As ccTLD leaders look ahead to the next 12 to 18 months, three clusters of cybersecurity priorities emerge clearly. This snapshot highlights what is top of mind across the European registry community — and where attention, investment, and cooperation are most urgently needed.

Compliance

Unsurprisingly, and driven by the regulatory landscape, NIS2 compliance dominates the agenda. Finalising readiness and implementing the directive’s requirements is the single most frequently cited priority. While many organisations feel broadly prepared, uncertainty around national transposition continues to absorb time and resources. Legal clarity is widely seen as a prerequisite for shifting full attention back to operational security and resilience.

People & tools

Beyond regulation, leaders consistently emphasise the need to ensure and sustain operational capabilities — notably people and tools. On the human side, priorities include having sufficient skilled staff in place and ensuring that employees are aware, prepared, and trained to maintain the resilience of the zone.

This goes hand in hand with the availability and effective use of the right technical tools to detect threats and manage vulnerabilities and attacks. In this context, the sharing of (real-time) threat intelligence, as well as joint crisis exercises, are frequently cited as high-value activities.

The risks on leaders’ minds

When assessing strategic cybersecurity developments, leaders draw a clear distinction between existential risks and operational priorities.

Nation-state attacks on critical infrastructure and broader geopolitical change are seen as the most significant risks. Despite their severity, these threats rarely trigger an immediate call to action, as they lie largely outside the direct control of registry operators.

By contrast, urgency is highest for controllable risks — such as inconsistent implementation of basic security controls, supply chain integrity, and increased security regulation.

Supply chain security emerges as a cross-cutting concern. While respondents are confident in their own security posture, they have less visibility into partners’ preparedness. This gap is increasingly viewed as an opportunity to review oversight, strengthen contractual arrangements, and raise baseline security standards across the DNS ecosystem.

Opportunity amid the risk

Not all developments are viewed through a defensive lens. The adoption of AI technologies is most often identified as an opportunity. Increased security regulation is also seen positively by many, reflecting confidence that coherent and proportionate rules can strengthen overall resilience.

Focus on fundamentals

Overall, the picture that emerges is one of pragmatic leadership, focused on secure operations, regulatory compliance, and supply-chain resilience. While geopolitical instability and sophisticated attacks remain on the radar, day-to-day priorities are shaped by what can be fixed, strengthened, and coordinated now.

Source: The results are based on a survey carried out among all CENTR full members and yielded 19 responses from CEOs and equivalent.