EU Support to Western Balkans Cybersecurity Capacity Building

Suggest a page edit


Cybil code: G0949

Status: Ongoing

From: Mar 2023

To: Mar 2026

Themes & Topics




Merle Maigre, Head of Cybersecurity Competence Center at the e-Governance Academy


The Western Balkan IPA III beneficiaries are striving to bolster their cyber resilience, aligning with EU standards and best practices. The rapid growth of the digital domain has amplified cyber threats, necessitating a robust cybersecurity framework. While political leaders in these countries acknowledge the importance of cybersecurity, challenges persist, including a lack of concrete action plans, limited resources, and the absence of public discourse on digitization and cybersecurity. The project aims to enhance cybersecurity in the region through governance models, legal frameworks, crisis management, and capacity building activities.



To enhance the cyber resilience of the Western Balkan IPA III beneficiaries1 in compliance with EU acquis and best practices. 


Digital transformation has become a key driver for economic growth and societal changes. This premise also applies in the six Instrument for Pre-accession Assistance (IPA) beneficiaries of the Western Balkan region assessed in the scope of this study, namely Albania, Bosnia and Herzegovina, Kosovo,* North Macedonia, Montenegro, and Serbia. The rapid evolution of the cyber domain has led to increased cyber threats and risks affecting both providers and users of digitalised services and hence brought a growing realisation that a digital society and digital services cannot safely exist without a solid cybersecurity framework. Subsequently, cybersecurity and resilience have become important targets for domestic reforms in the Western Balkans and an aspect to be strengthened in international cooperation. 

As expressed through public statements and adopted strategy documents, the majority of the political leadership in the Western Balkan IPA beneficiaries generally acknowledge the importance of cybersecurity. Of the six IPA beneficiaries in the region, four have a current national cybersecurity strategy1 in place, with the majority adopted after late 2020. For several of them, it is already their second or third cybersecurity strategy. However, general statements do not necessarily make it into the political agenda or practical deliveries, and the subject can be overshadowed by other political and economic priorities. A lack of political push on the implementation level has been commonly highlighted by the stakeholders interviewed in this project and is expressed in the failure to draw up concrete action plans for cybersecurity strategies, a lack of decisions pertaining to investment in cybersecurity matters, and committing dedicated resources for monitoring and oversight of implementation, in inadequate mandates and resources for the authorities to whom cybersecurity responsibilities have been allocated, and in the lack of involvement of nonstate actors in defining priorities and action plans, as further detailed in this report. Often, challenges affecting the cybersecurity posture stem from administrative or practical challenges beyond the cybersecurity domain, such as the central government and/or competent authorities lacking sufficient powers to enforce and follow through on legislative initiatives, or labour legislation limiting the availability of cybersecurity workforce due to limitations on public sector salaries. A lack of public discussion on digitalisation, e-government, and cybersecurity in essential sectors also impedes clear, measurable progress, as does the general shortage of cybersecurity know-how and skills among the workforce. These findings describe the varied reasons cited by experts for why political recognition of the topic in the Western Balkan region has not resulted in adequate prioritisation and support for improving cyber resilience. 


Improved cybersecurity prevention, preparedness and response of relevant public and 

private stakeholders in the Western Balkan IPA III beneficiaries. 


Cybersecurity governance and awareness 

Legal framework, cyber norms and international law 

Cyber risk and crisis management 

Operational capabilities of Computer Security Incident Response Teams (CSIRTs) 


Analyse a number of most relevant cybersecurity governance models in EU Member States.  

Define advantages and disadvantages for each model and map the applicability of each for the Western Balkans.  

Introduce international governance practice through workshops and study visits to Member State cybersecurity agencies.  

Provide guidance about interagency cooperation models and about the role of the national coordination council as a mechanism for ensuring a coherent approach to cybersecurity.  

Raise cybersecurity awareness of high-level decision-makers and officials through table top exercises  

Build capacities on cybersecurity crisis communication and awareness raising  

Support Western Balkan local civil society organisations to increase the capacity to conduct awareness raising events and campaigns (public, private, society). 


Workshops on the international legal framework for cybersecurity and EU cybersecurity law  

Advice on completion and adjusting domestic legal framework in the area of cybersecurity  

Support the development of a mechanism for an inclusive legislative process on cybersecurity  

Trainings on cyber diplomacy for foreign policy stakeholders  

Facilitating (young) professionals’ participation in cybersecurity summer schools 


Guidance for the collection and analysis of threats and vulnerabilities with the purpose of delivering regular assessments and reports on cybersecurity trends and challenges  

Workshops for government and select Critical Information Infrastructure (CII) operators on cyber risk assessment and management methodologies 

Provide guidance on developing minimum cybersecurity requirements for the secure deployment and operation of ICT products and services  

Expert consulting and study visits (M11-M32) 

Support certification of professionals of selected critical and government infrastructure in: IT project management, information security management, and business continuity plans.  


Training and guidance on cyber threat information sharing principles, incident reporting, incident management and developing incident taxonomies  

Technical exercises to respond to cyber-attack simulations in real-time to monitor, detect and mitigate cyber-attacks. Test the protocols of reporting and sharing information between the government agencies and other stakeholders 

Support CSIRT experts in participating in international forums and conferences and capacity building events  

Provision of specialised equipment and software for functional CSIRT team and other relevant stakeholders or cybersecurity.  

Additional contact

Visar Bivolaku, Policy Officer, Legal Matters and Advisory on Rule of Law Section, European Union Office in Kosovo 


Additional links

EU Support to Western Balkans Cybersecurity Capacity Building | CILC website 

Regional Cooperation Council | Bregu: Regional approach to cybersecurity, in line with EU standards, is a must (

The Cybil project repository is being continuously updated, and the information it contains is either publicly available, or consent for publication was given by the owner. Please contact the portal manager with any additional information or corrections. Whilst every reasonable effort is made to keep the content of this inventory accurate and up to date, no warranty or representation of any kind, express or implied, is made in relation to the accuracy, completeness or adequacy of the information contained in these pages.