure Training Completed

Last week at WB3C, we wrapped up a four-day training on Cyber Threat Intelligence (CTI) focused on the energy sector and government infrastructure, led by Ljuban Petrovic.

Working with SOC, CSIRT and CERT teams from across the region, the training reinforced a simple point: CTI only matters when it informs decisions. When it helps prioritise. When it changes how teams prepare and respond.
The sectoral focus proved its value. Energy infrastructure comes with its own risk landscape, and the discussions reflected that reality—specific, operational, and directly relevant.

We are continuing this work in September, building on what started here.
Because strengthening resilience is not a one-off effort. It is something that develops over time, through practice, exchange, and trust.