Given the history of large-scale cyber-attacks against the Georgian state and society in 2008, specific caution and preparation against such threats is required.
There is thus a necessity for cooperation between policy makers, cybersecurity community, criminal justice authorities and the private sector, as information systems that support electoral process are classic example of critical information infrastructure that needs proper protection against cyber threats.
Specifically, information security rules including target hardening and damage mitigation, proactive response to online disinformation and social engineering efforts, timely incident and crime reporting, and coordination between agencies in case of attacks against such systems are just a few examples that would contribute to resilience and stability of such systems and of the electoral process in general.
In this context, a one-day online table-top exercise for the Georgian authorities was organised, aiming to bring together all relevant national stakeholders and focus on a specific scenario of attack on election security, developing the skills of coordination and response in real-time environment.
The exercise was intended to focus on the following aspects of elections security: tackling social engineering, fake news and online disinformation campaigns, especially from foreign actors; open source intelligence (OSINT) for purposes of attribution and planning response; coordination and joint response needs and responsibilities.