CSEC Connect 2026: From Dialogue to Regional Cyber Resilience

Under the auspices of the NATO Political Engagement Support Cell (PESC), the Cyber Security Excellence Centre (CSEC) organized the conference "Connect 26". The second edition of CSEC Connect brought together national CERTs/CSIRTs, policymakers, academia, and international partners to address a simple but urgent question: can the Western Balkans become resilient if it remains fragmented?

The short answer emerging from the conference is no. The longer answer - developed through discussions, presentations, and closed sessions - is that resilience in the region will depend on trust, structured cooperation, and practical interoperability, not just on strategy documents.

A region exposed - and increasingly aware

The Western Balkans is no longer a peripheral digital space. It is an active operational environment, where cyber threats intersect with geopolitics, economic stability, and democratic resilience.

As highlighted during the opening keynote by Ambassador Vladimir Vucinic, Head of NATO Political Engagement Support Cell, cyber incidents in the region are rising, with attacks increasingly targeting critical infrastructure, public services, and sensitive data flows. Goal for the Western Balkans is to transform this region from a target into a zone of enhanced resilience. By investing in cyber capabilities, we strengthen the digital backbone of our forces and our societies. At the same time, structural weaknesses remain:

• Fragmented institutional frameworks

• Uneven legal and regulatory development

• Limited operational CERT capacities

• Shortage of skilled cyber professionals

Bosnia and Herzegovina exemplifies this gap: despite progress at lower levels of governance, there is still no comprehensive national framework for network and information security, nor a fully operational state-level CERT.

This mismatch - between growing threats and limited coordination - defined much of the discussion at CSEC Connect 2026.

Cooperation is not optional - it is infrastructure

A central theme of the conference was the shift from viewing cooperation as a policy aspiration to treating it as critical infrastructure.

In her presentation, Denisa Kurtagić reframed a long-standing assumption:

This reflects a broader transition in cybersecurity thinking:

The Western Balkans faces a specific challenge:

CSEC Connect directly addressed this gap by creating a space where operational actors, not just policymakers, could exchange practices, align expectations, and identify concrete next steps.

From fragmentation to a “Cyber Shield”

The forward-looking discussion focused on what a functional regional cybersecurity ecosystem should look like by 2030.

The concept emerging from the conference aligns with a “regional cyber shield” - a federated network of interconnected CERTs and stakeholders, capable of:

• Real-time information exchange

• Coordinated incident response

• Shared situational awareness

• Joint capacity building

This vision requires alignment across three core dimensions:

• People: addressing skills shortages and breaking institutional silos

• Processes: accelerating alignment with EU frameworks (notably NIS2)

• Technology: reducing dependency on unvetted systems and increasing trust in shared infrastructure

In practical terms, this means moving from isolated national capabilities to interoperable regional systems.

Law, policy, and the reality gap

Several sessions highlighted a recurring issue across the region: legislation is advancing faster than implementation.

While some countries have made notable progress, adopting comprehensive cybersecurity laws and strategies, others remain at earlier stages of institutional development.

At the same time, emerging domains such as artificial intelligence are adding complexity. As noted in the session on AI and law, global regulatory activity is accelerating, but coherent, enforceable frameworks remain limited.

The implication is clear: legal alignment without operational capacity does not produce resilience.

The role of academia and talent pipelines

A distinctive feature of CSEC Connect 2026 was the Academic Roundtable, which moved beyond general discussion to concrete commitments.

Key priorities identified:

• Aligning curricula with real-world cybersecurity needs

• Expanding hands-on training (including cyber ranges and incident response exercises)

• Strengthening collaboration between universities and industry

• Establishing a regional academic network with CSEC as a coordination hub

This reflects a broader recognition that human capacity, not technology, is the limiting factor in regional cybersecurity.

From event to platform

CSEC Connect is increasingly positioning itself not as a one-off conference, but as a platform for continuity.

The 2026 edition achieved several practical outcomes:

• Strengthened relationships among WB6 CERTs

• Initiated discussions on structured information-sharing mechanisms

• Advanced cooperation between academia and operational actors

• Reinforced links with international partners, especially with NATO

The presence of international stakeholders and the support of partners such as the Royal Norwegian Embassy underline a broader point: regional resilience is both a local responsibility and a shared international interest.

What comes next

The real test of CSEC Connect 2026 is not only the quality of discussion - but what follows.

Three priorities stand out:

1. Operationalise information sharing Move from ad hoc exchanges to structured, trusted mechanisms.

2. Accelerate CERT development and interoperability

   Ensure each country has functional capabilities that can connect regionally.

3. Invest in people, not just technology

   Scale training, education, and retention of cybersecurity professionals.

Without progress on these fronts, the region risks remaining reactive, fragmented, and vulnerable.

Conclusion

CSEC Connect 2026 confirmed something that is increasingly evident: cybersecurity in the Western Balkans is no longer a national issue - it is a regional task.

The region does not lack expertise, nor awareness. What it has lacked, until recently, is structure, trust, and sustained coordination.

This conference marked a step toward closing that gap.

Keynote address by ambassador Vućinić:

Keynote presentation by Mr. Puharić

Keynote presentation by Mr. Husić:

Presentations:

Closing keynote by Mr. Sekuloski:

About CSEC Connect 26

CSEC Connect 2026 is a regional cybersecurity conference held in Sarajevo on 23–24 March 2026, bringing together national CERTs/CSIRTs, public institutions, academia, and international partners from across the Western Balkans and beyond. The event focuses on strengthening cyber resilience through practical cooperation, information sharing, and alignment with European and NATO standards.

The programme combines high-level keynotes, technical discussions, and closed sessions, addressing key challenges such as fragmented institutional frameworks, capacity gaps, and the need for coordinated incident response.

A central theme of the conference is the transition from isolated national approaches to a more integrated regional model - based on trust, interoperability, and collective defence. Discussions emphasise that effective cybersecurity in the Western Balkans depends not only on legislation and technology, but on people, partnerships, and sustained collaboration.

CSEC Connect serves as a platform for building long-term cooperation, supporting the development of CERT capacities, and connecting the region with European and international cybersecurity ecosystems.

CSEC Connect is sponsored by NATO and supported by the Royal Norwegian Embassy in Sarajevo.