In mid-December, cybersecurity professionals from across the Western Balkans gathered in Ljubljana for the Ljubljana 2025 FIRST Technical Colloquium and Cyber Balkans Workshop, a three-day event combining in-depth technical discussion with peer exchange and collaborative reflection.
Hosted by Slovenia’s SI-CERT and Register.si, the national domain name registry, in cooperation with the e-Governance Academy, the colloquium brought together FIRST members and invited experts to explore current developments in incident response and threat intelligence.
While the first two days focused on keynote speeches and technical sessions, the third day shifted the focus to the WB community itself through three dedicated activities led by experts from the e-Governance Academy: Lightning Talks, CS (Cyber-Security/Santa) Wishlist and Something Comic about Cyber?
During the Lightning Talks session, cybersecurity experts from the Western Balkans shared short, 5–7-minute presentations with their peers.
The format created space to reflect on real-world experiences, discuss challenges faced by CSIRTs and SOCs and exchange lessons learned from day-to-day operational work.
The session encouraged openness and a diversity of perspectives, enabling many voices to be heard and strengthening connections across the regional cybersecurity community.
The topics were chosen by the delegations themselves and included Serbia’s and North Macedonia’s new cybersecurity related laws, Bosnia’s CERT RS’ cybersecurity training system, Albania’s best practices, Montenegro’s achievements and Kosovo’s lessons learned during a cyber attack.
Immediately afterwards, the workshop continued with the CS Wishlist session, a more merry and creative exercise inviting participants to reflect on the hardware, software and capacity-building needs they have at the individual, institutional and national levels.
Framed in a light, seasonal way, the session provided candid discussions on gaps in tools, skills and resources, including advanced threat-hunting capabilities, information-sharing mechanisms and specialised training needs.
The wishlist provided as a structured way to gather insights that may support future Cyber Balkans activities, helping to surface shared challenges, align regional priorities, and build a collective understanding of what strengthening cyber resilience means in practice.
Most notably, trends appeared indicating that at the individual level improved capacity building was preferred; at the institutional level, software and hardware needs were expressed; but at the national level, priorities differed based their context and overall goals.
The final activity Something Comic about Cyber? was built around the continuous need for cybersecurity awareness of the general population.
Using three previously developed eGA comics for awareness, participants were asked to translate, adjust or improve them for their constituents, and share other visual awareness raising campaigns that they might have seen or created.
The activity was focused on the needs of the general, non-technical populations, specifically the younger and older generations. Discussions emerged on the targeting of the messages, with some of the participants pointing out that one of the existing comics would be better targeted to the older population over the original recipients.
Other delegations presented their own ideas on new comics, which were jotted down for future possible use. Even when cybersecurity and its awareness efforts are universal, proper localisation must be followed to ensure that the message is transmitted to the citizens.
Overall, the Ljubljana 2025 FIRST Technical Colloquium and Cyber Balkans Workshop provided a timely opportunity to bring together cybersecurity experts ahead of the slower holiday season.
The event offered space to wrap up the year through shared learnings and reflections, while reviewing achievements and ambitions to further strengthen regional and local cyber resilience in the year to come.
