ZAGREB, Croatia – More than 100 cyber professionals from seven European nations and seven U.S. National Guard state partners participated in Combined Adriatic Cyber Endeavor, or CACE, 2026, a multinational cyber defense exercise hosted by the Croatian Armed Forces at the Petar Zrinski Barracks, June 1-11.
The Croatian Cyber Command hosted the regional cyber exercise for the first time, bringing together participants from Albania, Bosnia and Herzegovina, Croatia, Kosovo, Montenegro, North Macedonia and Slovenia, along with their respective U.S. Department of War National Guard Bureau State Partnership Program counterparts from New Jersey, Maryland, Minnesota, Iowa, Maine, Vermont and Colorado.
"We do things vastly differently across countries, across states," said Maryland Air National Guard Warrant Officer 1 Nicholas Custead, assigned to the 276th Cyberspace Operations Squadron, who served as an exercise planner and member of the red team. “So, having everybody in the same room allows us to pool our ideas and come up with the best solutions. It's the best way to collaborate.”
The two-week exercise began with academic instruction, scenario development and final preparations before transitioning into the operational exercise. Each state and its partner nation formed a defensive cyber blue team and a white cell for the exercise, while Croatia and some National Guard members supported an offensive red team. The exercise represented the latest evolution of a regional effort designed to strengthen cooperation, coordination and cyber defense capabilities among Adriatic+ partner nations.
“These exercises are unique opportunities to have actual hands-on experience and see what it takes to combat a threat impacting the region,” said Paul Winter, senior vice president for professional services at SimSpace. “There's a lot of planning and prep for these activities, and our team has been really grateful for the teamwork of the host nation.”
A significant NATO milestone of the exercise was the first-ever interconnection of SimSpace cyber ranges operated by Croatia and Slovenia. The exercise centered on a fictional military mission in which participating teams were tasked with defending the shared unclassified network. Blue team participants conducted threat hunting, incident response, reverse engineering and network defense operations while documenting findings, developing remediation plans and submitting situation reports.
The white team served as the exercise control element, overseeing coordination, scenario management, participant guidance and overall governance. White team members were responsible for ensuring the exercise met its training objectives, maintained realistic conditions, enforced established rules and evaluated participating teams. The red team planned and executed simulated adversary activities designed to challenge the blue team network defenders, while the Croatian green team and Simspace staff developed and maintained the network infrastructure and cyber range environment used throughout the exercise.
“It's about coordination, collaboration and everyone working together," said Maj. Dubravko Jerković, Croatian Cyber Command commander and exercise director. “I think the whole point of this exercise is the communication, exchanging information and getting to know the people, so we build the maturity of cyber in our region.”
The virtual training environments were provided through a U.S. security cooperation investment and donated to the Croatian and Slovenian armed forces in late 2023. During the exercise, the interconnected ranges expanded training capacity and enabled participants to operate across the larger, complex cyber environment.
“It is important as a cyber range provider not to just provide the solutions, but to really enable the partner nations to run and operate as self-sufficient as possible," said Lee Rossey, chief technology officer and co-founder of SimSpace. “We want to fade into the background and enable them to be able to design, execute, and run as much as possible on their own.”
Officials said the successful integration demonstrated the growing cyber capabilities of both nations and established a foundation for future multinational training events. Several participating nations either have received or are expected to receive similar virtual training environments, creating opportunities for additional regional cyber exercises in the future.
"Cooperation is very important," said Aleš Čretnik, Slovenia national representative and cyber range chief/advisor for the Slovenian Ministry of Defense. “Establishing trust among the nations that actually know each other, especially the technical stuff, so that they know who they should contact for help or any other support in case of larger incidents.”
The exercise built on previous regional cyber cooperation efforts, including the Adriatic Regional Security Cooperation Cyberspace Exercise hosted in Postojna, Slovenia, in 2024. Throughout the exercise, participants worked side by side to defend networks, share technical expertise, and strengthen relationships among allied and partner nations.