This statement was made by Mihai Lupascu, director of the National Agency for Cyber Security, at a forum on these issues in Chisinau. He also noted that information leakage is often the fault of consumers themselves, who provide their data out of ignorance or inattention. Therefore, such a component as financial education is also important.
In order to reduce cyber risks, companies are recommended to purchase and install special software for scanning corporate networks and applications, as well as for ensuring anti-virus security.
Mihai Lupascu told Logos Press that Moldova has a law on cyber security, harmonized with the EU directives in this field. Several by-laws have been elaborated to it. Therefore, Moldova has made good progress in terms of legislation, but now it is a question of applying the norms.
At the moment, there are consultations at enterprises from different sectors and ministries on the European directive NIS2. According to this document, organizations exposed to the risk of cyber attacks must “implement comprehensive measures to manage these risks, including threat identification, vulnerability assessment and incident response plans”. The directive requires businesses to conduct regular penetration testing and security audits.
“The good news is that in many countries this process has been slower than ours,” says Mihai Lupascu. – Now we are identifying the degree of risk in the provision of services in the banking and financial sectors, in medicine, energy, transportation, etc.”
Today, not all companies are open to providing an adequate level of cyber defense. This requires investment. But as noted at the forum, not all exposed entities even have a cybersecurity specialist. Companies do not conduct audits and pay more attention to these issues only in a crisis situation. Although there is a lot of special software on the market to strengthen security measures in cyberspace, including free ones, not all companies use them.
