Cybersecurity Study on the Western Balkans

The project supported the EU’s actions in strengthening and improving the cyber resilience capacities of the Western Balkan countries in order to better address the challenges of cyber threats and improve their overall security, in compliance with EU acquis and best practice.

The project identified and analysed the cybersecurity capacity building needs of Western Balkans economies and opportunities for the European Commission engagement. The analysis included an overview of the state of affairs, gaps, needs and recommendations for further development.

The study covered the following topics:

• Legislative, policy and institutional framework on cybersecurity and alignment with EU acquis;
• Operational capabilities of competent authorities and Computer Emergency Response Teams (CERTs)/Computer Security Incident Response Teams (CSIRTs) to deal with cyber threats and incidents and to mitigate risks (including through regional and international cooperation);
• Identification of operators of essential services (as per NIS Directive and proposed revised NIS Directive) and their cooperation with CERTs/CSIRTs within and between beneficiaries;
• Legislative and policy framework covering operators of essential services and alignment with EU acquis and alignment of the the Western Balkan regulatory framework with the Directive (EU), 2016/1148 concerning measures for a high common level of security of network and information systems across the European Union (NIS Directive) and a revised NIS Directive,
• Public-private cooperation in the area of cybersecurity.

Additionally, the Western Balkan Digital Security Forum was held to discuss cybersecurity in the region, explore the best practices of the European Union and present the cybersecurity study on the Western Balkans.

* The designation of Kosovo is without prejudice to positions on status, and is in line with UNSCR 1244/1999 and the ICJ Opinion on the Kosovo declaration of independence.