You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 9 Next »

Attendees

  • Alf Moens
  • Ana Alves
  • Anastas Mishev
  • Andrea Garcia-Casillas
  • Anne-Marie Achrenius
  • Brian Nisbet
  • Carlos Nisbet
  • Carlos Friaças
  • Christian Grimm
  • Christoph Campregher
  • Cynthia Wagner
  • Daniel Muscat
  • Dave Mifsudi
  • Eligijus Račkauskas
  • Floor Jas
  • Gilles Massen
  • Henrik Larsen
  • Ilse Koning
  • Irina Mattews
  • Ivana Golub
  • Ivana Jelacic 
  • Jan Kolouch
  • Jan Wiebelitz 
  • Jennifer Ross
  • Jeroen Schuuring 
  • João Nuno Ferreira
  • John Creaven
  • Kestutis Butkus
  • Lars Lange Bjorn
  • Laurentiu Sandu-Bufi
  • Michael Schmidt
  • Natalia Voces Fernández
  • Øyvind Eilertsen
  • Ralf Groeper
  • Ramaz Kvatadze
  • Raoul Vernède
  • Robert Hackett
  • Rolf Stute Normann
  • Rune Sydskjør
  • Ryan Richford 
  • Simona Venuti
  • Stefan Piger
  • Stefan WInter
  • Thibaud Badouard
  • Tim Waters
  • Tony Barber
  • Viktoras
  • Zoë Fischer 

This infoshare has been recorded. You can find the recording here

Agenda 

ItemSpeakerNotes
Welcome and Introduction Alf Moens Slides
Summary - Where are we now with NIS2Alf Moens
CISO meetings 2023Ana AlvesSlides CISO meetings
NIS-2 at CARnetIvana JelačićSlides CARnet
Update CesnetJan Kolouch
  • Education is regulated by local law (based on NIS2).
  • Cesnet officially in scope (provider of infrastructure).
  • The law has not yet been approved by the Czech Parliament, but it will regulate more than it does now.
  • Law will define two certs (governemetal and national).
Update SURFFloor Jas

  • Still no answer from ministry (Education and Science).

  • Information on NIS2 now mainly about universities and universities for applied sciences.

  • As NREN still not clear if in scope or not. CERT task a lot of debate in the Netherlands.

  • If large part of the sector will be under NIS2 SURFCERT will also.

Update DFNRalf Groeper
  • Same situation as in the Netherlands.
  • There is a trend that education will not fall under the regulations (but research organisation would → only higher education and not schools).
  • Critical infrastructure only networks that are available for the public (not DFN)
  • But also companies in the telecom that have annual budget over 50million euros a year they will fall under regulation
    • Not clear if DFN is a company, because they are non-profit organisation.
    • Not sure if applied to commercial purposes (if research organisations always in scope or only for commercial purposes)

  • For DFNCERT: it doesnt say anything about sector CCERTs. It only talks about BSI.

Update RENATERThibaud Badouard
  • RENTATER will be in scope (not sure in which parts) because they are public network operators/domain registration.
  • Issue: In France they are not a commercial company but not a public organisation either (their status is completely new).
  • Government told RENATER that they have the right to choose organisations (even if they are not exactly in the categories).
  • RENATER CERT part will not be CCERT part for education community because there is also a public CCERT.
Update FCCN

João Nuno Ferreira

  • FCCN are already in scope because they operate an internet exchange (already in scope for NIS1).
  • FCCN have received clarity on when research organisations will be included in NIS2 and when they will not.
  • They are waiting for the first drafts of Portuguese legislation.
  • Will CERT be CCERT for the sector? For all entities to the network and the Ministry (the rest will be the Cyber Security Centre). 

Next meeting

Next infoshare will be in March 2024. 

  • No labels