Critical Infrastructure Digitalization and Resilience (CIDR) in Moldova

Summary

Critical Infrastructure Digitalization and Resilience (CIDR) is a five-year regional program managed by DAI for the U.S. Agency for International Development (USAID)’s Bureau for Europe and Eurasia.

CIDR’s country teams work with partner governments and local stakeholders to: 1) accelerate cybersecurity workforce development, 2) empower organizations to identify and address cybersecurity threats, 3) strengthen cybersecurity governance, and 4) facilitate the sharing of cyber threat information

Details

Aim

USAID, through CIDR, aims to help its partner countries improve their cybersecurity posture so critical infrastructure entities are more resilient and can continue to provide citizens with essential services. CIDR partner countries are Albania, Georgia, Kosovo, Moldova, Montenegro, North Macedonia, and Serbia.

Context

Countries in Eastern Europe are facing more diverse and complex cyberattacks targeting critical infrastructure. In response, the CIDR program is assisting partner governments and institutions to protect infrastructure such as energy, telecom, finance, and e-services from these malicious attacks.

Activities

Accelerating workforce development: Countries in Eastern Europe face a growing demand for cybersecurity professionals; CIDR is helping build the supply of qualified cybersecurity job candidates.

• CIDR’s market-driven data is being used in North Macedonia to train professors and instructors and to update university and vocational cybersecurity education.
• CIDR’s Cyber Pathways for Women activities in Moldova, North Macedonia, and Serbia work with government, business, academia, training institutions, and civil society to break down barriers and create pathways to cyber careers and a more gender-inclusive cybersecurity environment.

Empowering entities to identify and address threats: CIDR provides targeted assistance to the critical infrastructure and key institutions on which countries depend.

• In Albania and Moldova, CIDR facilitated hardware and software upgrades and tailored training that increased the capacity of government partners to detect and defend themselves from cyberattacks.
• In Kosovo and North Macedonia, CIDR works with institutions to implement U.S.- and EU-standard information security management systems to identify and mitigate risks and protect data.

Facilitating cybersecurity governance: CIDR builds communication and consensus by facilitating Critical Infrastructure Cybersecurity Working Groups in Kosovo, Moldova, and North Macedonia.

• These working groups are chaired by top government appointees who convene key officials from government, critical infrastructure, academia, civil society, and the private sector.
• Group members use “roadmaps” meeting-to-meeting to build common understanding, deliberate cybersecurity legislation, policy, and oversight, and submit recommendations to government.
• CIDR is advising on the creation of national cybersecurity authorities in Kosovo, Moldova, and North Macedonia and on the drafting of national cybersecurity strategies and institution-specific bylaws.

Establishing information-sharing networks: CIDR builds capacity within national cybersecurity coordination bodies to manage and coordinate responses to cybersecurity incidents, threats, attacks, and mitigation.

• In North Macedonia, CIDR partnered with the Agency for Electronic Communications to conduct the National Coordination Exercise, tabletop exercise, and hands-on technical drill, providing training for the country’s Cybersecurity Incident Response Team (CSIRT) and critical infrastructure operators.
• In Kosovo and Moldova, CIDR is supporting the establishment of the countries’ national cybersecurity authorities, which will oversee cyber emergency response and mitigation and cybersecurity information management, among other responsibilities.