EU Legislation and Public Sector Standards for Cyber

09.09.2025

This week in Bar, Montenegro, DCAF - Geneva Centre for Security Sector Governance and Regional School of Public Administration (ReSPA) and Western Balkans Cyber Capacity Centre (WB3C) jointly delivered a three-day regional training on cybersecurity legislation and public-sector standards.
The event gathered representatives from across the Western Balkans’ public administrations — an opportunity to connect networks, exchange practices, and strengthen a common regional approach to cybersecurity capacity. The programme was funded by the UK's Foreign, Commonwealth and Development Office, with Melanie Moffat from the British Embassy Podgorica attending the training.

Day 1 opened with remarks from Franziska Klopfer (DCAF) and Gilles Schwoerer (Head of WB3C). In his opening address, Gilles underlined that WB3C is not just a centre in Podgorica, but a regional platform designed as a resource for the entire Western Balkans — built for the region, to be used by the region. The day continued with sessions on EU legislation and certification frameworks, including insights into Italy’s cybersecurity architecture and the functions of the Italian National Cybersecurity Agency (Agenzia per la Cybersicurezza Nazionale).
🔹 Day 2 brought a broader audience, as more participants from the ReSPA network joined. Bojana Bajić (ReSPA) joined Franziska and Gilles in addressing the group, stressing the importance of cooperation across institutions in the process of advancing cybersecurity capabilities and aligning normative frameworks with EU standards. Participants then heard from the National Cybersecurity Authority of Greece, explored digital competencies for public administration, and worked on designing cybersecurity training curricula for civil servants, IT staff, and managers.
🔹 On Day 3, the sessions will turn to national practices, with contributions from Serbia’s National Academy for Public Administration and the Civil Service Agency of Bosnia and Herzegovina, offering concrete models for embedding cybersecurity into public administration training systems.
Together with DCAF and ReSPA, and with the support of FCDO, this training strengthened the foundations for a more resilient public sector across the Western Balkans, aligned with the region’s needs and EU accession priorities.

Other news and events

Upcoming

Regional Conference on Foreign Information Manipulation and Interference and Disinformation

This regional conference intended for governments, media and civil society brings diverse perspectives on the growing hybrid threats of fake news, disinformation, manipulative and malign narratives that have the power to undermine democratic processes, trust in media and institutions and overal societal resilience and cohesion. Understanding, detecting, preventing, responding, debunking, investigating and prosecuting such manipulations will be the task of our panels, case studies and interactive exercises aimed at supporting governemnts and societies to tackle this challenge. The conference will feature 30 prominent speakers from the EU and the WB region from various departments, sectors and industries.

CTI for Critical Infrastructure Training Completed

Last week at WB3C, we wrapped up a four-day training on Cyber Threat Intelligence (CTI) focused on the energy sector and government infrastructure, led by Ljuban Petrovic.

Working with SOC, CSIRT and CERT teams from across the region, the training reinforced a simple point: CTI only matters when it informs decisions. When it helps prioritise. When it changes how teams prepare and respond.
The sectoral focus proved its value. Energy infrastructure comes with its own risk landscape, and the discussions reflected that reality—specific, operational, and directly relevant.

We are continuing this work in September, building on what started here.
Because strengthening resilience is not a one-off effort. It is something that develops over time, through practice, exchange, and trust.

What is Cyber Threat Intelligence (CTI) — and why does it matter?

Simply put, CTI is about turning information into insight, before a threat happens.

Not just collecting data on threats, but understanding who is behind them, how they operate, and what that means for your own systems.
Without that understanding, cybersecurity remains reactive. With it, organisations can anticipate, prioritise and respond with purpose.

Next week at WB3C, we will be running a four-day regional training on Cyber Threat Intelligence (CTI).
The training is designed for SOC, CSIRT and CERT teams, as well as IT professionals working within critical entities—specifically the energy sector. The choice is deliberate.

We are taking a sectoral approach to cybersecurity capacity building. Because threats are not abstract—they target specific systems, infrastructures and vulnerabilities. And the energy sector, as a backbone of economic and societal stability, requires tailored, operationally relevant skills that reflect its real risk landscape.
Over four days, participants will cover:
💡 understanding CTI in the context of critical infrastructure
💡 analysing threats and assessing their impact
💡 translating intelligence into actionable outputs

All week, we will be working closely with cybersecurity professionals from across the region’s energy sector—moving from concepts to application, and building capabilities that can directly support operational decision-making.
This is where CTI becomes operational. Protecting our energy infrastructure means protecting our economy, our security and our livelihood.

Image: Patrick https://lnkd.in/diYnZEgB