RCC CyberPulse 2025: Regional Stakeholder Join Forces in Cybersecurity

02.07.2025

The High-Level Western Balkans Cybersecurity Conference – CyberPulse 2025: Tracking Progress, Building Resilience, Driving Change – gathered government representatives, EU institutions, regional organizations, cybersecurity experts and private sector leaders to address the growing cyber threat landscape in the Western Balkans.

CyberPulse 2025 focused on three priorities:

addressing current gaps in regional cyber capacities,
exploring the role of emerging technologies, and
operationalising joint initiatives and partnerships.

Opening Remarks

The conference opened with high-level messages of commitment to regional cyber resilience:

Amer Kapetanović, Secretary General of the RCC, highlighted the sharp rise in cyber incidents and stressed that trust, political will and coordinated regional action are the strongest “firewall” against threats. He also announced the development of the new regional cybersecurity needs database.
Filip Ivanović, Deputy Prime Minister of Montenegro for Foreign and European Affairs, emphasized Montenegro’s adoption of European cybersecurity standards and its vision of a secure, resilient digital future as part of EU integration.
Michael Docherty, speaking on behalf of the European Commission Delegation, reaffirmed EU support for the region through initiatives with ENISA and the Council of Europe, underlining that cybersecurity is now a central element of the EU Growth Plan for the Western Balkans.
Gilles Schwoerer, Head of WB3C, noted that while digital transformation offers many opportunities, it also expands the attack surface, underscoring the urgent need for secure digital pathways and collective resilience.

Conference Panels

High-Level Panel: Stronger Connectivity, Smarter Security, Resilient Future (moderated by Danijela Gačević, Head of the Programme Department, RCC)
Senior government representatives from the region exchanged views on national priorities, institutional capacities, and EU integration in the field of cybersecurity.
- Governments stressed the shortage of cybersecurity professionals as a critical challenge.
- Kosovo*’s representative emphasized dependence on external consultants and the need to train public servants internally.
- Montenegro focused on intersectoral cooperation and the role of NATO and EU support.
- North Macedonia presented its new Ministry for Digital Transformation and its national cybersecurity strategy.
  Panelists:
- Bardhyl Dobra – Deputy Minister of Internal Affairs, Pristina
- Naim Gjokaj – State Secretary, Ministry of Public Administration, Podgorica
- Radoslav Nastasijevikj Vardjiski – Deputy Minister for Digital Transformation, Skopje
Navigating Cyber Threats in the Western Balkans: The Evolving Role of AI and Emerging Technologies (moderated by Mirza Jamaković, Prosecutor's Office Sarajevo)
Experts from Europol, law enforcement, and the private sector discussed the opportunities and risks of AI, from forensic tools to the misuse of generative AI by organized crime groups.
- Europol described using machine learning to analyze millions of data points in criminal investigations.
- Concerns raised about organized crime groups developing their own AI tools, including large language models, for cybercrime.
- Calls for explainable and transparent AI outcomes in cybersecurity decision-making.
- Oracle warned against uploading confidential data into public AI tools, stressing regulatory gaps.
  Panelists:
- Emmanuel Kessler – Europol
- Jelena Zelenović Matone – WomenCyberForce / Women4Cyber
- Nenad Bogunović – Cybercrime Unit, Belgrade
- Amar Dedović – Oracle
Empowering Talent: Skill-Building for the Future in the Western Balkans (moderated by Andreja Mihailović, Women4Cyber Montenegro)
The session focused on education, workforce shortages, women’s participation in cybersecurity, and ways to redirect youth talent from informal digital activities to formal opportunities.
- Highlighted that women’s participation in cybersecurity remains below 20% in the Western Balkans.
- Croatia shared progress from 30% to 52% female participation in the UN Cybersecurity Working Group between 2019 and 2024.
- Albania’s Cybersecurity Agency argued for education reform starting at primary school.
- Open Society Foundation raised concerns about youth involvement in grey/illegal digital activities, calling for redirection into formal sectors.
  Panelists:
- Tamara Tafra – Deputy Minister of Foreign and European Affairs, Zagreb
- Igli Tafa – Director, National Cybersecurity Agency, Tirana
- Andi Dobrushi – Open Society Foundation
- Fabio di Franco – ENISA
Integrating Experience and Strategy: A Multisector Dialogue on SOC Advancement (moderated by Vanja Madžgalj, WB3C)
Panelists shared good practices for building and operating Security Operations Centres, stressing the importance of policy alignment, inter-sectoral cooperation and trust-building between public and private actors.
Albania’s national experience showed that the 2022 cyberattack became a catalyst for building SOC capacity and adopting “zero trust” and defense-in-depth strategies.
Differences between public and private sector approaches to threat intelligence were emphasized, with trust and data-sharing seen as barriers for public institutions.
North Macedonia introduced a new law placing the Ministry for Digital Transformation as the central cybersecurity authority.
Panelists:
- Franc Zyliftari – Head of Incident Response Team, Tirana
- Philippe Gillet – Gatewatcher, Paris
- Aleksandar Acev – Cyber Balkans, Skopje
Sectors United Against Cyber Threats: Building Bridges Across Sectors (Milan Sekuloski, e-Governance Academy, Tallinn)
This discussion brought together public institutions, civil society, academia, and the private sector, highlighting how multi-stakeholder collaboration is essential to strengthening regional resilience.
- Pristina shared good practices in bringing all relevant actors together regularly on critical infrastructure protection.
- Civil society organizations were recognized as important but vulnerable actors requiring targeted cyber hygiene tools and support.
- SMEs were highlighted as particularly exposed, requiring systemic support from the public sector.
- The EBRD linked its investment strategy to cybersecurity, showing that infrastructure projects cannot be sustainable without integrated cyber risk management.
  Panelists:
- Lulezon Jagxhiu – Prime Minister’s Cabinet, Pristina
- Predrag Puharić – Cybersecurity Centre of Excellence, Sarajevo
- Ivona Dabetić – NGO Secure, Podgorica
- Roy Yarom – European Bank for Reconstruction and Development (EBRD)

