Events

Our 1-year Digital Forensics course for police investigators, prepared and delivered in conjunction with the Université de Technologie de Troyes, which started in February this year, is well underway. Session 4, which ran over the past two weeks (8-19 September) focused on hands-on acquisition, decoding and analysis of digital evidence in the forensic way: preserving originals and working on verifiable copies.

This time, we hosted Mickaël BUREAU, police officer with 25 years of experience, trained in forensics since 2013, and member of Office anti-cybercriminalité (OFAC) (Nanterre, near Paris). At OFAC, Mickaël supports judicial services with sealing, acquiring and analyzing data from computers, external drives, USBs, smartphones, tablets and more. He guided our group through professional tools that show not only how to extract and decode data, but why the decoded items appear as they do, supporting evidential integrity and use in court.

We have 16 participants on this course from across the Western Balkans’ law-enforcement communities. Head of WB3C Gilles Schwoerer explained the next steps in the journey towards obtaining internationally recognized professional license in digital forensics after the participants have successfully completed their final exam. 

The end of the session today was an opportunity to celebrate the birth of a son of one of our participants. Congratulations to the family!

Gilles Schwoerer, Head of WB3C, was invited by the Permanent Mission of Montenegro to the UN, OSCE and other International Organizations in Vienna to join virtually the September NATO Caucus sessions chaired by Montenegro, where he was able to contribute to the discussion with a presentation about our mission, activities and impact. We trust that this in-depth information was valuable for ambassadors and members of the Caucus and created an opportunity to discuss the role of the Centre in regional security.

Three days of intensive training (9-11 Sep 2025) on the protection of critical infrastructure wrapped up in Podgorica this week at the Western Balkans Cyber Capacity Centre (WB3C) premises. The training explored vulnerabilities of critical systems such as energy, transport, healthcare and water supply, and delivered practical sessions on risk management, ICS/OT security and incident response. This program brought together IT officers from across the Western Balkans public sector.
The highlight of the final day was a Capture the Flag (CTF) challenge, where participants applied the response skills in a competitive but collaborative setting. A special moment worth noting: first and third place went to women participants (from Albania and Kosovo*). This shows the strength of diverse teams and why we remain committed to encouraging more women in cybersecurity.
We thank our excellent partners Urad Vlade Republike Slovenije za informacijsko varnost (URSIV, Slovenia), Igor Kovač and Gregor Spagnolo for delivering such high-level expertise and engaging sessions.
The training closed with a certificate ceremony and closing remarks by Gilles Schwoerer, with lots of smiles, great vibes and a strong sense of community.

This week in Bar, Montenegro, DCAF - Geneva Centre for Security Sector Governance and Regional School of Public Administration (ReSPA) and Western Balkans Cyber Capacity Centre (WB3C) jointly delivered a three-day regional training on cybersecurity legislation and public-sector standards.
The event gathered representatives from across the Western Balkans’ public administrations — an opportunity to connect networks, exchange practices, and strengthen a common regional approach to cybersecurity capacity. The programme was funded by the UK's Foreign, Commonwealth and Development Office, with Melanie Moffat from the British Embassy Podgorica attending the training. 

Day 1 opened with remarks from Franziska Klopfer (DCAF) and Gilles Schwoerer (Head of WB3C). In his opening address, Gilles underlined that WB3C is not just a centre in Podgorica, but a regional platform designed as a resource for the entire Western Balkans — built for the region, to be used by the region. The day continued with sessions on EU legislation and certification frameworks, including insights into Italy’s cybersecurity architecture and the functions of the Italian National Cybersecurity Agency (Agenzia per la Cybersicurezza Nazionale).
🔹 Day 2 brought a broader audience, as more participants from the ReSPA network joined. Bojana Bajić (ReSPA) joined Franziska and Gilles in addressing the group, stressing the importance of cooperation across institutions in the process of advancing cybersecurity capabilities and aligning normative frameworks with EU standards. Participants then heard from the National Cybersecurity Authority of Greece, explored digital competencies for public administration, and worked on designing cybersecurity training curricula for civil servants, IT staff, and managers.
🔹 On Day 3, the sessions will turn to national practices, with contributions from Serbia’s National Academy for Public Administration and the Civil Service Agency of Bosnia and Herzegovina, offering concrete models for embedding cybersecurity into public administration training systems.
Together with DCAF and ReSPA, and with the support of FCDO, this training strengthened the foundations for a more resilient public sector across the Western Balkans, aligned with the region’s needs and EU accession priorities.

