IE-Annual-Report-&-Review-2024

Business Review Cybersecurity: a key focus for the .ie namespace To protect against pervasive cybersecurity threats, the company implements best practice anti-abuse and security measures, including ISO 27001:2023 certification, 24x7 network monitoring, MDR, SIEM, third-party risk management, MFA, and IP restrictions. Safety by design As one of the guardians of Ireland’s national critical Internet infrastructure, the .ie namespace, we prioritise the protection of Irish consumers and SMEs from DNS Abuse by cyber criminals. We have designed several policy measures to ensure the safety of the .ie domain, resulting in a considerably lower level of security threats compared to other top-level domains like .com. The Badness Index for .ie, compiled by the SpamHaus Project – an international non-profit organisation tracking spam and related cyber threats – stands at 0.0%/0.00. Pre-check applications To maintain the integrity of the .ie domain, we pre-check new applications from individuals and businesses to confirm their connection to Ireland. This policy helps prevent bad actors from registering .ie domains for illicit activities that might go undetected in unmanaged registries. Consumer protection protocols We have established protocols in collaboration with regulators to address online technical abuse and facilitate the takedown of .ie websites in specific circumstances. These protocols involve cooperation by our channel partners with regulatory authorities such as the Garda National Cyber Crime Bureau, among others. Tackling technical abuse online In our efforts to proactively respond to online technical abuse of the DNS, we work with Netcraft, an Internet security services provider specialising in cybercrime disruption. Netcraft notifies our Registrars about websites hosting malware, phishing, or botnets, allowing the domain holders to take corrective action with the assistance of their Registrar or hosting provider. Netcraft continues to monitor the website after the fix to ensure the issue is resolved. This benefits innocent victims like SMEs who may be unaware of cyberattackers using the SME’s system to target their unsuspecting customers. Real-time monitoring (MDR, SIEM) .IE implements security measures to enhance the safety of its infrastructure and protect against cyber threats. We employ Managed Detection and Response (MDR) services to actively monitor and analyse network traffic, systems, and applications for signs of malicious activity. This, coupled with Security Information and Event Management (SIEM) solutions, allows us to collect, correlate, and analyse security event data, providing real-time monitoring, threat detection, and incident response capabilities. Third-party risk management (TPRM) As part of our comprehensive security strategy, we prioritise third-party risk management. We conduct annual reviews of our suppliers, and establish contractual agreements to enforce security and data protection requirements with our vendors and service providers. Multi-Factor Authentication (MFA) To fortify access controls, .IE employs Multi-Factor Authentication (MFA) as an additional layer of security for user accounts, both internal and external. By requiring multiple factors such as passwords, tokens, or biometric data, MFA helps prevent unauthorised access even if credentials are compromised. Controlled access via IP authentication We implement IP address restrictions, allowing access to our network and systems only from trusted and authorised IP addresses. This restricted IP addressing reduces the attack surface by limiting potential entry points for malicious actors. “As an OES under NIS1, we have invested heavily in Protect and Detect measures in recent years. Our focus is now on building resilience, and knowledge-sharing using multi-party incident response Playbooks.” Michael Geraghty, Security Officer, .IE IE Domain Registry CLG t/a .IE / Annual Report & Review 2024 20