On March 16, 2023, Moldova’s Parliament adopted the national Cybersecurity Law (No. 48/2023), establishing the country’s first legal framework for cybersecurity governance aligned with the European Union’s Directive on the security of network and information systems. The law was published in the Official Gazette on May 2, 2023, with an enforcement date of January 1, 2025. It was drafted with technical support from Estonia’s e-Governance Academy under the EU-funded Moldova Cybersecurity Rapid Assistance Project.
According to the law, the government designates a competent authority at the national level in the field of cybersecurity and establishes mandatory incident reporting requirements for medium-sized and larger internet service providers and entities within critical sectors. Deputy Prime Minister Dumitru Alaiba said that when developing cybersecurity policy, Moldova adopted best practices from the EU to facilitate regional and international communication and enhance security.
Implementation of the law led to the creation of Moldova’s Agency for Cyber Security (ASC) in December 2023. The agency serves as the single point of contact for cyber incident response and is responsible for state supervision and control of service providers’ compliance with cybersecurity requirements. The ASC director has publicly identified quantum computing among the disruptive technologies expected to add complexity to Moldova’s threat environment, a concern that will shape the agency’s future policy development as Moldova progresses toward EU accession.