Training for police investigators, prosecutors and judges

In the digital age, cybercrime has emerged as a significant global challenge, particularly pronounced in regions like the Western Balkans, where rapid technological advances outpace the development of corresponding legal and security frameworks. As cyber threats evolve in complexity and scale, law enforcement agencies must adapt swiftly to safeguard national security, economic interests, and public trust. The "Cybercrime for Law Enforcement" course, designed by the Western Balkans Cyber Capacity Centre (WB3C), aims to fortify the region's defenses by enhancing the capabilities of police investigators, prosecutors, and judges in handling cybercrime.

Context and Need for Specialized Training The digital environment presents a fertile ground for various cybercriminal activities, ranging from financial fraud and data breaches to cyberterrorism and espionage. These crimes not only disrupt individual lives but also threaten the stability and security of states. In the Western Balkans, where digital transformation is accelerating, there is a pressing need for comprehensive cybercrime legislation and skilled law enforcement personnel adept at navigating the complexities of the cyber space.

Course Overview This intensive two-week course is split into two phases:

1. Week 1: Theoretical Foundations

• Internet and Digital Environment Basics: (Protocols-Domains Names-IP) Understanding the foundational elements of the internet and digital communications.
• OSINT and Cyber Infiltration: Delving into the technical protocols that govern data transmission and how to utilize open-source intelligence for investigations.
• Surface Web/Deep Web/Dark Web: Exploring the hidden layers of the internet that serve as hubs for illegal activities. CEO frauds, Falses documents, cyberstalking, cyberbullying, hate online and all online trafficking(weapons, drugs, people trafficking).
• Cryptocurrency: Studying the use of digital currencies in cybercrime, focusing on tracking and tracing transactions (blockchain, money laundering)

2. Week 2: Practical Skills and Real-World Application

• Table Top Exercises: Engaging in scenario-based training to simulate cybercrime investigations, emphasizing real-time decision-making and interagency cooperation.
• Collaborative Training: Facilitating joint training sessions for investigators and prosecutors to foster seamless cooperation and understanding of each role in dealing with the offences they face.

Importance of the Training This training is critical in building a resilient cybersecurity posture within the Western Balkans. By equipping law enforcement professionals with the necessary skills and knowledge, the course aims to enhance the effectiveness of the region's response to cyber incidents. The collaborative aspect of the training reflects the real-world necessity for cross-disciplinary coordination among various law enforcement branches, ensuring that cybercrime is addressed swiftly and efficiently.

Ultimately, the "Cybercrime for Law Enforcement" not only raises the standard of professional expertise in handling cyber incidents but also plays a pivotal role in the broader context of national and regional security strategies. It is a key component in the Western Balkans' ongoing efforts to build a robust framework capable of combating the evolving landscape of cyber threats.

Enhancing cybersecurity proficiancy of Western Balkans administrations

The training series developed in cooperation with the Netherlands' Ministry of Foreign Affairs and the National Cyber Security Centre consists of three integral parts, each designed to enhance different aspects of cybersecurity proficiency among participants from the Western Balkans within the context of Critical Infrastructures (CI) and Critical Information Infrastructures (CII). Participants will gain critical theoretical knowledge, practical skills, and awareness necessary to address the evolving challenges in cybersecurity.

1. Operational Technology

Duration: 1,5 days

This segment focuses on the specific security needs related to operational technology (OT), which is increasingly targeted in cyberattacks due to its critical role in controlling physical processes in industries like manufacturing, energy and utilities. The training aims to strengthen skills in protecting and securing OT environments from potential cyber threats.

*Focus on the integration and protection of operational technology within cybersecurity framework.

*Explore dependencies and the impact of cascading risks in operational settings.

*Practical sessions on developing resilient strategies and responses to cyber threats in operational technologies.

2. Cyber Resilient Ecosystems

Duration: 1,5 days

Participants will learn how to build and maintain cyber-resilient ecosystems that can withstand and quickly recover from cyber incidents. This part of the training emphasizes the importance of resilience planning and strategies to ensure continuity and reliability in the face of cyber disruptions.

•  Innovative approaches to ecosystemic-thinking in cybersecurity.
• Lessons from natural ecosystems applied to cyber challenges to foster robust public-private partnerships and strengthen regional cyber resilience.
• Hands-on exercises for mapping and establishing cyber resilient ecosystems for organisations, specific regions like industrial areas, harbors, airports, or targeted sectors.

3. Critical Information Infrastructure Protection

Duration: 1 day

This training focuses on protecting critical information infrastructure, which is essential for the functioning of a society and economy. Topics include risk assessment, protection strategies and the implementation of security measures designed to protect vital digital assets and services from cyber threats.

•  Essential insights into the relationship between CI and CII under cybersecurity perspectives.
• Detailed discussion on the needs for protection amid a continuously changing cyber environment.
• Focus on four key areas: Understanding CI and CII, Asset management, and building secure communities.
• Practical exercises aimed at developing comprehensive strategies for protecting critical information infrastructure.

In partnership with the University of Technology of Troyes (UTT), WB3C launches a one‑year academic diploma course focused on practical cybersecurity skills for the Western Balkans. This course, worth 60 ECTS, may lead to a Bachelor’s degree following UTT’s validation of candidates’ prior credits (at least 120 ECTS). This course is primarily intended for early career professionals in the public sector and critical infrastructure, as well as for 3rd/4th year students or master degree students in information technology or closely related fields.  Eligible candidates are also those holding internationally recognized certificates in IT or cybersecurity even if they do not have a degree in IT or related field. 

Why this program

Cyber and cyber‑enabled crimes, systemic digital risks, and skills shortages require rapid upskilling. This diploma course develops practitioners who can secure systems and networks, detect and respond to incidents, and work within EU legal and regulatory frameworks.

Outcomes

• Operate and secure IT systems and networks
• Apply cryptography and data protection
• Develop and audit secure software
• Detect, investigate, and respond to incidents
• Navigate EU law, regulation and ethics

Target Roles

Students who successfully complete this course may be eligible for the following junior roles:  Security administrator, SOC analyst, junior penetration tester, digital forensic technician, cybersecurity auditor.

About the course:

DURATION:  1 academic year or 10 weeks of classroom instruction across 2026

METHODS: Lectures, labs, case studies, Capture‑the‑Flag (CTF) exercise

ASSESSMENT: Continuous assessment, supervised project defense, internship report

WORKING LANGUAGE: English

LOCATION: WB3C Podgorica, Montenegro

Download the brochure below for more details.