As cyber threats grow more complex, innovative collaborations are needed to keep Europe secure. One of the most ambitious responses is INTERCEPT, a project under the EU’s Digital Europe Programme. We sat down with Marko Doltar, Head of the Network Operations and Security Center at T-2 – one of the esteemed partners of the INTERCEPT project – to discuss the initiative, its vision, and the future of cybersecurity.
“Cyber threats know no borders,” Doltar began. “To respond effectively, security experts need solutions that provide deep visibility into networks, rapid incident detection, and above all, international collaboration. That is precisely what INTERCEPT is about – creating a platform that allows partners to share critical information and expertise in real time.”
At its core, INTERCEPT (IncideNt ThrEat shaRing CybErsecurity PlaTform) is developing a Threat Sharing Platform (TSP) to help Security Operations Centres (SOCs) detect and respond to incidents more effectively. Doltar outlined how the project will translate its vision into practice. As he explained, the platform focuses on the analysis and exchange of indicators of compromise (IOCs), enabling companies to prepare proactively for cyber threats. Beyond that, organizations will be able to contribute their own indicators, which will then undergo the same rigorous processes we apply internally.
Building on this foundation, the TSP will integrate advanced machine learning algorithms, large language models, data aggregation systems, and automated anonymization tools, ensuring compliance with EU data protection regulations. Instead of directly executing automatic responses, the platform will connect to automation systems via a dedicated portal.
Turning Cybersecurity Strategy into Reality
Curious about how cybersecurity practices are applied in real life, we looked at the example of T-2, Slovenia’s leading telecommunications provider, known for advanced electronic communication services and innovative technical solutions. Marko Doltar explained that, alongside its work on INTERCEPT, T-2 is also carrying out significant upgrades to its key security components.
Firewalls are being replaced to enable better application control and more effective mitigation of Distributed Denial of Service (DDoS) attacks. The network is also being equipped with NDR (Network Detection and Response) probes, which make it possible to detect anomalies in real time.
System monitoring will no longer be purely passive. In parallel, an infrastructure of so-called honeypots – decoy targets designed to mislead attackers and collect information about their methods – will be established. Doltar highlights another important innovation – through the interface, users will be able to request time-limited access to specific applications, which will shorten response times and provide a precise audit trail.
The next layer of defence addresses protection against phishing attacks. The platform will perform daily checks of domain lists for keywords linked to consortium organizations, proactively preventing misuse.
Joining Forces Across Borders
INTERCEPT is a project built on collaboration, powered by a strong consortium of Slovenian and Croatian partners: T-2, SI-CERT as part of the Academic and Research Network of Slovenia (ARNES), Pošta Slovenije, Tiko Pro, and Končar – Digital.
Doltar gave us valuable insight into the teamwork behind the scenes: “Working with diverse European partners expands our reach and brings in new technologies and user experiences. The EU’s NIS2 Directive requires organizations to adopt stronger technical and organizational measures.”
He also emphasized the complementary expertise that each partner brings to the project. T-2 acts as the coordinator, ensuring smooth implementation and alignment of activities. On the Croatian side, Končar – Digital, a leading IT company specializing in digital transformation for energy, mobility, and critical infrastructure, is responsible for Work Package 2 (Requirements Analysis and Information System Design) and Work Package 3 (Development of Cybersecurity AI Tools and Services). The solutions developed will be validated through use cases at Pošta Slovenije and the national SOC (SI-CERT), providing practical insights for shaping a sustainable business model that serves both commercial organizations and national cybersecurity centres. Equally important is the role of Tiko Pro, whose proven track record in securing EU funding is complemented by its expertise in communication and dissemination. As leader of Work Package 6, Tiko Pro ensures the visibility of the project and drives capacity-building activities.
Where Technology Meets Trust
At the heart of INTERCEPT lies cutting-edge technology, but also something deeper – a commitment to trust and collaboration. A key technical pillar is the integration of the Malware Information Sharing Platform (MISP) across all partners, ensuring interoperability and enabling active collaboration on defense strategies. With a total budget of nearly €10 million, half funded through the EU’s Digital Europe Programme, INTERCEPT stands as a flagship investment in Europe’s cyber resilience.
Doltar explained that the project is designed for growth: “We expect other organizations from Slovenia and abroad to join us.” Special attention is also directed toward industrial environments, where operational technologies (OT) face heightened risks and demand tailored protection. Just as importantly, the project prioritizes compliance. “All sensitive data will be anonymized, and a Data Protection Officer will oversee legal compliance at every stage,” Doltar assured.
Yet, as Doltar stressed, INTERCEPT is more than technology: “This is not just about building a platform, it’s about creating a culture of collaboration and trust. By pooling knowledge and resources across borders, we can significantly increase Europe’s overall resilience to cyber threats.”
In this way, INTERCEPT is not only strengthening defences, it is forging a new alliance for a safer digital future, where technology and trust truly go hand in hand.