The year 2022 was marked by anonymous reports of bombings in schools and other important institutions across Serbia, spread via computers. These events have triggered a public debate on whether the authorities responsible for combating cybercrime can adequately respond to such attacks. As the number of internet users increases, so does the number of potential victims of cybercrime and the obligation of states to protect citizens. Recent events have shown the vulnerability of society to high-tech crime and the risks it poses. The paper analyses the normative and institutional framework for combating cybercrime and data from the Ministry of Internal Affairs on cybercrime. The paper aims to suggest possible changes, based on the analysis of existing cybercrime legislation and the analysis of the institutional framework here and in some European countries, to ensure more effective protection against cybercrime. The paper uses both a normative and a comparative method to present the measures taken in other countries. Descriptive analysis was used to analyze the data collected. The conclusion is that despite a good normative framework, the fight against cybercrime is not adequate, mainly because of the far too small number of staff in special departments and sections of the prosecutor's office and the police compared to the number of crimes, which is increasing year by year. The danger is also that many people are not educated about the dangers of using the internet. Therefore, more attention should be paid shortly to educating citizens of all ages about the dangers and the types of cybercrime.