Cybersecurity – a key focus for the .ie namespace

.IE Tech
Cybersecurity
by Mick Begley
16 Sep 2022

.IE is designated as an Operator of Essential Services (OES) under the Network and Information Systems (NIS) directive. As one of the guardians of Ireland’s national critical internet infrastructure, the .ie namespace, we are acutely aware of helping to protect Irish consumers and SMEs from cyber criminals.

We take a number of steps to keep the .ie domain as safe as possible and this ensures that the level of security threat to .ie websites is a lot lower than other top level domains, such as .com. Check out The SpamHaus Project, an international nonprofit organisation that tracks spam and related cyber threats such as phishing, malware and botnets. It collates a Badness Index for top level domains. The Badness Index of .ie is 0.0% / 0.00.

Manually review .ie applications

Only individuals and businesses with a provable connection to Ireland can register a .ie domain, and applications from new customers are manually reviewed to ensure that they meet this requirement. This process keeps the .ie domain largely free from registrations by bad actors for their quick-moving scams and other illegal activities that unmanaged domains cannot control as easily.

Consumer protection protocols

We have established protocols with regulators to address online illegality and to permit ‘take-down’ of .ie websites under certain circumstances. There is a Regulatory Authority Protocol for dealing with illegal content on .ie websites. The regulatory authorities with whom we engage include the Office of the Director of Corporate Enforcement, the Competition and Consumer Protection Commission, the Central Bank and the Garda National Cyber Crime Bureau, amongst others.

Proactively respond to online abuse

We employ Netcraft, who provide internet security services, including cybercrime disruption.

These services allow us to proactively respond to online abuse issues, such as websites that are hosting malware, phishing or botnets. Netcraft notifies our Registrars (companies that sell and manage .ie domains on our behalf) and the .ie domain holder.

The domain holder can then, with the help of their Registrar or Hosting provider, take the required corrective action. Netcraft will monitor the website post the fix to ensure the issue is resolved. This service is invaluable as it helps innocent victims, such as SMEs who might be unaware that they have experienced a cyberattack and can take the required remediation action.

 

ISO 27001 certification

We achieved industry standard ISO 27001 security certification, which ensures that an organisation manages and mitigates its cybersecurity risks effectively.

By achieving this certification .IE proves that the ISMS (Information Security Management System) implemented by .IE for the management and operation of the .ie top-level domain registry and for its IT network and security services – including supporting processes – has been certified according to ISO 27001.

Advice for SMEs

We recently published an e-book: Cybersecurity: A Guide for SMEs and also a a blog post Seven tips to keep your business safe online. The purpose of these is to help educate SMEs on the basics of cybersecurity, as well as provide relatively simple – but effective – practices and tips for keeping businesses safe from the most common cyberthreats.

Mick Begley is our Chief Information Officer.