In implementation of Law No. 25/2024 “On Cybersecurity” and the relevant methodology, the Council of Ministers has approved the updated list of operators of critical and important information infrastructure, comprising a total of 215 operators at the national level:
🔹 133 classified as critical infrastructure,
🔹 82 classified as important information infrastructure.
The identification process was conducted by the National Cybersecurity Authority (AKSK) through a structured and comprehensive methodology that included: identifying high-criticality sectors and subsectors, consulting with relevant regulatory authorities, distributing self-assessment questionnaires, and analyzing the data in accordance with general and sector-specific criteria.
The updated list covers a range of sectors, including energy, financial infrastructure, transportation, drinking water supply, digital service providers, education, tourism, media, and more.
All these operators are now part of a stable structure that is continuously monitored by AKSK, which provides:
✅ Access to technical assistance and methodological support for building security policies;
✅ Capacity-building training programs;
✅ Legal obligations for implementing security measures, incident reporting, and more.
The inclusion of these operators represents both a strategic responsibility to protect the state’s and society’s key functions in an increasingly interconnected digital environment, and a legal obligation in line with the applicable regulatory framework.