Regional cybersecurity stakeholders do not regard the Western Balkans as primary target of any particular threat actor. Instead, attacks and incidents are perceived as collateral damage of attacks aimed at other primary targets. Additionally, stakeholders have not identified any region-specific malicious actors, or cybersecurity developments however, this does not discount the possibility of a more regional dimension to cyber threats emerging in the near future, given the pace of digitalisation and geopolitical developments.
These are some of the main findings of the Cybersecurity Ecosystem Report, which maps cyber threats in the Western Balkans, identifying key risks, threats, incident and attack types, and, where possible, threat actors. Commissioned by the UK Government, the Report has been prepared jointly by PwC, focusing on the global and regional threat landscape, and the ISAC Fund, providing the geopolitical context for each of the Western Balkan economies (Albania, Bosnia and Herzegovina, Kosovo, Montenegro, North Macedonia and Serbia).
The Report shows that the cybersecurity threats faced by Western Balkan economies generally mirror global threats. Ongoing increases in digital activity, accelerated by the global pandemic, have led to greater numbers of incident reports received by national authorities. Increasingly, smaller actors such as small and medium enterprises, media actors and civil society organisations are also encountering cyber threats. Attacks are becoming more sophisticated, with better tailoring of malicious content to local languages and context. Currently, cyber-crime is seen as the main threat, with malware, phishing, ransomware and, to an extent, Distributed Denial of Service (DDoS) as the most common attack types.
Western Balkan economies have been actively attempting to strengthen the resilience of their national cybersecurity ecosystems. Often with the support of the international community, regional economies have developed relevant legislation, established new institutions, and built up technical and operational capacities. They have also forged bilateral and multilateral partnerships, generally gravitating towards EU and NATO approaches but with some national differences.
The Report also provides recommendations on the actions to be taken with a view to fostering greater cyber resilience in the Western Balkans, such as:
- Ensuring a more effective communication between the stakeholders on the mutual benefits of incident reporting and information sharing.
- Developing tailored methodologies for monitoring cybersecurity developments on a regular basis, collecting, processing and categorising data on reported incidents, and coming up with national threat landscape reports.
- Aligning legislative and strategic frameworks to address the evolving cybersecurity threat landscape, developments in the cybersphere and the resulting needs.
- Capacity development of other relevant institutions and bodies such as those in charge of investigations and prosecutions in cybercrime cases.
- Adopting a sectoral approach by building decentralised competences and response capacities, centrally coordinated at the national level.
- Devising public and private sector joint approaches and establishing partnerships with academic institutions aimed at identifying sustainable models to address workforce constraints.
- Running comprehensive cybersecurity awareness programmes, segmented, designed and delivered in a way to target specific audiences across Western Balkan societies.
Would you like to receive Cybersecurity Ecosystem Report ? Please submit your details
Contact us
Jelena Miletic
Senior Manager, Marketing & Communications, PwC Serbia
Tel: (+381) 64 82 03 815