Support to Georgia Incident Response and Legislation

Summary

The project supported the preparation and implementation of Georgia’s national cybersecurity strategy.

Details

Aim

The project aims to support the development of a new Georgian Cybersecurity Strategy and its associated Implementation Plan, and then to provide advice and assistance on elements of implementation.

Context

In 2018, Georgia began drafting a national cybersecurity strategy to cover the period 2021-24.  Strategy was approved November 2021.

Outcomes

Increased Georgian resilience to cyber threats through transformation of Georgia’s national cyber security structures, capacity and capabilities.

Outputs

Preparatory work for this project produced a national capacity maturity (CMM) report.

Outputs from the projects have included:

• A National Cyber Risk Assessment report (draft) following the best practice of threat Sharing and developed National Incident Management Framework
• Enhanced Technical cyber capacity and capabilities of core cyber security team in Georgia
• Georgia’s national cybersecurity strategy/ developing corresponding action plan

Activities

In FYs19/20 and 20/21, UK government and contracted experts provided advice on preparing a national strategy to their counterparts in Georgia.  This included a CMM and advice on strategy preparation. Addition to this, a team from the UK Home Office helped Georgia to prepare a first National Risks Assessment and supported the core cyber team to prepare the rules and procedures to define critical information systems. The UK Cabinet Office’s Government Communication Service International (GCSI) conducted a scoping visit to understand the level of cybersecurity awareness and campaigns in the country.

In FY21/22 the project continues to provide support and advice to the Georgian National Security Council (NSC) on the delivery and implementation of their new cyber security strategy.  This includes advice on governance and the change management process. The project is working with sectoral agencies to support action plans aligned with the national strategy and working with donors to map international support and help similarly align it with the national strategy.

The project has held donor and implementer coordination meetings through both years.  The first was on 27 November 2019, with the UK and Georgian Data Exchange Agency (DEA) – now the Digital Governance Agency (DGA) – held a meeting with funders and implementers to coordinate cyber capacity building projects in support of the strategy (report by EU For Digital here). At the time of writing, the UK has hosted a further 4 coordination workshops in December 2020, February 2021, May 2021 and July 2021, in conjunction with the Georgian NSC.

Other website links to include

https://eufordigital.eu/meeting-to-discuss-national-cyber-security-strategy-in-georgia/.