The digitalization of the economy in the Republic of Moldova has brought speed, efficiency, and better access to services, but it has also increased companies’ exposure to cyber risks. Today, the issue is no longer whether a business can become a target, but how prepared it is to manage an incident that can disrupt operations, affect customers, and generate direct financial or reputational losses. At the regulatory level, Moldova already has a dedicated framework through Law No. 48/2023 on cybersecurity, and the authorities treat this field as a strategic priority.
An important nuance should be noted: in the Republic of Moldova, cyber insurance is generally not mandatory by law for all companies. However, for many businesses – especially those that process data, depend on IT systems, or work with online suppliers and customers – it is becoming a practical necessity for risk management. This conclusion results both from the evolution of cyber threats and from the emphasis placed by authorities on ICT resilience and cyber incident management.
An important nuance should be noted: in the Republic of Moldova, cyber insurance is generally not mandatory by law for all companies. However, for many businesses – especially those that process data, depend on IT systems, or work with online suppliers and customers – it is becoming a practical necessity for risk management. This conclusion results both from the evolution of cyber threats and from the emphasis placed by authorities on ICT resilience and cyber incident management.
Cyber threats in Moldova: data and recent incidents
The most useful public data for Moldova comes from STISC reports. In the STISC Activity Report 2024, the institution states that 320 events were registered and analyzed, of which 157 were confirmed as cybersecurity incidents. The report also mentions that response and counteraction measures were applied, including traffic filtering, elimination of security breaches, notification of beneficiaries, and vulnerability remediation.
Source: https://stisc.gov.md/sites/default/files/documents/Raport%20de%20activitate%20STISC%202024.pdf
Beyond the aggregated statistics, there have also been concrete incidents relevant to understanding the risk. STISC publicly reported that Poșta Moldovei was targeted by a ransomware attack in February 2024, an attack that affected the functionality of its information system and critical data.
In addition to confirmed incidents, the flow of public STISC alerts shows that threats are recurring. In 2024 and 2025, the institution issued warnings regarding phishing, including campaigns targeting government email systems and messages pretending to be sent on behalf of authorities. This confirms that simple, scalable, and low-cost attacks for attackers remain among the most common compromise vectors.
In addition to confirmed incidents, the flow of public STISC alerts shows that threats are recurring. In 2024 and 2025, the institution issued warnings regarding phishing, including campaigns targeting government email systems and messages pretending to be sent on behalf of authorities. This confirms that simple, scalable, and low-cost attacks for attackers remain among the most common compromise vectors.
What types of attacks are most common: ransomware, phishing, data breaches
Looking at the European context, ENISA states in the Threat Landscape 2024 report that the main threats include attacks on availability, followed by ransomware and data-related threats. In its documents dedicated to SMEs, ENISA explicitly mentions that among the most common incidents faced by small and medium-sized enterprises are ransomware, phishing, equipment theft, and CEO fraud.
For Moldova, the most visible risks in public data are the same. Phishing remains common because it exploits human error and can be launched on a large scale. Ransomware is dangerous because it disrupts operations and creates immediate financial pressure on the victim. Data breaches are especially sensitive for companies processing personal data, financial information, or contractual documents. Moreover, when personal data is affected, the issue becomes not only technical, but also one of compliance and reputation.
In the case of data breaches, it should also be noted that Moldova has an institutional component for data protection. The National Center for Personal Data Protection (CNPDCP) publishes information regarding the notification of personal data security incidents, and even though the exact regime continues to evolve together with new regulations, the direction is clear: companies must treat incidents affecting data seriously and be able to demonstrate that they handled the situation responsibly.
For Moldova, the most visible risks in public data are the same. Phishing remains common because it exploits human error and can be launched on a large scale. Ransomware is dangerous because it disrupts operations and creates immediate financial pressure on the victim. Data breaches are especially sensitive for companies processing personal data, financial information, or contractual documents. Moreover, when personal data is affected, the issue becomes not only technical, but also one of compliance and reputation.
In the case of data breaches, it should also be noted that Moldova has an institutional component for data protection. The National Center for Personal Data Protection (CNPDCP) publishes information regarding the notification of personal data security incidents, and even though the exact regime continues to evolve together with new regulations, the direction is clear: companies must treat incidents affecting data seriously and be able to demonstrate that they handled the situation responsibly.
The real cost of a cyberattack for a small company in Moldova
Globally, IBM reported in 2024 an average data breach cost of USD 4.88 million, the highest level recorded up to that point. Obviously, this figure cannot be directly applied to the Republic of Moldova, where company sizes and contract values are different. However, it demonstrates an important fact: a breach does not cost only the “server repair,” but the entire chain of consequences affecting operations and data. For a small company in Moldova, even a tiny fraction of this impact can be destabilizing.
What cyber insurance covers and what it does not
On the local market, cyber insurance policies are generally presented as flexible products adapted to the company’s profile. Such a policy may cover incident response expenses and financial losses up to the policy limit, depending on the selected coverage options. In practice, this means that insurance can support the company both operationally and financially, but it does not replace IT security measures.
The exact coverage depends on the contract, exclusions, and underwriting conditions.
The exact coverage depends on the contract, exclusions, and underwriting conditions.
Why the National Bank of Moldova monitors ICT risks in 2026 as a supervisory priority
A very strong argument for the relevance of cyber risk comes directly from the insurance sector itself. In the NBM Priorities for Insurance Sector Supervision for 2026–2027, the National Bank explicitly states that in 2026 it will pay particular attention to how insurers manage ICT risks. The NBM specifies that it will monitor technological governance, identification and remediation of vulnerabilities, monitoring of essential systems, relationships with outsourced providers, and how institutions handle and learn from cyber incidents.
This is important for the entire business environment. If the supervisory authority treats information security and operational resilience as priorities, the message is clear: cyber risk has moved from the “IT” area into the area of business risk and continuity.
This is important for the entire business environment. If the supervisory authority treats information security and operational resilience as priorities, the message is clear: cyber risk has moved from the “IT” area into the area of business risk and continuity.
How to evaluate whether your business needs cyber insurance
A company in Moldova should seriously consider cyber insurance if it falls into at least several of the following categories: it works with customer databases, depends on email and cloud systems, processes payments, operates online, outsources IT services, or could not afford several days of operational downtime. The greater the digital dependence, the stronger the argument for insurance becomes.
In practice, the analysis can start with five simple questions:
If the answers are uncertain, cyber insurance deserves serious consideration, because the risk has become sufficiently real that the lack of a financial safety net may cost more than the policy itself.
In practice, the analysis can start with five simple questions:
- What would happen if we lost access to our data for 48 hours?
- How much would system restoration cost us?
- Do we store sensitive personal or contractual data?
- Can we financially withstand an incident without affecting cash flow?
- Do we know exactly who will help us during the first hours after an attack?
If the answers are uncertain, cyber insurance deserves serious consideration, because the risk has become sufficiently real that the lack of a financial safety net may cost more than the policy itself.
Conclusion
In Moldova, cyber threats can no longer be treated as a marginal issue. STISC data, public alerts, and NBM priorities all point to the same reality: incidents exist, they are becoming more diverse, and they directly affect operational continuity. For a small company, the main risks lie in business interruption, data loss, and recovery costs. That is why cyber insurance is not yet generally mandatory in a legal sense, but for many businesses it is already becoming almost mandatory from an economic and managerial perspective.