The conference concluded that cybersecurity in the Western Balkans can no longer be treated as a purely technical issue but must be recognized as a strategic priority, requiring long-term cooperation, sustained investment and coordinated regional action.

Other news and events

Protection of Critical Infrastructure Training for IT teams

Three days of intensive training (9-11 Sep 2025) on the protection of critical infrastructure wrapped up in Podgorica this week at the Western Balkans Cyber Capacity Centre (WB3C) premises. The training explored vulnerabilities of critical systems such as energy, transport, healthcare and water supply, and delivered practical sessions on risk management, ICS/OT security and incident response. This program brought together IT officers from across the Western Balkans public sector.
The highlight of the final day was a Capture the Flag (CTF) challenge, where participants applied the response skills in a competitive but collaborative setting. A special moment worth noting: first and third place went to women participants (from Albania and Kosovo*). This shows the strength of diverse teams and why we remain committed to encouraging more women in cybersecurity.
We thank our excellent partners Urad Vlade Republike Slovenije za informacijsko varnost (URSIV, Slovenia), Igor Kovač and Gregor Spagnolo for delivering such high-level expertise and engaging sessions.
The training closed with a certificate ceremony and closing remarks by Gilles Schwoerer, with lots of smiles, great vibes and a strong sense of community.

EU Legislation and Public Sector Standards for Cyber

This week in Bar, Montenegro, DCAF - Geneva Centre for Security Sector Governance and Regional School of Public Administration (ReSPA) and Western Balkans Cyber Capacity Centre (WB3C) jointly delivered a three-day regional training on cybersecurity legislation and public-sector standards.
The event gathered representatives from across the Western Balkans’ public administrations — an opportunity to connect networks, exchange practices, and strengthen a common regional approach to cybersecurity capacity. The programme was funded by the UK's Foreign, Commonwealth and Development Office, with Melanie Moffat from the British Embassy Podgorica attending the training.

Day 1 opened with remarks from Franziska Klopfer (DCAF) and Gilles Schwoerer (Head of WB3C). In his opening address, Gilles underlined that WB3C is not just a centre in Podgorica, but a regional platform designed as a resource for the entire Western Balkans — built for the region, to be used by the region. The day continued with sessions on EU legislation and certification frameworks, including insights into Italy’s cybersecurity architecture and the functions of the Italian National Cybersecurity Agency (Agenzia per la Cybersicurezza Nazionale).
🔹 Day 2 brought a broader audience, as more participants from the ReSPA network joined. Bojana Bajić (ReSPA) joined Franziska and Gilles in addressing the group, stressing the importance of cooperation across institutions in the process of advancing cybersecurity capabilities and aligning normative frameworks with EU standards. Participants then heard from the National Cybersecurity Authority of Greece, explored digital competencies for public administration, and worked on designing cybersecurity training curricula for civil servants, IT staff, and managers.
🔹 On Day 3, the sessions will turn to national practices, with contributions from Serbia’s National Academy for Public Administration and the Civil Service Agency of Bosnia and Herzegovina, offering concrete models for embedding cybersecurity into public administration training systems.
Together with DCAF and ReSPA, and with the support of FCDO, this training strengthened the foundations for a more resilient public sector across the Western Balkans, aligned with the region’s needs and EU accession priorities.

Building relationships with regional institutions

Strengthening regional cybersecurity capacity starts with strong relationships. At Western Balkans Cyber Capacity Centre (WB3C), we prioritise working closely with our beneficiaries and stakeholders across the Western Balkans.
To that end, we continue our regional outreach, meeting our partners in person to better understand their priorities and explore opportunities for cooperation.
This time, our trainers Yannick Casse and Cyril C. visited Prishtina and Skopje, where they met with key counterparts from the Ministries of Interior and Justice. The visit highlighted concrete prospects for future collaboration.
Synergies were also identified with UNDP Kosovo* (OSINT, Dark Web training) and Home Affairs Programme of European Union (HAPE) in Kosovo*, further expanding the scope for joint work.
While the majority of WB3C training activities are delivered from our Podgorica Centre, we remain open to relocating select trainings across the region upon request.

Through this outreach, WB3C ensures its training offer remains flexible and tailored to the evolving needs of our beneficiaries across the region.