I understand after discussing with RIPE-NCC that the situation is similar in NL. Because of this, the NIS-2 will if root servers are included not have any real impact on how RIPE-NCC or Netnod is managed.
Just to clarify to this point, our root-server operations are not under any regulatory supervision. The issue has been discussed when the current NIS directive came into force, when all our services were evaluated. But until now we have not been recognised as an operator of an essential service.
We do of course fall under the Dutch legislation and as such, a number of other EU directives such as GDPR appl,y and those also in certain cases come with reporting obligations and also have some paragraphs on cybersecurity related measures.
But as it stands, we are not formally supervised as a critical entity of some sorts.
MarcoH