FS 3: New European proposals – NIS2 and cybersecurity agenda
Rapporteur: Peter Van Roste, CENTR
- FYI: companies outside EU have to choose a representative in EU (DNS, cloud, data centre, search engine)
- Might be worth to further look into or discuss horizontal vs vertical approaches when defining scope and seeking alignment between NIS2 and other instruments (e.g. EECC)
- Multistakeholder bodies rely on multilateral bodies for their support, rather then trying to immediately seek multi-lateral solutions
- Need to educate companies on what is applicable to them, help them and guide them into compliance
- Concerning registration data, GDPR defines the principles that data controllers should follow. NIS2 is compliant with these principles.
- There are existing policies within European ccTLDs to ensure registration data accuracy, dependent on national laws and availability of eID solutions.
- More clarity is needed on accountability and the roles of different entities under the scope of NIS2.
Recent Comments on this Site
5th July 2022 at 5:37 pm
Paragraph 2: Mentioning standardisation bodies in one line with industry deployment seems like a mix-up/mistake.
See in context
5th July 2022 at 5:33 pm
Paragraph 2: It is unclear what the actual message is.
See in context
5th July 2022 at 5:32 pm
Paragraph 1: It is unclear what the actual message is.
See in context
5th July 2022 at 5:30 pm
Here, ‘relentless testing’ is not necessarily connected to consumers but to consumer organisations’ testing programmes and to societal organisation of responsible disclosure.
Also, it is unclear what procurement has got to do with lower-level standard bodies (who are they?).
See in context
5th July 2022 at 5:12 pm
The following should be included: “The multi stakeholder involvement in the standards development process is needed, as is the value of a collaborative process to address identified problems and or issues, including the engagement of policymakers in the process so they gain a better understanding of what standards exist and how they are intended to be applied. Governments are critical to encourage development, adoption and standards implementation rather than mandate or regulate solutions.”
See in context
5th July 2022 at 5:11 pm
Here the messaging does not capture the focus of the discussion on the need to implement standards once they have been finalized. That an implementation framework is important to address national cybersecurity issues and at the international level cooperation is important for effective implementation.
See in context
5th July 2022 at 5:02 pm
The following should be included:
The multi stakeholder involvement in standards development process is needed, as is the value of a collaborative process to address identified problems and or issues, including the engagement of policymakers in the process so they gain a better understanding of what standards exist and how they are intended to be applied. Governments are critical to encourage development, adoption and standards implementation rather than mandate or regulate solutions.
See in context
5th July 2022 at 5:00 pm
The multi stakeholder involvement in the standards development processis crucial, as is the value of a collaborative process to address identified problems and or issues, including the engagement of policymakers in the process so they gain a better understanding of what standards exist and how they are intended to be applied. Governments are critical to encourage development, adoption and standards implementation rather than mandate or regulate solutions.
See in context
2nd July 2022 at 10:46 pm
Alternative wording:
The European vision of digital sovereignty could (should?) be used to increase competition and foster economic growth for the EU and its member states.
See in context
2nd July 2022 at 10:44 pm
comment on paragraph I don’t see this paragraph related to the Digital Sovereignty discussions. I suggest deleting it.
See in context