ZAGREB, Croatia — More than 100 cyber professionals from seven European nations and seven U.S. National Guard state partners participated in Combined Adriatic Cyber Endeavor (CACE) 2026, a multinational cyber defense exercise hosted by the Croatian Armed Forces at the Petar Zrinski Barracks, June 1-11, 2026.
The Croatian Cyber Command hosted the largest regional cyber exercise for the first time, bringing together participants from Albania, Bosnia and Herzegovina, Croatia, Kosovo, Montenegro, North Macedonia, and Slovenia, along with their respective U.S. National Guard State Partnership Program counterparts from New Jersey, Maryland, Minnesota, Iowa, Maine, Vermont, and Colorado.
"We do things vastly differently across countries, across states," said Maryland Air National Guard Warrant Officer 1 Nicholas Custead, assigned to the 276th Cyberspace Operations Squadron, who served as an exercise planner and member of the red team. “So, having everybody in the same room allows us to pool our ideas and come up with the best solutions. It's the best way to collaborate.”
The two-week exercise began with academic instruction, scenario development, and final preparations before transitioning into the operational exercise. Each state and its partner nation formed a defensive cyber blue team and a white cell for the exercise, while Croatia and some National Guard members supported an offensive red team. The exercise represented the latest evolution of a regional effort designed to strengthen cooperation, coordination, and cyber defense capabilities among Adriatic+ partner nations.
“These exercises are unique opportunities to have actual hands-on experience and see what it takes to combat a threat, impacting the region,” said Paul Winter, senior vice president for professional services at SimSpace. “There's a lot of planning and prep for these activities, and our team has been really grateful for the teamwork of the host nation.”
A significant NATO milestone of the exercise was the first-ever interconnection of SimSpace cyber ranges operated by Croatia and Slovenia. The exercise centered on a fictional military mission in which participating teams were tasked with defending the shared unclassified network. Blue team participants conducted threat hunting, incident response, reverse engineering, and network defense operations while documenting findings, developing remediation plans, and submitting situation reports.
The white team served as the exercise control element, overseeing coordination, scenario management, participant guidance, and overall governance. White team members were responsible for ensuring the exercise met its training objectives, maintained realistic conditions, enforced established rules, and evaluated participating teams. The red team planned and executed simulated adversary activities designed to challenge the blue team network defenders, while the Croatian green team and Simspace staff developed and maintained the network infrastructure and cyber range environment used throughout the exercise.
“It's about coordination, collaboration, and everyone working together," said Maj. Dubravko Jerković, Croatian Cyber Command commander and exercise director. “I think the whole point of this exercise is the communication, exchanging information, and getting to know the people, so we build the maturity of cyber in our region.”
The virtual training environments were provided through a U.S. security cooperation investment and donated to the Croatian and Slovenian armed forces in late 2023. During the exercise, the interconnected ranges expanded training capacity and enabled participants to operate across the larger, complex cyber environment.
“It is important as a cyber range provider not to just provide the solutions, but to really enable the partner nations to run and operate as self-sufficient as possible," said Lee Rossey, chief technology officer and co-founder of SimSpace. “We want to fade into the background and enable them to be able to design, execute, and run as much as possible on their own.”
Officials said the successful integration demonstrated the growing cyber capabilities of both nations and established a foundation for future multinational training events. Several participating nations either have received or are expected to receive similar virtual training environments, creating opportunities for additional regional cyber exercises in the future.
"Cooperation is very important," said Aleš Čretnik, Slovenia national representative and cyber range chief/advisor for the Slovenian Ministry of Defense. “Establishing trust among the nations that actually know each other, especially the technical stuff, so that they know who they should contact for help or any other support in case of larger incidents.”
The exercise built on previous regional cyber cooperation efforts, including the Adriatic Regional Security Cooperation Cyberspace Exercise hosted in Postojna, Slovenia, in 2024. Throughout the exercise, participants worked side by side to defend networks, share technical expertise, and strengthen relationships among allied and partner nations.
"CACE 26 is an example of the growing maturity in cyberspace defense across the Adriatic region,” said U.S. Air Force Lt. Col. Patrick Brown, IMA to the Partnership Division, U.S. European Command J69, who also previously served in the Maryland Air National Guard’s 175th Cyberspace Operations Group. “This year, Croatia took the lead, demonstrating the increasing capability and ownership of our Allies and partners in the cyber domain after years of USEUCOM-led cyberspace security cooperation in the region, including the National Guard's State Partnership Program. As our Allies and partners independently plan, resource, and execute multinational exercises, it showcases a more capable, resilient, and interoperable cyber force to defend Alliance territory, which increases regional stability.”
Eight Airmen assigned to the Maryland Air National Guard's 175th Cyberspace Operations Group and one Soldier assigned to Maryland Army National Guard Cyber Protection Team 169, joined three members of the Armed Forces of Bosnia and Herzegovina (AFBiH) Cyber Operations Center at the exercise. It was the first time that an AFBiH cyber expert led their Maryland counterparts as one of the seven blue teams.
“I'm most proud of how my team handled the situation, because we are the smallest team at this event, and I'm proud of the collaboration with other teams, and also our partnership with Maryland,” said AFBiH Capt. Armin Kolašinac, a vulnerability assessment officer at the Cyber Operations Center. “In the beginning, [Maryland] showed us everything, because we were new at this, but now we are catching up, and there are some things that we can also teach them. It's significant for me, and it's significant for my [AFBiH] colleagues because it shows that the partnership with Maryland is bearing fruit. We can see progress, and I can see that my teammates trust me.”