On 6 Nov 2018, at 15:12, Nick Hilliard <nick@inex.ie> wrote:
Chris Buckridge wrote on 06/11/2018 04:45:
At this point, the communication with the Dutch regulator has been of an informal nature. We plan to communicate more explicitly to the community when the official decision regarding Dutch essential services is made public. However, the key points in our communication have centred around the fact that a single root server operator, due to the distributed nature of the DNS, should not be considered an Operator of Essential Services under the NIS Directive. Hi Chris,
has the dutch regulator published their criteria for being selected as an OES?
Nick
Hi Nick, From our conversation with the Dutch competent authority it wasn’t clear, but we aren’t aware of any specific Dutch requirements. Earlier on, however, ENISA published a number of guidelines and requirements that member states can use in evaluating operators and services against the NIS Directive requirements - these are published here: https://www.enisa.europa.eu/topics/critical-information-infrastructures-and-... Also, there was a presentation by the Dutch National Cyber Security Centre during RIPE 74, in which they explained a bit more about the purpose and objectives of the directive and their views of what would be considered essential services. A recording and the slides are available from https://ripe74.ripe.net/archives/video/135/ Cheers Chris