Home
Policy Papers
Cybercrime in Georgia: Current Challenges and Possible Developments
30-Mar-2021

The goal of this research is twofold. Primarily, it provides an assessment of the cybercrime situation in Georgia and projection of possible developments, as well as envisages policy recommendations for responsible public authorities. The secondary, but not less important goal is to facilitate awareness-raising through developing analytical information regarding problems and ways of their solutions. Georgian citizens are end victims who suffer from any national security threats including cybersecurity incidents and cybercrimes. Informing the public and raising awareness gain utmost importance, especially in conditions of hybrid threats. Social resilience could not be ensured without a wider engagement of informed and socially active citizenry.

Key Findings

  • Cybercrime is still an emerging phenomenon in Georgia, its damaging potential is not fully exposed and the threat is not perceived properly either by the government or the society;
  • Highly likely cybercrime remains underreported in Georgia as in many other countries of our region;
  • The MIA is focused on pure cybercrimes and does not calculate cyber-enabled crimes under cybercrime statistics that leaves room for ambiguity;
  • From the perspective of criminal justice, policy cybercrime still does not expose serious challenge to society as its share in general criminal statistics is not significant;
  • In the context of national security, cybercrime is more dangerous than other crimes as it represents an instrument of transformation of external threats into serious problems of internal security;
  • Georgian Police handle cybercrime generally in a reactive manner, with more focus on response - investigation and pursuit, lacking a comprehensive preventive approach;
  • LEA has certain problems in investigation and digital forensic, especially, in the regions;
  • Lack of coordinated government policy, mature engagement of the private sector and low public awareness in the light of digitalization of social life, increasing internet and ICT access are main factors affecting cybercrime statistics negatively;
  • Transnational criminal activities expose little danger to Georgia cybersecurity nowadays, but it`s predictable that GOCGs being an important part of transnational organized criminality, will increase their illegal activities in the digital space;
  • Lack of sustainable financial support to develop key cybersecurity services and programs is observed;
  • As main determinants affecting of raising cybercrime in Georgia are mostly generated through complex internal socio-economic and technological developments and external geopolitical processes and the GOG has limited capacity to influence significantly on most of those factors in a short-term perspective, it can be implied that in the nearest 5 years’ period, the trend of raising cybercrime rates in Georgia will be maintained. Highly likely cybercrime would be increased approximately by 25-30% per year in comparison to 2020 rates and gradually, it will easily overcome 5% share of total criminal cases registered by the police in 2022.

 

Recommendations

Recommendation #1. More preventive, proactive and protective policy:

  • Set up a comprehensive strategic agenda for cybercrime preventive measures. Georgia needs to develop not only reactive but also proactive measures for combating cybercrime;
  • Change the approach of calculating cybercrime statistics to consider numbers of cyber-enabled crimes in total number of cybercrimes;
  • Develop joint interagency task force from key government stakeholder institutions, equipped with strategic, operational and tactical tools, to unify efforts and undertake comprehensive and adequate measures for deterring external threats or mitigating the risks;
  • Elaborate long-term strategy and action plan for combatting cybercrime, which will include capacity building, large-scale public awareness projects jointly organized by relevant government agencies (participation of the institutions responsible for implementing educational and youth policy is highly recommended);
  • Draft and adopt legislative framework empowering the police for utilization ethical hacking and other proactive measures in cyberspace;
  • Increase funding of cybersecurity dimension.

Recommendation #2. Develop workforce and institutional capacity:

  • Increase human and technological capacity of cybercrime investigators, especially at the regional level. Regular training programs with no gaps, as new sophisticated attacks require qualified people to deal with;
  • Develop national training infrastructure for LEAs and security sector agencies to fill the gaps of human resources and facilitate professionalization of their personnel in cybersecurity, cybercrime investigation techniques and digital evidence;
  • Increase efforts for participation in international exercises and trainings to increase international LEA cooperation with a special focus on combatting cybercrimes;
  • Work more actively with LEAs of partner countries, international and regional law enforcement organizations in joint working groups and other platforms to detect activities of GOCGs in cyber sphere and be informed about possible threats;
  • Create specialized cybercrime police units in every region of Georgia, equip them with special crime detection software and technical solutions that will increase early warning opportunities and increase other preventive technics;
  • Equip and train enough police personnel properly for conducting tailored proactive policing measures countrywide.

Recommendation #3. Develop cyber culture:

  • Take active measures for public education and awareness, the empowerment of Georgian information society; reduce the success rate of many forms of cybercrime by educating individuals and organizations in recognizing criminal activity before they fall victim to it;
  • Through various institutional frameworks achieve engagement of multiply government agencies having a large set of beneficiaries and active partnership with the private sector in the awareness-raising process to increase the outreach;
  • Implement tailored educational campaigns for professional civil servants in cybersecurity, cyber hygiene and misinformation campaigns;
  • Implement tailored and large-scale awareness-raising campaigns for the most vulnerable social groups;
  • Share information about threats, best practices, specialized capabilities among stakeholders to build trust and demonstrate value for them;
  • Raise awareness among decision-makers and senior management of LEAs to determine strategic priorities regarding cybercrime and electronic evidence.

