×

Protection of Critical Information Infrastructure

22.09.2025

Image for Protection of Critical Information Infrastructure

Today, Western Balkans Cyber Capacity Centre (WB3C) kicks off a four-day training with International Telecommunication Union on Critical Information Infrastructure Protection (CIIP) and MISP platform for participants across the Western Balkans, joined this round by colleagues from Georgia and Ukraine. 

What we cover and why it matters: we start by CIIP fundamentals - how critical services interconnect, the evolving threat landscape, national-level risk management and incident response - so policies and guidelines rest on shared concepts.

We then turn from theory to practice through an interactive exercise on identifying and designating CII across sectors, comparing approaches and criteria country by country to understand what actually works. 

The rest of the training is hands-on with MISP. Participants will:
-Turn real threats into clear, structured intel.
-Create events, then add context and details to enrich them.
-Link activity to MITRE ATT&CK so teams speak the same language.

Finally, we cover automation: set up feeds, sync across MISP servers, export to detection tools and script routine tasks - so teams leave with repeatable workflows and a MISP setup they can run at home.

The goal: shared methods, practical tooling and an exchange of experience from each country that strengthens regional resilience. 

Valentina Stadnic, Program Officer at the ITU Office for Europe, Orhan Osmani Head of Cybersecurity Division at ITU and Gilles Schwoerer, Head of WB3C welcomed the participants while Tadas Jakstas, PhD, CIIP Expert, led the training on Day 1 and 2, while Ján Skalný, expert from the SK-CERT, led the training on Days 3 and 4 on using the MISP platform.  

 

Other news and events
Image for Certified Data Protection Officer training,
Certified Data Protection Officer training,

This week, 26-28 May 2026, we organized the Certified Data Protection Officer training, a three-day regional programme for public servants involved in the implementation, supervision and monitoring of data protection measures across governmental and public sector institutions.

Data protection is a key part of digital trust. As public services become more digital and interconnected, institutions need the capacity to protect personal data, strengthen compliance, and ensure that citizens’ rights are respected in practice.

For the Western Balkans, this training is especially relevant. Strong data protection frameworks support better public administration, safer digital services, responsible data use and closer alignment with European standards. They also help institutions move beyond formal compliance and towards a more practical, people-centred approach to privacy and accountability.

Over the next three days, participants will work through the key pillars of data protection practice:

Organisational governance — understanding roles, responsibilities and internal accountability
Customer-centric compliance — applying data protection principles in services and institutional processes
People-focused rights and responsibilities — strengthening the protection of individuals and supporting responsible decision-making

The course combines theory with practical exercises, peer exchange, group work and interactive simulations. Participants will work in small groups using a mock organisation aligned with their institutional context, allowing them to apply lessons to realistic public-sector scenarios.

The training is also designed as a certification programme, with short daily quizzes and final certification based on the average score across all three days.

By investing in Data Protection Officer capacities, WB3C is supporting the development of a stronger regional professional network — one that can help institutions protect personal data, build public trust and embed data protection into everyday governance. Big thank you to our trainers Blerta Xhako, Stella Manga Chesnay and Stefano Leucci.

Read More
Image for Curtesy Visit by the Norwegian Ministry of Foreign Affairs
Curtesy Visit by the Norwegian Ministry of Foreign Affairs

WB3C pleased to welcome a delegation of the Kingdom of Norway for a courtesy visit and exchange on possible areas of future cooperation.
The visit was an opportunity to present WB3C’s work as a regional platform for cybersecurity, cybercrime and cyber diplomacy, and to discuss how practical capacity-building can support resilience, institutional cooperation and the European path of the Western Balkans.
We were honoured to receive Mr Eirik Nestås Mathisen, Special Envoy for the Western Balkans at the Norwegian Ministry of Foreign Affairs, together with Ms Anita Krokan, Special Adviser at the Norwegian Ministry of Foreign Affairs, Colonel Dag-Magne Lunde, Defence Attaché of the Kingdom of Norway, Mrs. Ingrid Vik from the Norwegian NGO UTSYN and Mr Rajko Radevic, Adviser at the Norwegian Ministry of Defence, who were welcome by our programme lead Gilles Schwoerer.
Norway has long been a valued partner to the region, with a strong understanding of security, governance and resilience challenges in the Western Balkans. We look forward to continuing the dialogue and exploring concrete ways to work together in the period ahead.

Read More
Image for Enhancing Cyber Resilience Across Critical Sectors through NIS2 Alignment
Enhancing Cyber Resilience Across Critical Sectors through NIS2 Alignment

Today, we are launching a four-day regional training on Enhancing Cyber Resilience Across Critical Sectors through NIS2 Alignment, organised in cooperation with the The World Bank Group.
The training brings together regional representatives working across government, regulation, cybersecurity, critical infrastructure and policy. Over the next four days, participants will explore what NIS2 alignment means in practice for the Western Balkans, and how stronger cyber governance can help protect the critical services our societies rely on, from energy and telecommunications to transport, water, health and public administration.
This is especially relevant for our region. Cyber incidents do not stop at borders, and neither do the systems, services and supply chains that connect us. Building resilience requires clear institutional roles, practical incident reporting mechanisms, proportionate supervision, stronger risk management and better regional coordination.
The training will focus on practical policy choices and implementation challenges, including:
• identifying essential and important entities
• strengthening governance and accountability
• designing incident reporting and coordination pathways
• understanding supervision and enforcement approaches
• addressing supply-chain risk
• developing realistic implementation roadmaps
By the end of the training, participants will work towards concrete outputs, including national choices maps, incident coordination diagrams, supervisory capability gap lists and 24-month roadmaps for priority technical assistance and investment needs.
Through this cooperation, WB3C and the World Bank Group are supporting regional efforts to move from awareness to implementation, helping institutions make informed decisions, align with European cybersecurity standards and strengthen resilience across critical sectors.
The training is led by Mladen Bukilic, SOC Manager and CISO at Čikom, Montenegro and Vincent Desroches of EU4CYBER.

Read More

Follow us on social media:

Copyright © WB3C

Disclaimer: Translations of the original content written in English into other languages are AI generated by Weglot.