Last week in Chisinau were held several events. On this occasion, I had the pleasant surprise to see that the Information Security Concept of Moldova was launched and approved by the Government. A fact which I applaud, as an unusual gesture, because a document regarding the information security has not been approved yet by Romania either, even if it applies the National Defense Strategy since July 2015, which states these elements of threats, risks and vulnerabilities; and the responsible institutions who applies it, in fact, for years. When I got to read with a pencil, the document in question, I found very good things and less good things, and unfortunately, a number of major confusions that must be remedied. However, I must welcome this step.

Good things are obvious: an extremely well-balanced structure of the Concept - describing the situation and problem definition, fundamental concepts (definitions), the purpose and objectives of the Concept, as a document, policy documents and relevant papers, tools and approaches to solve the problem, institutional system and its objectives, assurance of information security and ways to achieve this, international co-operation on the matter, the organization of the responsible institutional system, impact evaluation, threats and sources of threats to national security information line.

Another positive sensible element is the construction of a hierarchy of the rigors that develop the Barry Buzan's concept of security and European Security School in Copenhagen, which place the secured elements on three levels: the citizen, the society and the state. Furthermore, the proposed hierarchy by the document places (in the alternative, it is true), more symbolically, the citizen in the foreground, a deeply liberal approach, and the rights of citizens, its interests, of the society and of the state - between the defended components of the responsible institutions. Once again, a modern approach, liberal, with the citizen in the forefront of the security approaches.

There are also elements that betray the authors confusion and lack of some legislation helping elements, discovered along the way and suddenly introduced in the same document which came very dense, confusing, frequently unclear and highly bureaucratic, sometimes even verging on drunkenness words. In terms of legislative technique, even in matters of strategic documents with political relevancy, as it should be, the Concept is - to repeat myself - an unclear document, confusing, bushy and without a view. So, without being intelligible to the authors themselves, let alone for the responsible institutions, not to mention the population.

Thus, the main confusion that is made throughout the document is between information, cybernetic and informational. The confusion is at times major, even if, in the Concept contents, the elements of all these notions. However, after reading the document, except for a number of general provisions that can refer to the informational security, and two or three specific mentions of this - including the reference to psychological operations - the document seems to be rather a strategy of Cyber Security than one of information security, although in some ways seems to encompass concerns and elements of the previous one.

Let us be clear: cyber security concerns cyberspace, computer objects, and in the virtual space it just concerns the aggressive action towards the components of a computer system - computers, networking, communications - that attacks, compromises or extracts data. Nothing to do with informational security, one that refers to the information space, which has to do with public information, with media, with the internet and social networks for the purposes of their use for psychological operations, trolls wars, recruitment operations and conditioning in cyberspace, propaganda, misinformation, active measures in the public space, including virtual and internet, lobby operations for achieving those listed above. So, for a concept of informational security, people have to wait, Moldova was not the champion to combat such kind of bullying!

Why do I say this is confusion? The two plans merge, overlap, there are elements of informational security, mixed through the document that concerns in fact the cyber security. The cyberspace is an environment of conducting an informational warfare, so the informational security must be ensured in this space as well, so it has to do with the cyber security, physical elements of Communications and Information. However, the remaining elements of public space are aiming regulations and instruments that have to do inclusively with content from this virtual space as one from the public space, media, virtual or not.

And then I was saying that there are lacking certain support laws, which transpires in the complication and mixing of the provisions in the current concept: the law on free access to public information, the law of free access to classified information, personal data protection, in the first place. A complete rationalization of the concept is absolutely necessary to communicate clearly with the people want do we want and to be understood! Otherwise the document is useless, it is checked a point or a necessity requested by the EU in the Association Agreement and that's it.

Neither on the scale of cyber security the things are not simple, there does not exist at least the separation of hardware and software; nor any reference to software, licenses or royalties, to antivirus programs and proper use of computers, of each terminal connected to the Internet. Since we started with the notions, the highlighted in the text by us (and many of those that are there), with unclear definitions and often unnecessary, could be missing: less damage.

Otherwise, a salutary document: through will and desire, with the courtesy to adopt it in a theoretical framework approach and from a welcomed angle of understanding of security, but - I repeat - with many things redone, cerebrated, rewritten (fundamentally!). Launch the application and we will come to help, as we did with other documents in the area of the Republic of Moldova.