Alessandro Lazari about Critical Infrastructure Security and Resilience in Georgia

Co-author of a recently published PMC Research policy paper, Alessandro Lazari, sat down for an extensive interview with Radio Free Europe/Radio Liberty (RFE/RL) where he shared his views on critical infrastructure generally, and its status in Georgia specifically.

Earlier this year, Lazari, along with Nana Tabagua, co-wrote a policy paper published by PMC Research entitled “Critical Infrastructure Security and Resilience (CISR) Policy in Georgia: State of Play and Future Prospects.” The paper was well received at the “Advancing Crititcal Infrastructure and Resilience Policy in Georgia” conference, hosted by PMCG in late March.

Read our publication: Critical Infrastructure Security and Resilience in Georgia: State of Play and Future Prospects

Pertinently, today the protection of critical infrastructure and ensuring its reliability are among the key issues for Georgia to address and regulate on its path toward European integration.

?Against this background, when speaking to RFE/RL, Lazari in some detail explained the current situation in Georgia with regard to critical infrastructure security and resilience, and outlined future steps that ought to be taken.???

Critical Infrastructure – Backbone of Society Taken for Granted

Alessandro Lazari Interview on Critical Infrastructure on Radio Free Europe/Radio Liberty ( In Georgian)

At the outset, Lazari outlined:

“Critical infrastructure is the backbone of our society. Society relies heavily on critical infrastructure, which includes the energy sector, the transportation sector, the banking and financial system, and healthcare. So everything we are surrounded by is critical infrastructure.”

He then added: “The reason why this topic is often not perceived as important by the population is that these services are taken for granted. Imagine going home, you just press a button when you want to turn on the light, turn on the water, turn on the TV.”

Before addressing the Georgian context specifically, Lazari turned his attention to the various types of threats facing critical infrastructure. In particular, he noted: “In the cyber dimension, someone could attack the network or the information system serving companies or managing government facilities. There are also hybrid threats, such as economic warfare, the purpose of which is to weaken the capacity and financial stability of individual companies, to drive them out of the market.”

Learn more: Hosting Conference on Critical Infrastructure Security

He proceeded to state that a country’s critical infrastructure priorities are determined by numerous factors: “It depends a lot on the national context, the state's economy, culture, and the degree to which the power supply system or telecommunications services are developed. Obviously, many countries are influenced by the region in which they are located. Threats and incidents may stem from poor relations with neighboring countries.”

Delving into further detail, Lazari also highlighted the roles of the public and private sectors in safeguarding critical infrastructure. He opined:

“Obviously, the state is responsible for national security, and for passing key laws and regulations. However, there is also a private dimension to consider: companies that own and operate critical infrastructure are primarily responsible for its security. So, we can talk about public-private cooperation, where many other actors need to be involved including local communities and authorities. I would also include academia, which has an important role to play in protecting critical infrastructure—for example, university research centers. ?

Cybersecurity –Critical Infrastructure Facing New Threats

Lazari, who partook in a task force in his native Italy during the COVID-19 pandemic to guide critical infrastructure operators through the crisis, also highlighted the growing peril of terrorism (physical and cyber) in the critical infrastructure realm.

He explained:

“Countries face threats from external terrorism as well as threats from internal insurgency, social unrest, and sabotage. That's why critical infrastructure needs to be physically protected. This is usually done through security and police forces, resilience, and surveillance. The cyber dimension is becoming very common for two reasons: it costs almost nothing and the attacker can remain anonymous.”

Expanding on the emergence of cyber threats to critical infrastructure, he observed: “It creates a serious problem when it comes to holding people accountable, because you never know who is attacking you. Cyber-attacks are becoming more serious and the attackers are increasingly exploiting new vulnerabilities.”

Critical Infrastructure – The State of Play in Georgia

When asked about the status quo in Georgia regarding critical infrastructure, Lazari offered an expansive overview: “The situation is far from underdeveloped. There are parties doing their duty to protect the critical infrastructure. However, this happens spontaneously, in a fragmented way. As an EU candidate country, it is expected that a proper framework will be created. Before that, an action plan or strategy is needed, outlining Georgia's goals in the short, medium, and long term to improve security and resilience.”

Looking at the next steps for Georgia in this regard on its EU path, Lazari advised improving rather than replacing the current framework: “Without a doubt, I would build on the existing one. Creating a national critical infrastructure framework does not mean erasing the existing one. Georgia already has agencies working on critical infrastructure, and they are taking action. However, you need a comprehensive approach, it needs to be cross-sectoral and harmonized - agencies should talk to each other because critical infrastructures are very interdependent. The framework should create coordination and monitoring mechanisms for all vital infrastructure in Georgia.”

In the context of EU harmonization, Lazari pointed to the recently published Critical Unit Resilience Directive and Network and Information Systems (NIS) Directive as “the latest cornerstones in terms of EU regulations,” which Georgia will have to consider.

On an optimistic note, Lazari drew from his recent successful experiences as part of the EU’s enlargement efforts in the Western Balkans, and referred to useful examples Georgia might follow in terms of critical infrastructure policy and regional cooperation.

He noted: “These small countries, smaller than Georgia, form a very solid framework. They are trying to create a simplified, lightweight framework appropriate to the capabilities of their state administrations. They are doing it, and Georgia can follow their example and create its own policy. We should not forget that it should be adapted to suit Georgia. Only Georgians can decide what is good for Georgia.”

Read on our: The Interview

Read on our blog: News Articles