Strengthening regional cybersecurity capacity starts with strong relationships. At Western Balkans Cyber Capacity Centre (WB3C), we prioritise working closely with our beneficiaries and stakeholders across the Western Balkans.
To that end, we continue our regional outreach, meeting our partners in person to better understand their priorities and explore opportunities for cooperation.
This time, our trainers Yannick Casse and Cyril C. visited Prishtina and Skopje, where they met with key counterparts from the Ministries of Interior and Justice. The visit highlighted concrete prospects for future collaboration.
Synergies were also identified with UNDP Kosovo* (OSINT, Dark Web training) and Home Affairs Programme of European Union (HAPE) in Kosovo*, further expanding the scope for joint work.
While the majority of WB3C training activities are delivered from our Podgorica Centre, we remain open to relocating select trainings across the region upon request.

Through this outreach, WB3C ensures its training offer remains flexible and tailored to the evolving needs of our beneficiaries across the region.

Western Balkans Cyber Capacity Centre (WB3C) took part in a round table on “Critical Infrastructure as an Instrument of Soft Power” yesterday, organized by the NATO Council of Montenegro at the Science and Technology Park. The event gathered experts from government, academia, the private sector, and civil society to reflect on the political and strategic importance of critical infrastructure (CI) in national security and stability.

Opening remarks by Dr. Savo Kentera (President, Atlantic Council of Montenegro) and Prof. Dr. Zoran Keković (Director, Centre for Critical Infrastructure Resilience, Atlantic Council of Montenegro) set the tone by underlining that CI is more than a technical matter – it is a cornerstone of sovereignty and a geopolitical issue.

Key themes included:
-New regulatory framework – Montenegro’s new Information Security Law, aligned with NIS2, mandates key and important CI entities to be ISO 27001 certified. Implementation of the new regulatory framework presents a big challenge and it requires a multi-disciplinary approach and involvement of all actors.
-Prof. Keković outlined three major risks for CI: 1) disruption of goods and services, 2) vulnerability due to state dependence on infrastructure, and 3) soft power – those who control CI can project their power in different ways.

Sectoral perspectives: Contributions came from @Dušan Polović (Ministry of Public Administration), Ljuban Tmušić (Directorate for Protection and Rescue, Ministry of Interior), Ivan Stanković (Čikom), Saša Šćekić (Central Bank of Montenegro).

Representing WB3C, Vanja Madzgalj MBE presented the Centre’s progress toward becoming an international organization and announced that our Centre is already working on capacity building for critical infrastructure with two focused courses in September, developed with Urad Vlade Republike Slovenije za informacijsko varnost (URSIV) on 9-11 Sep and International Telecommunication Union (ITU) on 22-26 Sep, both aimed at IT professionals in CI entities. Towards the end of the year, we will also offer a simulation exercises for CI and will extend our current cooperation with Čikom. 

The round table also offered an opportunity to expand networks and explore future collaboration. Head of WB3C Gilles Schwoerer spoke with Savo Kentera about strong joint interest in strengthening CI in Montenegro and across the region. He also met with representatives of the health and maritime sectors who also constitute important pillars of CI. The conclusion of this discussion assured us that taking a sectoral approach is key to advancing critical infrastructure protection. By engaging each sector individually - energy, transport, finance, ICT, health and others, WB3C and its partners can address specific challenges, tailor training and exercises to operational realities, and ensure that solutions are both practical and sustainable.

WB3C participated in a roundtable on approaches to building sustainable cyber resilience in Montenegro, held as part of the GAME CHANGER Festival 2025 in Porto Montenegro, organized by Women4Cyber Montenegro.
The roundtable, titled “Cyber Capacity Building: Towards a Sustainable Digital Security in Montenegro”, brought together representatives from the public sector, academia and industry to explore long-term strategies for strengthening Montenegro’s cybersecurity ecosystem.

Representing the Centre, Senior Project Manager Vanja Madzgalj MBE contributed on behalf of WB3C, which works to advance cyber capacity across the Western Balkans through structured training, regional cooperation and strategic alignment with EU standards.

She emphasized that, beyond technical training and skills development, institutions must adopt a systemic approach to building cyber resilience. Cyber capacity building should be treated as a ChangeManagement process, especially within the public sector, with strong leadership support at every level and streamlined internal communication that promotes adoption of new technologies and new practices. Besides a robust and structured training plan, leadership and communication are essential for achieving sustainable capacity and resilience.

