A Platform for Sustainable Cybersecurity Cooperation in the Western Balkans

Recent cyber incidents, such as the 2022 cyber operations targeting the government of the Republic of Albania  and compromising the government's IT infrastructure in the Republic of Montenegro,  have once again emphasized the importance of addressing the issue of cybersecurity in the Western Balkans (WB). The WB is a region at the center of geopolitical and strategic interests. For example, those interests are expressed through the presence and investments of external players such as the European Union (EU)-27, the People's Republic of China, the Russian Federation, the United Kingdom of Great Britain and Northern Ireland, and the United States of America.  The WB are also covered by the EU enlargement policy due to their candidate or potential candidate status for EU membership.  Because of these diverse and partly competing interests, the WB is a potential hotspot for cyber operations, such as cyber espionage.  Cybercrime is a significant security threat to the region, including malware, phishing, ransomware, and Distributed Denial of Service (DDoS) operations.  The region is increasingly digitizing infrastructure and services, thus broadening the attack surface.  Therefore, if not appropriately addressed, the problem will only intensify.

Independent from the motivation behind cyber operations, large-scale cyber incidents, such as WannaCry,  have taught an essential lesson already in 2017: Cyber threats are not limited to a localized context. Instead, they may transcend borders, spread across sectors, and cause severe harm to economies and societies. At the same time, threat actors interested in the WB, such as cybercriminals, may not limit their activities to one state at a time.  Governments and non-governmental entities across sectors and countries thus face similar challenges in preparing for and responding to these incidents, such as a shortage of cybersecurity skills.  This dynamic underscores the importance of addressing cyber threats beyond the national level, for example, by adopting measures to improve national cyber resilience in cooperation with other states.  These shared cybersecurity challenges have fueled policy discussions to mitigate them through regional cooperative instruments and initiatives. In the European context, examples of this approach include the recently announced EU Cybersecurity Reserve  or the EU Computer Security Incident Response Team (CSIRT) Network .

In the WB, the need for a collective approach toward cybersecurity has, for example, been highlighted by the Regional Cooperation Council (RCC), an "all-inclusive, regionally owned and led cooperation framework,"  calling for "a joint regional approach to ensure cybersecurity in the region, in line with EU standards."  The importance is also underlined by the 2023 chair's conclusions  of the Berlin Process, a high-level cooperation platform.  The chair's conclusions deem strengthening cybersecurity cooperation essential.

Regional cooperation in the WB is crucial to addressing shared challenges in various aspects and fields.  In addition, regional cooperation plays a vital role in stabilizing and associating WB economies with the EU.  Regional cooperation is, for example, fostered through the RCC, which, together with the EU,  facilitated the Regional Roaming Agreement,  which led to a roaming-free WB and the Berlin Process. Other initiatives that improve regional cooperation include the Regional School of Public Administration (ReSPA), a hub for public administration reform  and the South East European (SEE) Digital Rights Network.  For regional cybersecurity cooperation specifically, the RCC strengthens cybersecurity capacities in the region and its respective economies, for example, by raising awareness of cybercrime as part of its broader work.  Other examples of initiatives are the Center for Cybersecurity Capacity Building in the Western Balkans (WB3C),  the projects and initiatives of the Geneva Centre for Security Sector Governance (DCAF),  the Global Forum on Cyber Expertise (GFCE),  and the e-Governance Academy.

Against the backdrop of these regional cybersecurity initiatives, a common topic emerged in discussions with researchers and practitioners : How could regional cooperation in the WB be improved even further in providing practical operational support, consolidating initiatives, and sustainably increasing the cybersecurity baseline?

In response to that question, this paper explores a path toward sustainable  cybersecurity in the WB. Its initial design is a joint platform for WB economies under regional ownership to focus on practical operational support for the conceptualization and development of regional cooperation projects to sustainably increase the regional cybersecurity baseline. Instead of creating another stakeholder from scratch, the proposed platform could be embedded in an existing regional institution to leverage existing regional structures, bundle scarce resources, and prevent duplication of efforts. It is intended to benefit the entire WB cyber ecosystem, not just governmental or public institutions. Instead, institutions from the private sector, civil society, and academia would also be encouraged to benefit from it. This paper outlines the platform's potential institutional structure, activities and benefits, potential challenges, and initial steps to take should further exploration of the proposal be considered.

Footnotes can be found in the PDF