Enhancing Cybersecurity Resilience in Bulgaria’s CSOs

Authors: Dimitar Keranov, Transatlantic Foundation; Teodora Eneva, Startup Factory 

Civil society organizations (CSOs) in Bulgaria are increasingly vulnerable to sophisticated cyber threats due to the volume of sensitive data they handle and their insufficient financial resources to enhance their staff’s information-security expertise. The absence of adequate security measures not only jeopardizes data integrity, leading to potential financial losses and reputational damage, but also poses significant societal risks including privacy breaches and national security threats. The rapid evolution of cyber threats necessitates continuous updates in staff knowledge and skills to effectively mitigate these risks. 

To address these pressing challenges, there is a critical need for initiatives in Bulgaria that offer comprehensive training, advanced resources, and robust support aimed at bolstering information-security practices within CSOs. Such measures will foster a more secure and resilient environment, protecting sensitive data and maintaining the integrity and confidentiality of information. Moreover, these efforts will contribute to the broader objectives of national security and societal welfare, ensuring the protection of individual privacy rights and enhancing the overall stability of the society. 

Throughout 2023 and 2024, the team at the Ruse-based CSO Startup Factory addressed these contemporary security challenges by initiating a project to enhance cybersecurity skills among Bulgaria’s CSOs.  

The project delivered a comprehensive program that combined practical workshops, tailored training sessions, expert consultations, and resource development.  

From the outset, the project aimed to have not only a one-time impact but also sustainable benefits. The team behind the initiative worked diligently to ensure that all training materials, including video lessons, posters, and an e-book, were uploaded to a dedicated cybersecurity platform that now serves as a long-term repository of knowledge, accessible to CSOs whenever needed. 

Thriving in a Secure and Resilient Digital Environment 

The project’s impact was immediate and significant. Participants widely commended the relevance and practicality of the training. One attendee said: “I have watched a lot of information about cybersecurity. However, the content presented by the lecturer Iva Tasheva was very comprehensive and definitely suitable for building foundational knowledge in cybersecurity”.  

This sentiment was echoed by many, who appreciated the interactive and hands-on approach during the sessions. By focusing on real-world scenarios and challenges specific to CSOs, the program ensured that participants could immediately apply what they learned to their daily work. 

Participants were empowered to identify and respond to cyber threats. Before the training, many CSO staff lacked confidence in this area. The project provided them with the technical knowledge and the confidence needed to protect their organizations effectively.  

One participant remarked: “I feel much more confident in identifying potential risks and taking preventive measures now. This training has truly made a difference”.  Another added: “The materials are very good, everything is explained wonderfully, and the repetition is helpful. It’s a great idea to send fake phishing emails to test us. Now I’m definitely more cautious about any suspicious ads and announcements online”. 

Beyond the individual training sessions, the creation of the cybersecurity platform has been a major contribution. Packed with valuable resources, it ensures that the knowledge shared during the project remains accessible and impactful.  

“This project has truly been a game-changer for our organization. We feel better equipped to face the challenges of the digital age, and we are grateful for the support and resources provided through InfoSec Skills+”. This sentiment captures the essence of the project: empowering Bulgaria’s CSOs to thrive in a secure and resilient digital environment. 

The “InfoSec Skills+” project, supported by Engaging Central Europe in 2023–2024, is being implemented under the PROTEUS program and co-funded by the European Union. The views and opinions expressed are solely those of the author(s) and do not necessarily reflect those of the Transatlantic Foundation (TF) or the European Union (EU). Neither the EU nor TF can be held responsible for them.