Recommendation #4. Co-share resources between CERT and MIA:

  • Temporary secondment - assignment, transfer of LEA professional in CERT in order to get a hand-on experience of CERT incident collection and reporting, classification approaches, together define procedural and organizational formalities. On the contrary, CERT representative can be shifted to cybercrime office in order to get more insight into procedural powers, investigation techniques and assist the process with technical cyber know-how. This advice is vastly promoted by ENISA, Council of Europe as a cooperative tool between cybercrime and cybersecurity authorities;
  • Adopt unified operational standards, develop the capacity of joint work; the experience of joint risk assessment teams of the MIA and the LEPL Revenue Service could be a useful example;
  • Key steps required for information exchange between CERT and the police: Define a common taxonomy related to incidents and events in cybersecurity; Define an exchange standard to enable the sharing of information based on the taxonomy
  • Create statistics based on the information exchanged.

Recommendation #5: Connect, communicate and collaborate:

  • Strengthen formal and informal cooperation frameworks to combat cybercrime in order to build an effective and sound governance system;
  • Elaborate and adopt legislative requirements for the exchange of information between public and private sectors;
  • Foster cooperation between the MIA and ISPs;
  • Develop a secure information sharing platform for the exchange of information on cyber-threats and incidents between cyber authorities;
  • Undertake measures (including legislative amendments) to increase informed and responsible engagement of the private sector in strengthening the country`s cyber resilience.

Recommendation #6: Develop Cybercrime Reporting Mechanism:

  • Establish a cybercrime reporting centre, hotline, providing a central point of contact for citizens and businesses;
  • Develop coordinated mechanisms within the public and the private sector allowing citizens to report cybercrime cases, including online fraud, cyberstalking, child abuse online, identify theft, privacy and security breaches, etc.;
  • Define common reporting methodology with written guidelines to broad stakeholder groups, including foreign counterparts;
  • Launch awareness programs and communication campaigns to promote the regular use of reporting mechanisms by a wider community;
  • Develop digital tools for cybercrime reporting.
Monitoring the Implementation of the Strategy and 2019-2020 Action Plan for the Development of Penitentiary and Crime Prevention Systems in Georgia, and Review of International Best Practices
17-Aug-2020

This study reviews each activity defined in the 2019-2020 action plan, which aims to develop the infrastructural part of the penitentiary system, and evaluates its implementation against pre-defined indicators.

Municipal Social Policy Analysis in the Shida Kartli Region
12-Jun-2019

Within the scope of the research, existing municipal social programs have been evaluated, the core challenges were identified, and the recommendations were elaborated for the local and central authorities.

Analyzing Competitiveness of the Hospital Sector and its Value Chain in the City of Tbilisi – Using Smart Specialisations Methodology Components
14-Mar-2019

Tbilisi is not only the capital city of Georgia, but is also the centre of the country’s economic development. Around 49% of the country’s GDP (GEL 14.3 billion as of 2016) is created in Tbilisi. 

 
Vocational Education in Context of DCFTA
09-Aug-2018

Vocational education and training (VET) plays an important role in promoting selfemployment and increasing the competitiveness of the entrepreneurship of SMEs. The purpose of this policy brief is to analyze the existing challenges in the vocational education system hampering growth in the competitiveness of SMEs and to develop appropriate recommendations thereon. View the full text here.

 

Assessment of Fiscal Sustainability of the Universal Healthcare Program in Georgia, 2015-2030
28-Jul-2017

During the past decade, Georgia reformed its health sector and achieved a decline in child and infant mortality, a reduction in expenditure of inpatient services, an improvement in accessibility, equity and affordability of healthcare services. However, healthcare still remained unaffordable for almost half of the population, and people were spending a large share of their income on out-of-pocket expenses in comparison to other low-and medium-income countries.

 

Study in Georgia: Prospects of Internationalization of Higher Education
25-Oct-2016

The primary aim of the research is to describe and analyze Georgia’s potential for the internationalization and export of higher education system, and to deliver policy recommendations.

 

Compulsory Saving Pension Scheme – Challenges and International Practices
10-Dec-2015

Society was always facing material security issue. Conventional approach, market mechanisms were unable to solve all the problems, so the state took responsibility for it. As a result, new challenges raised, that were exacerbated by the latest demographic trends and put under risk future sustainability of the state pensions system. The threat became a basis for the new reforms, including introduction of private pension savings.

 

Economic Analyses of the Proposed Amendments to the Labor Code of Georgia
20-Dec-2014

PMC Research Centre presents economic analyses to the Labor Code of Georgia. The analysis is based on international empirical studies, experiences of other countries, and the survey of business leaders’ attitudes to the initiated amendments to the Labor Code of Georgia. The aim of the report is to analyze expected economic effects of mentioned changes.