IE-Annual-Report-2023

Cybersecurity: a key focus for the .ie namespace .IE ensures the efficient and secure operation of the .ie domain with best practice security measures, including MDR, SIEM, 24x7 network monitoring, third-party risk management, MFA, restricted IP addressing, and ISO 27001 certification. As one of the guardians of Ireland’s national critical Internet infrastructure, the .ie namespace, we prioritise the protection of Irish consumers and SMEs from cyber criminals. We have implemented several measures to ensure the safety of the .ie domain, resulting in a considerably lower level of security threats compared to other top-level domains like .com. The Badness Index for .ie, compiled by the SpamHaus Project – an international non-profit organisation tracking spam and related cyber threats – stands at 0.0%/0.00. Pre-check applications To maintain the integrity of the .ie domain, we pre-check new applications from individuals and businesses to confirm their connection to Ireland. This process helps prevent bad actors from registering .ie domains for illicit activities that might go undetected in unmanaged registries. Consumer protection protocols We have established protocols in collaboration with regulators to address online technical abuse and facilitate the takedown of .ie websites in specific circumstances. These protocols involve cooperation by our channel partners and regulatory authorities such as the Garda National Cyber Crime Bureau, among others. Tackling technical abuse online In our efforts to proactively respond to online abuse, we work with Netcraft, an Internet security services provider specialising in cybercrime disruption. Netcraft notifies our Registrars about websites hosting malware, phishing, or botnets, allowing the domain holders to take corrective action with the assistance of their Registrar or hosting provider. Netcraft continues to monitor the website after the fix to ensure the issue is resolved, benefiting innocent victims like SMEs who may be unaware of cyberattacks targeting them. MDR and SIEM .IE implements various other security measures to enhance the safety of its infrastructure and protect against cyber threats. We employ Managed Detection and Response (MDR) services to actively monitor and analyse network traffic, systems, and applications for signs of malicious activity. This, coupled with Security Information and Event Management (SIEM) solutions, allows us to collect, correlate, and analyse security event data, providing real-time monitoring, threat detection, and incident response capabilities. Third-party risk management As part of our comprehensive security strategy, we prioritise third-party risk management. We conduct thorough assessments, evaluate security controls, and establish contractual agreements to enforce security and data protection requirements with our vendors and service providers. Multi-Factor Authentication (MFA) To fortify access controls, .IE employs Multi- Factor Authentication (MFA) as an additional layer of security for user accounts, both internal and external. By requiring multiple factors such as passwords, tokens, or biometric data, MFA helps prevent unauthorised access even if credentials are compromised. IP address restrictions We implement IP address restrictions, allowing access to our network and systems only from trusted and authorised IP addresses. This restricted IP addressing reduces the attack surface by limiting potential entry points for malicious actors. “.IE is designated as an Operator of Essential Services (OES) under the NIS Directive, and in this regard, reports to the National Competent Authority – the National Cybersecurity Centre (NCSC). Mick Begley, Chief Information Officer, .IE Business Review IE Domain Registry CLG t/a .IE / Annual Report & Review 2023 16