Events

Last week at WB3C, we wrapped up a four-day training on Cyber Threat Intelligence (CTI) focused on the energy sector and government infrastructure, led by Ljuban Petrovic.

Working with SOC, CSIRT and CERT teams from across the region, the training reinforced a simple point: CTI only matters when it informs decisions. When it helps prioritise. When it changes how teams prepare and respond.
The sectoral focus proved its value. Energy infrastructure comes with its own risk landscape, and the discussions reflected that reality—specific, operational, and directly relevant.

We are continuing this work in September, building on what started here.
Because strengthening resilience is not a one-off effort. It is something that develops over time, through practice, exchange, and trust. 

Simply put, CTI is about turning information into insight, before a threat happens.

Not just collecting data on threats, but understanding who is behind them, how they operate, and what that means for your own systems.
Without that understanding, cybersecurity remains reactive. With it, organisations can anticipate, prioritise and respond with purpose.

Next week at WB3C, we will be running a four-day regional training on Cyber Threat Intelligence (CTI).
The training is designed for SOC, CSIRT and CERT teams, as well as IT professionals working within critical entities—specifically the energy sector. The choice is deliberate.

We are taking a sectoral approach to cybersecurity capacity building. Because threats are not abstract—they target specific systems, infrastructures and vulnerabilities. And the energy sector, as a backbone of economic and societal stability, requires tailored, operationally relevant skills that reflect its real risk landscape.
Over four days, participants will cover:
💡 understanding CTI in the context of critical infrastructure
💡 analysing threats and assessing their impact
💡 translating intelligence into actionable outputs

All week, we will be working closely with cybersecurity professionals from across the region’s energy sector—moving from concepts to application, and building capabilities that can directly support operational decision-making.
This is where CTI becomes operational. Protecting our energy infrastructure means protecting our economy, our security and our livelihood.

Image: Patrick https://lnkd.in/diYnZEgB

Day 3 was dedicated to direct engagement with industry.
The WB3C delegation attended presentations by leading cybersecurity companies, including Alcyconie, Sekoia.io and GATEWATCHER, gaining insight into practical solutions and operational approaches to current cyber threats.
The day continued with a hands-on workshop by Alcyconie focused on crisis management, built around a real-life scenario. Members of the delegation took part in the exercise, working through response coordination and decision-making in a simulated incident environment. There was a number of informal meetings with numerous industry representatives around the event venue.

Today, the Western Balkans Cyber Capacity Centre (WB3C) team also met with the organisers of the Forum INCYBER (FIC) to advance discussions on bringing a similar event to Podgorica this June. The meeting focused on shaping the concept, format and partnerships of what would become the first cybersecurity industry forum of this kind in the Western Balkans, formally linked to the InCyber network.

A highly productive and valuable study visit to Lille.

Western Balkans delegation had a productive day at the cybersecurity industry fair in Lille. First, they participated in a panel discussion dedicated to the topic of cybersecurity of critical infrastructure. The discussion highlighted regional experiences, key challenges and priorities in protecting critical entities while opening a direct exchange with European counterparts and exchanging views on emerging issues in critical infrastructure protection.
There was a strong interest from the audience which led to a lively discussion, opening numerous related questions. 
The panel ensured that perspectives from the region are part of the broader cybersecurity conversation and that the region receives visibility in one of the leading European industry events. 

The afternoon was reserved for attending presentations by a selected number of cybersecurity companies, followed by targeted B2B meet-ups. These meetings enabled direct introductions, exchange of practical solutions, and exploration of potential cooperation with industry partners.

Today was an excellent day for creating concrete opportunities for future cooperation and partnership development.
https://lnkd.in/dcAg6kcR

Photo credit: Forum INCYBER (FIC)

For the second year in a row, WB3C is organizing a regional study visit to Lille, where the Forum INCYBER (FIC) 2026 is taking place — one of Europe’s leading cybersecurity events and a key meeting point for public authorities, critical infrastructure operators, industry leaders and cybersecurity experts shaping the continent’s digital security agenda.
Our delegation has arrived today to take part in this three-day forum, engaging in discussions, exchanges, and partnership-building with European counterparts.
Beyond participation, this visit carries a forward-looking objective. Throughout the Forum, the delegation — led by Gilles Schwoerer and Maja Miranovic — will engage in a series of conversations on bringing a similar industry event to Podgorica this summer, marking the launch of the first industry event of this kind in the Western Balkans.
Our regional delegation brings together representatives from across institutions including national cybersecurity authorities, critical infrastructure, private sector and regional organizations: 

• Samir Orahovac, Acting Director of National Cyber Security Agency of Montenegro;
• Jovan Kljajić, President of a Council of National Cyber Security Agency of Montenegro;
• Spasoje Zecevic, Infrastructure Manager at Science-Technology Park, Montenegro;
• Dragan Radulović, President of Association of Security Managers of Montenegro and incoming President of South-East Europe Association;
• Metodi Hadјi Janev, Cybersecurity Solutions Strategist at CDRF Global & Professor at Military Academy, Skopje, North Macedonia;
• Predrag Puharic, CEO at Cyber Security Excellence Centre and Vice Mayor of Sarajevo, Bosnia and Hercegovina;
• Mladen Bukilic, CISO / SOC Manager at Cikom
• Tanja Maraš, Expert on Digital Connectivity at Regional Cooperation Council (RCC), Bosnia and Hercegovina. 

