Nominet and European counterparts link up on intelligence sharing

The UK’s internet domain registrar, Nominet, has joined up with its counterparts from across Europe to launch a top-level domain information sharing and analysis centre (TLD ISAC) with the aim of strengthening cyber security capabilities and resilience through increased collaboration among TLD operators.

The other authorities joining Nominet to launch the European TLD ISAC are Austria’s NIC., Belgium’s DNS Belgium, Denmark’s Punktum dk, the European Union’s EURid, France’s AFNIC, Germany’s DENIC eG , the Netherlands’ SIDN, Slovenia’s Registry.si, Spains Red.es and Switzerland’s SWITCH. Support is also being provided by the Council of European National Top Level Domain Registries (CENTR).

The group say given the challenges to the digital landscape posed by evolving and growing cyber threats, proactive security measures are becoming more critical. The European TLD ISAC will help to address this by serving as a forum to share insight and best practice, and to act as a central point of information for industry and the public.

“This ISAC is incredibly valuable as it gives us a platform to share our collective challenges, and the knowledge, thoughts and best practices needed to face these,” said Nominet CISO Paul Lewis, who also serves as the chair of the TLD ISAC Steering Committee.

“Right now, cyber criminals are out there sharing information and we need to do the same if we’re going to keep pace with the threat landscape. By taking this proactive approach, we can set a positive example for the TLD operator industry.”

DNS Belgium CISO and chair of the TLD ISAC Working Group, Kristof Tuyteleers, added: “The TLD ISAC Working Group will allow us to make use of the shared knowledge of all members across Europe to further improve our cybersecurity and response to emerging cyber threats.

“The website is an important facilitator. It is also our calling card for interested stakeholders to see what the ISAC has to offer and how important our joint contribution is to the global security of the domain name space.”

The European TLD ISAC plans to fill its website with a wealth of content resources covering subjects such as DDoS attacks on authoritative servers, the use of firewalls, and unpatched DNS servers on internal networks, to name but a few. Its debut publication on measuring maturity levels in cyber security also outlines a new model developed by consortium members through CENTR.

According to Tuyteleers, the hybrid CENTR Member Security Maturity Model (CM-SMM) lets users benchmark their current security maturity levels and measure how their cyber practices are evolving over time. Its was developed by incorporating various concepts from pre-existing cyber maturity models, security standards and best practices.

It is loosely based on the US National Institute of Standards and Technology’s (NIST’s) cyber security framework structure. It aims to help users achieve seven core goals:

• To strengthen their security resilience and capabilities;
• To enable consistent and effective evaluation of benchmark security practice;
• To provide a means to assess and benchmark performance;
• To identify gaps in security and develop plans to address those;
• To prioritise actions and investments that improve security;
• To effectively demonstrate the results of these improvement efforts;
• And to share knowledge, best practice and capabilities within the organisation.