e-Governance Academy podcast: Training digital safety through cyber resilience in Montenegro

Written by Federico Plantera

Montenegro’s digital journey has been one of deliberate reconstruction and collaboration. In 2022, a major cyberattack exposed critical gaps in the country’s digital infrastructure. Yet, instead of responding with short-term fixes, public institutions focused on long-term change. They initiated a wide-ranging transformation, strengthening cyber capabilities, forming new partnerships, and prioritising resilience not as an end goal, but as an everyday practice.  

In this podcast episode, we take a privileged look at what that transformation felt like from the inside with Dušan Polović, Director General for Infrastructure, Information Security, Digitalisation and e-Services at the Ministry of Public Administration of Montenegro, and Milan Sekuloski, Senior Cybersecurity Expert at the e-Governance Academy. 

This year, at the e-Governance Conference 2025, the Ministry of Public Administration of Montenegro was named Partner of the Year 2025. An honour that celebrates not just recovery from crisis, but a systemic shift in how digital safety is approached, with resilience, cooperation, and long-term thinking at its core. 

The 2022 Wake-Up Call 

“You must have a strategic vision, then political support,” Polović begins with, outlining the foundation Montenegro laid for strengthening cyber resilience. But even with legislative reforms aligned with EU directives, it took the 2022 attack to expose how untested those structures were in practice.”

“We were the victim of a complex, massive cyberattack on government infrastructure, which directly aimed to affect the provision of digital services for lasting damage.” The experience sent shockwaves through Montenegro’s public administration and made it abundantly clear that preparedness on paper does not equal resilience in reality. 

Rather than allowing the breach to define its trajectory, Montenegro used it as a springboard. The crisis raised awareness at the highest levels of government and among the public, leading to new investments, revised protocols, and tighter operational structures. The Ministry of Public Administration took the lead, guided by then-Minister Marash Dukaj, in building operational capacity and international partnerships. And this leadership turned a moment of vulnerability into one of alignment and determination. 

“From today’s perspective, I would say we turned problems into an advantage,” says Polović. With support from the EU, NATO allies like the US and UK, and rapid mobilisation of domestic teams, Montenegro accelerated its cybersecurity development. The country began to catch up and then, to lead. 

Capacity, Talent, and the People Behind Resilience 

What made this turnaround possible, however, was not only legislation or donor support. “People are the most important,” says Sekuloski. “Technology and policy matter, but without skilled, motivated individuals in government, none of it works.” 

Sekuloski reflects on what Montenegro’s cybersecurity landscape looked like back in 2015. “They were the first in the region to adopt a national strategy, set up a national CERT, and establish a high-level Information Security Council. The ingredients were there, but they weren’t put into practice.” 

The 2022 breach changed that. Today, Montenegro has established a Governmental Security Operations Centre (SOC), formalised its incident response teams, and expanded its cybersecurity workforce. EU-funded projects, including the Cybersecurity Rapid Response and Cyber Balkans initiatives, have helped embed this capacity across government. 

Yet sustaining this progress requires more than technology. Public sector salaries remain uncompetitive compared to private companies, making talent retention difficult. So, Montenegro’s response has been to rethink recruitment: investing in young professionals eager to learn and committed to public service. The government, consequently, has shifted its focus toward nurturing career paths and meaningful opportunities for skill development. 

“It’s not just about the money,” Sekuloski adds. “It’s about giving people meaningful work, responsibility, and the opportunity to grow.” Polović agrees: “It takes five years to raise, so to say, one expert in cybersecurity in government. Keeping them is the real challenge.” 

The resilience now visible in Montenegro’s cybersecurity system is, at heart, the result of human commitment – a long-term investment in people who are willing to learn, collaborate, and protect public digital infrastructure. 

Cybersecurity Is International, Resilience Is Shared 

Cyber threats do not stop at borders. For countries in the Western Balkans, which share many digital, economic, and cultural links, cooperation is essential. Sekuloski emphasises that cybersecurity must adopt a whole-of-society approach. “You cannot manage these risks alone. Governments need cross-sectoral, national, and international partnerships.” 

Montenegro’s example shows that a crisis can stimulate systemic reform. But it also highlights the need for agile institutions that evolve with technology. As Polović puts it, “What is a good model today might not be good tomorrow. Flexibility and adaptability are crucial.” 

That philosophy is now part of Montenegro’s strategy. Information sharing platforms, regionally coordinated European Union-supported projects, and awareness campaigns have boosted trust among stakeholders. And these efforts are not solely defensive measures, but also represent a shift toward openness and learning, which are key to staying ahead in a fast-changing digital environment. 

The launch of the KnowCyber.eu portal by e-Governance Academy is another step toward fostering this trust and amplifying lessons learned. Through it, governments in the region can share strategies, find inspiration, and avoid common pitfalls. Montenegro’s story, as captured in this conversation, is now part of that shared resource. 

“It’s about building networks of knowledge and support,” Sekuloski concludes. “If we can do that, we can face the future with confidence.” 

This episode was recorded as part of the project “Cybersecurity Rapid Response for Albania, Montenegro, and North Macedonia 2.0,” supported by the European Union and implemented by the e-Governance Academy from 2022 to 2025. Explore the project >>> https://ega.ee/project/western-balkan-rapid-2-0/ 

Interested in more?  

Listen to all Digital Government Podcast episodes >>> https://ega.ee/digital-government-podcast/