> On 6 Nov 2018, at 15:12, Nick Hilliard <[email protected]> wrote: > > Chris Buckridge wrote on 06/11/2018 04:45: >> At this point, the communication with the Dutch regulator has been of >> an informal nature. We plan to communicate more explicitly to the >> community when the official decision regarding Dutch essential >> services is made public. However, the key points in our communication >> have centred around the fact that a single root server operator, due >> to the distributed nature of the DNS, should not be considered an >> Operator of Essential Services under the NIS Directive. > Hi Chris, > > has the dutch regulator published their criteria for being selected as an OES? > > Nick > Hi Nick,
From our conversation with the Dutch competent authority it wasn’t clear, but we aren’t aware of any specific Dutch requirements. Earlier on, however, ENISA published a number of guidelines and requirements that member states can use in evaluating operators and services against the NIS Directive requirements - these are published here: https://www.enisa.europa.eu/topics/critical-information-infrastructures-and-services/cii/nis-directive Also, there was a presentation by the Dutch National Cyber Security Centre during RIPE 74, in which they explained a bit more about the purpose and objectives of the directive and their views of what would be considered essential services. A recording and the slides are available from https://ripe74.ripe.net/archives/video/135/ Cheers Chris
signature.asc
Description: Message signed with OpenPGP
