Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

ItemSpeakerNotes
Welcome and Introduction Alf Moens Slides
Summary - Where are we now with NIS2Alf Moens
CISO meetings 2023Ana AlvesSlides CISO meetings
NIS-2 at CARnetIvana JelačićSlides CARnet
Cesnet Update CesnetJan Kolouch
  • Education is regulated by local law (based on NIS2).
  • Cesnet officially in scope (provider of infrastructure).
  • The law has not yet been approved by the Czech Parliament, but it will regulate more than it does now.
  • Law will define two certs (governemetal and national).
SURF Update SURFFloor Jas
  • Still no answer from ministry (Education and Science).

  • Information on NIS2 now mainly about universities and universities for applied sciences.

  • As NREN still not clear if in scope or not. CERT task a lot of debate in the Netherlands.

  • If large part of the sector will be under NIS2 SURFCERT will also.

DFN Update DFNRalf Groeper
  • Same situation as in the Netherlands.
  • There is a trend that education will not fall under the regulations (but research organisation would → only higher education and not schools).
  • Critical infrastructure only networks that are available for the public (not DFN)
  • But also companies in the telecom that have annual budget over 50million euros a year they will fall under regulation
    • Not clear if DFN is a company, because they are non-profit organisation.
    • Not sure if applied to commercial purposes (if research organisations always in scope or only for commercial purposes)
  • For DFNCERT: it doesnt say anything about sector CCERTs. It only talks about BSI.

RENATER Update RENATERThibaud Badouard
  • RENTATER will be in scope (not sure in which parts) because they are public network operators/domain registration.
  • Issue: In France they are not a commercial company but not a public organisation either (their status is completely new).
  • Government told RENATER that they have the right to choose organisations (even if they are not exactly in the categories).
  • RENATER CERT part will not be CCERT part for education community because there is also a public CCERT.
FCCN Update FCCN

João Nuno Ferreira

  • FCCN are already in scope because they operate an internet exchange (already in scope for NIS1).
  • FCCN have received clarity on when research organisations will be included in NIS2 and when they will not.
  • They are waiting for the first drafts of Portuguese legislation.
  • Will CERT be CCERT for the sector? For all entities to the network and the Ministry (the rest will be the Cyber Security Centre). 

...