...
- Alf Moens
- Alberto Perez
- Alessandro Inzerilli
- Antonio Meireles
- Brian Nisbet
- Carlos Friacas
- Casper Dreef
- Christian Grimm
- Cynthia Wagner
- D Burke
- Edit Herczog
- Elias Duerr
- Joao Nuno Ferreira
- Gilles Massen
- Henrik Larsen
- Henry Hughes
- Ilse Koning
- Ivana Jelacic
- Jan Kolouch
- Jenni Hyppola
- John Creaven
- Juan Antonio Gutierrez
- Karen Thorton
- Koen Schelkens
- Kestutis Butkus
- Kristine Andersone
- Mark Tysom
- Mauro Campanella
- Nathalie McKenzie
- Paul Rouse
- Raoul Vernede
- Robert Hackett
- Sabrina Tomassini
- Sarunas Grigaliunas
- Simona Venuti
- Stefan Winter
- Tim Waters
- Vladislav Bidikov
- Leonardo Lanzi
...
- GÉANT has asked a consultancy company to do a review of different NRENs to ty and better determine the position. Group will produce a report by the end of May - interviews are being undertaken. This will report back at the next of these infoshares.
- The Security Workpackage in GN5 will also be able to provide support to NRENs.
- Security Baseline.
- S7 BCM Framework.
- Above are being mapped to the NIS2 Directive alongside GDPR requirements.
- Next steps: working in GN5, SIG-ISM meeting, Next Infoshare (Juneish), Security Day at TNC23.
Comments
...
Gilles: Reminder: the high-level to do list is best summarised by the points in Art 21.2. A lot of this almost qualifies as “common sense” - the actual effort will of course depend on local details, and how many process overhead you can/want/ have to afford. https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32022L2555&qid=1680003102643&from=en.
Edit: EuroHPC is a critical infrastructure. Good to understand this relationship too. Business across countries but not legal entities across countries?
Mauro: A question on connectivity between two entities subjected to NIS-2 a University and an NREN e.g. Will be possible to connect with an entity which is not NIS-2 compliant ? It reads like everyone is on its own. The impact of non-compliance will be interesting. Do we have a duty to enforce compliance? Will we need to segregate networks? Can we have "federation rules" along the lines of SAML federation approach. Needs a grace period that allows people to evolve. This is also true of the current environment with NIS1...don't expect a harmonised situation any time soon.