Bosnia and Herzegovina’s banking sector is poised to enhance its sharing of cybersecurity threat intelligence 

The workshop addressed the specific governance and operational needs of the BiH financial sector and resulted in a shared understanding of a feasible implementation model: 

• The CBBH, the FBA and the ABRS, will each have their own separate MISP systems deployed. 

• The system at the CBBH will serve as the central node for international information exchange and coordination with external sources (e.g., Forum of Incident Response and Security Teams (FIRST), European Union Agency for Cybersecurity (ENISA), Financial Services Information Sharing and Analysis Center (FS-ISAC)).  

• The MISP systems within the two banking agencies will be used to exchange information with commercial banks under their respective jurisdictions. All three systems will be interconnected, exchanging threat intelligence based on jointly agreed protocols and procedures, thus ensuring a coordinated and secure flow of information across the entire banking sector in Bosnia and Herzegovina. 

• The workshop introduced the concept of selective information exchange, governed by specific frameworks and classification standards, which was well received by participants.  

In addition, during the workshop, participants agreed that, to proceed with the implementation of MISPs, the already established working group should continue its collaborative work. The working group’s role is to coordinate the development of a threat intelligence-sharing mechanism within Bosnia and Herzegovina’s financial system. The group comprises representatives from the CBBH, the FBA and the ABRS, as well as the Deposit Insurance Agency. Its mandate is to define procedures, technical solutions, and governance models for structured information exchange on cyber threats. 

• An Introductory technical presentation was made on the MISP platform, covering CTI concepts, deployment options, integration potential, and implementation challenges specific to the financial sector. 
• An Operational Procedure and Handbook for MISP use was drafted, with further alignment and refinement still required, specifically tailored for the BiH banking sector. This comprehensive guide covers essential aspects, including participation rules, governance structure, TLP classification, incident workflows, access controls, and international integration. 

• A Draft Action Plan for the phased deployment of MISP instances across institutions was presented and reviewed jointly. 

• The moderated working sessions to define governance roles, procedural standards, and inter-institutional coordination mechanisms had high engagement by participants. 

• Expert presentations linked EU regulatory frameworks (NIS2, DORA, GDPR) to BiH implementation scenarios, helping participants contextualise their institutional obligations and priorities. 

• Demonstrations of real-world MISP use cases, integration examples, and deployment architectures (cloud vs on-premise) adapted to the BiH legal and infrastructural context. 

• Survey-based feedback confirmed the strong relevance of the event, widespread support for the distributed MISP model, and the need for further technical and legal guidance and support. 

The workshop was part of the European Union-funded “Cyber Balkans” project, implemented by the e-Governance Academy. The project aims to enhance the cyber resilience of the Western Balkans in compliance with EU acquis and best practices by improving the cybersecurity prevention, preparedness, and response of relevant public and private stakeholders in the Western Balkan partners: Albania, Bosnia and Herzegovina, Kosovo, Montenegro, North Macedonia, and Serbia.