On 29 August, CENTR hosted a meeting to kick off discussions on the Sector-Specific Security Guidelines (SSSG) project. The idea for a joint project between the Security and the Legal & Regulatory working groups emerged during the 2019 Jamboree in Amsterdam, as a response to the recent legislative developments in the area of cybersecurity certification. The latest piece of EU legislation in this field - the EU Cybersecurity Act - entered into force on 27 June 2019. The EU Cybersecurity Act establishes the first EU cybersecurity certification framework, according to which the development of EU cybersecurity certification schemes for "ICT products, ICT services and ICT processes" is envisaged in the coming years.
The CENTR community is looking into how to support greater cybersecurity when it comes to ccTLDs as a sector and how to address the cybersecurity certification needs put forward by the EU Cybersecurity Act.
15 security experts from a variety of ccTLDs travelled to Brussels to brainstorm on the next steps within the SSSG and to make sure the interests of ccTLDs are adequately taken into consideration within the current EU cybersecurity policy.
The outcome of the first meeting was to jointly map all information security standards and practices relevant for ccTLDs that are currently in use and to identify possible gaps that need to be addressed in the future, including by further standardisation.