During the Forum, WB3C will also contribute through a dedicated panel focused on the cybersecurity of critical infrastructure, ensuring that regional perspectives are part of the broader European conversation.

Last week, in cooperation with EU4FAST, WB3C delivered a second four-day regional training under the Cybercrime pillar aimed to strengthen the foundations of criminal investigations involving online and digitally enabled crimes. 
The training was dedicated to police investigators and prosecutors from the region, focusing strongly not only on technical skills, but also on strengthening cooperation between these two functions within the criminal justice system. 
As cybercrime cases increasingly rely on complex digital evidence, effective case-building depends on early and continuous coordination between those who investigate and those who prosecute. Bringing these two communities together in a single training environment is therefore a deliberate approach aimed at improving mutual understanding, aligning methodologies, and ultimately strengthening the overall quality of criminal proceedings.
The programme was structured around three core components:
• Typologies of cyber and cyber-enabled crime
• OSINT and dark web investigations
• Cryptocurrencies and blockchain in criminal investigations 

The course combined theory and practical exercises, prompting the participants to work together through shared challenges and better understand each other’s roles in handling digital evidence. The training was delivered by delivered by WB3C’s in-house trainers Yannick Casse and Cyril C. 
The multi-donor action "EU Support to Strengthen the Fight against Migrant Smuggling and Trafficking in Human Beings in the Western Balkans” (EU4FAST) is implemented by a consortium of partners: the Deutsche Gesellschaft für Internationale Zusammenarbeit (GIZ), the Austrian Ministry of Interior, the German Federal Police (Bundespolizei), the Dutch Center for International Legal Cooperation (CILC), the international technical cooperation operator of the French Ministry of the Interior CIVIPOL, the Croatian Ministry of the Interior, the Italian Ministry of the Interior and the Slovenian Ministry of the Interior.

Gilles Schwoerer represented WB3C this week in Prague at the International Telecommunication Union's (ITU) Regional Development Forum for Europe, hosted by the Czech Ministry of Industry and Trade.
In a session on Partner2Connect matchmaking, the focus was clear: how to better align countries’ needs with partners’ expertise and investment to accelerate digital development.
Bringing together diverse voices across governments, industry, academia and international organisations, the discussion moved towards a more practical question—how to turn cooperation into concrete, measurable results.

The panel brought together a strong cross-sector group of experts spanning technology, digitalisation and cybersecurity:

Mr. David Vicente Ninou, Director, Andorra Digital, Andorra
Mr. Amb. Janis Karklins, Head of Government and International Organization Engagement, ICANN
Mr. Gilles Schwoerer, Head of WB3C, Montenegro
Mr. Boris Radanović, Head of International Development, SWGfL, United Kingdom
Mr. Per Fröjdh, VP International Standards, Ericsson
Prof. Volodymyr Shulha, Rector, State University of Information and Communication Technologies, Ukraine

For WB3C, this forum was a great opportunity to showcase our work focused on translating priorities into operational capacity and regional impact.
We are grateful that, as a result of this forum, WB3C’s cybersecurity contribution is now included among the official submissions to the ITU Regional Development Forum for Europe—opening further space for partnership and delivery.

Building on last year’s work on EU legislation and public-sector cybersecurity standards, we continued the conversation this week — but moved it one step further.
This regional training brought together institutions in the region responsible for training public servants, with a clear focus: how do we translate standards into practice?
Participants explored emerging trends, but more importantly, worked through how to design and deliver cybersecurity curricula that actually respond to today’s risks — grounded in real case studies from both the EU and the region, and shaped by peer exchange.
What made this edition different was its depth. With a more technical focus, and under the guidance of Mladen Bukilic Head of Čikom's Security Operations Centre, the discussions moved closer to operational realities — from frameworks to implementation.
The participants were welcomed by the partnership teams representatives Bojana Bajić (Regional School of Public Administration), Sokol Haxhiu (DCAF - Geneva Centre for Security Sector Governance) and Gilles Schwoerer (Western Balkans Cyber Capacity Centre (WB3C)), reaffirming a shared commitment to strengthening institutional capacity across the region.

There are many initiatives across the Western Balkans focused on building capacity in cybersecurity — but how can donors work more closely together to use resources more efficiently and maximise impact? And how do we ensure that training and learning are translated into real operational capability?
At the same time, how can the Integrative Internal Security Governance (IISG) mechanism, coordinated by Regional Cooperation Council (RCC), for mapping regional needs and ongoing support be strengthened to enable more tailored, targeted capacity building?
These were the key questions guiding today’s discussion at the WB3C, where we hosted colleagues from the IISG Secretariat — AGRON SOJATI, Ibrahim Begic and Ajsa Buko-Durmić — as part of their mission to Montenegro.
The conversation focused on how to take the existing needs assessment further — towards a more detailed and actionable mapping of institutional needs, closely linked to national strategic priorities and aligned with EU requirements. 
We look forward to continuing our strong cooperation with RCC and IISG in taking these ideas forward and translating them into concrete, coordinated action for the region.