Netnod policy statements

Netnod provides expert input in policy, regulatory and governance discussions that directly impact the context within which we operate.

On 15 January 2026, the Cybersecurity Act (Cybersäkerhetslagen) and the Cybersecurity Ordinance (Cybersäkerhetsförordningen) entered into force, thereby implementing NIS2 into Swedish law. For many businesses, this means stricter requirements on risk management measures, incident reporting, and governance/responsibility, while guidance and sector-specific regulations may be introduced gradually. Now that the Swedish implementation of the Cybersecurity Act (the NIS2 Directive) is in force, we analyse the current status and highlight the most important aspects for your business.

Overall, Netnod supports the Governance Document for the Recognition, Operation, and Derecognition of Regional Internet Registries (RIR Governance Document) Version 2.

Netnod has submitted its views on the government inquiry Samlade förmågor för ökad cybersäkerhet SOU 2025:79 (Combined Capabilities for Increased Cybersecurity).

Netnod emphasises the need for accountability and transparency in the DNS root server system's governance to ensure its continued global acceptance and preserve a multi-stakeholder model against increasing demands from nation-states and corporations.

Netnod's response emphasises that: there is no reason to harmonise the requirements for number independent communication services with those for number dependent communication services; and that, from a security perspective, clear text adaptability requirements cannot be part of the suggested solution.