Training for police investigators, prosecutors and judges

In the digital age, cybercrime has emerged as a significant global challenge, particularly pronounced in regions like the Western Balkans, where rapid technological advances outpace the development of corresponding legal and security frameworks. As cyber threats evolve in complexity and scale, law enforcement agencies must adapt swiftly to safeguard national security, economic interests, and public trust. The "Cybercrime for Law Enforcement" course, designed by the Western Balkans Cyber Capacity Centre (WB3C), aims to fortify the region's defenses by enhancing the capabilities of police investigators, prosecutors, and judges in handling cybercrime.

Context and Need for Specialized Training The digital environment presents a fertile ground for various cybercriminal activities, ranging from financial fraud and data breaches to cyberterrorism and espionage. These crimes not only disrupt individual lives but also threaten the stability and security of states. In the Western Balkans, where digital transformation is accelerating, there is a pressing need for comprehensive cybercrime legislation and skilled law enforcement personnel adept at navigating the complexities of the cyber space.

Course Overview This intensive two-week course is split into two phases:

1. Week 1: Theoretical Foundations

• Internet and Digital Environment Basics: (Protocols-Domains Names-IP) Understanding the foundational elements of the internet and digital communications.
• OSINT and Cyber Infiltration: Delving into the technical protocols that govern data transmission and how to utilize open-source intelligence for investigations.
• Surface Web/Deep Web/Dark Web: Exploring the hidden layers of the internet that serve as hubs for illegal activities. CEO frauds, Falses documents, cyberstalking, cyberbullying, hate online and all online trafficking(weapons, drugs, people trafficking).
• Cryptocurrency: Studying the use of digital currencies in cybercrime, focusing on tracking and tracing transactions (blockchain, money laundering)

2. Week 2: Practical Skills and Real-World Application

• Table Top Exercises: Engaging in scenario-based training to simulate cybercrime investigations, emphasizing real-time decision-making and interagency cooperation.
• Collaborative Training: Facilitating joint training sessions for investigators and prosecutors to foster seamless cooperation and understanding of each role in dealing with the offences they face.

Importance of the Training This training is critical in building a resilient cybersecurity posture within the Western Balkans. By equipping law enforcement professionals with the necessary skills and knowledge, the course aims to enhance the effectiveness of the region's response to cyber incidents. The collaborative aspect of the training reflects the real-world necessity for cross-disciplinary coordination among various law enforcement branches, ensuring that cybercrime is addressed swiftly and efficiently.

Ultimately, the "Cybercrime for Law Enforcement" not only raises the standard of professional expertise in handling cyber incidents but also plays a pivotal role in the broader context of national and regional security strategies. It is a key component in the Western Balkans' ongoing efforts to build a robust framework capable of combating the evolving landscape of cyber threats.

Enhancing cybersecurity proficiancy of Western Balkans administrations

The training series developed in cooperation with the Netherlands' Ministry of Foreign Affairs and the National Cyber Security Centre consists of three integral parts, each designed to enhance different aspects of cybersecurity proficiency among participants from the Western Balkans within the context of Critical Infrastructures (CI) and Critical Information Infrastructures (CII). Participants will gain critical theoretical knowledge, practical skills, and awareness necessary to address the evolving challenges in cybersecurity.

1. Operational Technology

Duration: 1,5 days

This segment focuses on the specific security needs related to operational technology (OT), which is increasingly targeted in cyberattacks due to its critical role in controlling physical processes in industries like manufacturing, energy and utilities. The training aims to strengthen skills in protecting and securing OT environments from potential cyber threats.

*Focus on the integration and protection of operational technology within cybersecurity framework.

*Explore dependencies and the impact of cascading risks in operational settings.

*Practical sessions on developing resilient strategies and responses to cyber threats in operational technologies.

2. Cyber Resilient Ecosystems

Duration: 1,5 days

Participants will learn how to build and maintain cyber-resilient ecosystems that can withstand and quickly recover from cyber incidents. This part of the training emphasizes the importance of resilience planning and strategies to ensure continuity and reliability in the face of cyber disruptions.

•  Innovative approaches to ecosystemic-thinking in cybersecurity.
• Lessons from natural ecosystems applied to cyber challenges to foster robust public-private partnerships and strengthen regional cyber resilience.
• Hands-on exercises for mapping and establishing cyber resilient ecosystems for organisations, specific regions like industrial areas, harbors, airports, or targeted sectors.

3. Critical Information Infrastructure Protection

Duration: 1 day

This training focuses on protecting critical information infrastructure, which is essential for the functioning of a society and economy. Topics include risk assessment, protection strategies and the implementation of security measures designed to protect vital digital assets and services from cyber threats.

•  Essential insights into the relationship between CI and CII under cybersecurity perspectives.
• Detailed discussion on the needs for protection amid a continuously changing cyber environment.
• Focus on four key areas: Understanding CI and CII, Asset management, and building secure communities.
• Practical exercises aimed at developing comprehensive strategies for protecting critical information infrastructure.

Training of trainers for senior officials in WB6 Public administrations

Cyber Hygiene for Civil Servants programme is an initiative delivered jointly by WB3C and Regional School of Public Administration (ReSPA). This training programme is designed to empower senior-level public officials with the knowledge and skills required to educate their peers about cyber hygiene within their respective public administrations and by cascading knowledge, to enhance the overall cyber resilience of the region.

Course Overview:

The training spans three days and is structured to blend theoretical knowledge with practical exercises:

Day 1: Educational Skills Modules

Focus on outcome-based education, teaching preparation and teaching methods and techniques. This foundational day equips participants with the educational principles necessary to effectively transfer knowledge.

Day 2: Cyber Hygiene for Users

Dives into the objectives and stakes of information security, covering basics of ISO/IEC standards and cybersecurity threat awareness. Participants will explore security policy frameworks and the architecture of information security systems.

Day 3: Practical Application

Participants engage in practical exercises that reinforce their learning and develop hands-on skills in incident management procedures and actions to be taken in response to cyber incidents. This session simulates real-world scenarios to enhance problem-solving skills.

Educational Highlights

Participants will gain insights into educational principles, communication techniques and teaching methodologies.

The programme covers crucial topics in cyber hygiene such as security policies, threat awareness, preventive measures, and incident management procedures. Engaging practical exercises simulate real-world scenarios to enhance participants’ problem-solving skills and application of knowledge in real-life settings.