Cristina Pereteatcu, State Secretary at the Ministry of Energy, participated today in the Energy Moldova Forum event held in Chișinău. Pereteatcu spoke during the panel titled “Cybersecurity in the Energy Sector of the Republic of Moldova: Current Situation Assessment and Resilience Strengthening.”

The State Secretary emphasized that cybersecurity is no longer an option but an obligation. This is because the energy infrastructure of the Republic of Moldova is exposed to real risks. According to her, over 70% of the energy infrastructure operates on outdated systems, many of which, including SCADA systems, were installed without considering current cyber risks.

“The energy infrastructure of the Republic of Moldova faces real risks, and we have the responsibility to act now, not after damages have already been done. At this moment, only 10% of critical energy infrastructure is monitored in real time. In other words, we are flying blind. And attackers know this,” said Cristina Pereteatcu.

In her speech, Pereteatcu also drew attention to the lack of convergence between operational technologies (OT) and information technologies (IT), the human risks caused by insufficient staff training, as well as serious vulnerabilities in the supply chain.

“Just last year, we had three major cyber incidents in the energy sector that could have been prevented. Even more serious, however, is what we don’t know, because without effective monitoring, the actual number of minor incidents remains unknown.”

To address these challenges, the Ministry of Energy is launching a Digital Transformation Program for the Energy Sector, which includes a key component dedicated to cybersecurity, with a budget of over 200 million lei, representing 21% of the total planned investments.

“With this program, we are making a radical change. We move from a reactive to a proactive approach, from fragility to resilience. We want Moldova to become a regional leader in energy cybersecurity by 2030,” Pereteatcu stressed.

The program foresees the creation of the Cybersecurity Center for the Energy Sector (CSSCE) by the end of 2026, as well as real-time monitoring of 100% of critical infrastructure. It also includes ISO 27001 certification for all critical operators, compliance with the European NIS2 Directive, training for over 5,000 people by 2030, and awareness campaigns reaching 80% of consumers.