The roundtable gathered voices from the public sector, academia and industry, reflecting the need for cross-sector collaboration in strengthening Montenegro’s cyber ecosystem.
We thank Women4Cyber Montenegro and all participants for creating a space for meaningful dialogue and cooperation. The panel agreed that such cross-sector discussions should continue as they bring valuable insights into ways forward for securing lasting institutional capacity and resilience. 

On the margins of the CyberPulse 2025 conference hosted by the Regional Cooperation Council (RCC) jointly with Western Balkans Cyber Capacity Centre, DG ENEST convened its regular Donor Coordination Meeting.

The meeting gathered senior officials, donors, beneficiaries, international organizations and regional experts to align cyber capacity-building efforts in the Western Balkans, ensuring that support is coordinated, complementary and responsive to regional needs.

Key Highlights

• Launch of the IISG Cybersecurity Database – a new mapping tool that identifies ongoing projects, donor contributions and unmet needs in the region. The database will serve as a practical resource for avoiding duplication and guiding the allocation of resources.
• Priority alignment – open exchanges between donors and beneficiaries helped to harmonize priorities and optimize international support across key areas such as cybersecurity, cybercrime and cyber diplomacy.
• Strategic coordination – participants emphasized the need for regular use of the IISG Cybersecurity Database to track initiatives, identify gaps and ensure that new projects respond to real needs.

Way Forward

• Donor monitoring: keep track of active contributors (EU, Council of Europe, OSCE, USA, the Netherlands and others) and their respective areas of intervention.
• Internal follow-up: establish a register of donor projects based on the IISG Database and synchronize future initiatives with RCC and WB3C coordination efforts.
• Visibility and synergies: ensure WB3C projects are included in the IISG Database to enhance regional cooperation.

The Donor Coordination Meeting underlined the importance of structured collaboration and transparency, setting the stage for stronger, better aligned and more impactful cyber capacity-building initiatives in the Western Balkans.

Following the broader Donor Coordination Meeting, DG ENEST convened a focused session with leading implementing partners in the region—including WB3C, ENISA, the e-Governance Academy, the Council of Europe and RCC—to explore how to maximize impact through closer collaboration and coordination. WB3C used this opportunity to present its comprehensive multi-year training programme across its three pillars, several of which are delivered jointly with partners. In parallel, WB3C is leading ongoing negotiations with DG ENEST on funding our regional programmes, reinforcing our role as a central hub for cyber capacity building in the Western Balkans.

The High-Level Western Balkans Cybersecurity Conference – CyberPulse 2025: Tracking Progress, Building Resilience, Driving Change – gathered government representatives, EU institutions, regional organizations, cybersecurity experts and private sector leaders to address the growing cyber threat landscape in the Western Balkans.

CyberPulse 2025 focused on three priorities:

• addressing current gaps in regional cyber capacities,
• exploring the role of emerging technologies, and
• operationalising joint initiatives and partnerships.

Opening Remarks

The conference opened with high-level messages of commitment to regional cyber resilience:

• Amer Kapetanović, Secretary General of the RCC, highlighted the sharp rise in cyber incidents and stressed that trust, political will and coordinated regional action are the strongest “firewall” against threats. He also announced the development of the new regional cybersecurity needs database.
• Filip Ivanović, Deputy Prime Minister of Montenegro for Foreign and European Affairs, emphasized Montenegro’s adoption of European cybersecurity standards and its vision of a secure, resilient digital future as part of EU integration.
• Michael Docherty, speaking on behalf of the European Commission Delegation, reaffirmed EU support for the region through initiatives with ENISA and the Council of Europe, underlining that cybersecurity is now a central element of the EU Growth Plan for the Western Balkans.
• Gilles Schwoerer, Head of WB3C, noted that while digital transformation offers many opportunities, it also expands the attack surface, underscoring the urgent need for secure digital pathways and collective resilience.

Conference Panels

• High-Level Panel: Stronger Connectivity, Smarter Security, Resilient Future (moderated by Danijela Gačević, Head of the Programme Department, RCC)
  Senior government representatives from the region exchanged views on national priorities, institutional capacities, and EU integration in the field of cybersecurity.
  • Governments stressed the shortage of cybersecurity professionals as a critical challenge.
  • Kosovo*’s representative emphasized dependence on external consultants and the need to train public servants internally.
  • Montenegro focused on intersectoral cooperation and the role of NATO and EU support.

  • North Macedonia presented its new Ministry for Digital Transformation and its national cybersecurity strategy.

    Panelists:

  • Bardhyl Dobra – Deputy Minister of Internal Affairs, Pristina
  • Naim Gjokaj – State Secretary, Ministry of Public Administration, Podgorica

  • Radoslav Nastasijevikj Vardjiski – Deputy Minister for Digital Transformation, Skopje

     

• Navigating Cyber Threats in the Western Balkans: The Evolving Role of AI and Emerging Technologies (moderated by Mirza Jamaković, Prosecutor's Office Sarajevo)
  Experts from Europol, law enforcement, and the private sector discussed the opportunities and risks of AI, from forensic tools to the misuse of generative AI by organized crime groups.
  • Europol described using machine learning to analyze millions of data points in criminal investigations.
  • Concerns raised about organized crime groups developing their own AI tools, including large language models, for cybercrime.
  • Calls for explainable and transparent AI outcomes in cybersecurity decision-making.

  • Oracle warned against uploading confidential data into public AI tools, stressing regulatory gaps.

    Panelists:

  • Emmanuel Kessler – Europol
  • Jelena Zelenović Matone – WomenCyberForce / Women4Cyber
  • Nenad Bogunović – Cybercrime Unit, Belgrade

  • Amar Dedović – Oracle

     

• Empowering Talent: Skill-Building for the Future in the Western Balkans (moderated by Andreja Mihailović, Women4Cyber Montenegro)
  The session focused on education, workforce shortages, women’s participation in cybersecurity, and ways to redirect youth talent from informal digital activities to formal opportunities.
  • Highlighted that women’s participation in cybersecurity remains below 20% in the Western Balkans.
  • Croatia shared progress from 30% to 52% female participation in the UN Cybersecurity Working Group between 2019 and 2024.
  • Albania’s Cybersecurity Agency argued for education reform starting at primary school.

  • Open Society Foundation raised concerns about youth involvement in grey/illegal digital activities, calling for redirection into formal sectors.

    Panelists:

  • Tamara Tafra – Deputy Minister of Foreign and European Affairs, Zagreb
  • Igli Tafa – Director, National Cybersecurity Agency, Tirana
  • Andi Dobrushi – Open Society Foundation

  • Fabio di Franco – ENISA

     

• Integrating Experience and Strategy: A Multisector Dialogue on SOC Advancement (moderated by Vanja Madžgalj, WB3C)
  Panelists shared good practices for building and operating Security Operations Centres, stressing the importance of policy alignment, inter-sectoral cooperation and trust-building between public and private actors.
• Albania’s national experience showed that the 2022 cyberattack became a catalyst for building SOC capacity and adopting “zero trust” and defense-in-depth strategies.
• Differences between public and private sector approaches to threat intelligence were emphasized, with trust and data-sharing seen as barriers for public institutions.

• North Macedonia introduced a new law placing the Ministry for Digital Transformation as the central cybersecurity authority.

  Panelists:

  • Franc Zyliftari – Head of Incident Response Team, Tirana
  • Philippe Gillet – Gatewatcher, Paris

  • Aleksandar Acev – Cyber Balkans, Skopje

     

• Sectors United Against Cyber Threats: Building Bridges Across Sectors (Milan Sekuloski, e-Governance Academy, Tallinn)
  This discussion brought together public institutions, civil society, academia, and the private sector, highlighting how multi-stakeholder collaboration is essential to strengthening regional resilience.
  • Pristina shared good practices in bringing all relevant actors together regularly on critical infrastructure protection.
  • Civil society organizations were recognized as important but vulnerable actors requiring targeted cyber hygiene tools and support.
  • SMEs were highlighted as particularly exposed, requiring systemic support from the public sector.

  • The EBRD linked its investment strategy to cybersecurity, showing that infrastructure projects cannot be sustainable without integrated cyber risk management.

    Panelists:

  • Lulezon Jagxhiu – Prime Minister’s Cabinet, Pristina
  • Predrag Puharić – Cybersecurity Centre of Excellence, Sarajevo
  • Ivona Dabetić – NGO Secure, Podgorica
  • Roy Yarom – European Bank for Reconstruction and Development (EBRD)

The conference concluded that cybersecurity in the Western Balkans can no longer be treated as a purely technical issue but must be recognized as a strategic priority, requiring long-term cooperation, sustained investment and coordinated regional action.