1. Document Information
This page contains a description of IRISS-CERT according to RFC 2350 . It provides basic information about the CERT, the ways it can be contacted, describes its responsibilities and the services offered.
1.1 Date of Last Update
This is version 1.0 as of 25/02/2010
1.2 Distribution List for Notifications
Distribution list for notifications is on a member only basis. Membership is free and can be subscribed at https://www.iriss.ie/FWA5/Resources/Signup.aspx.
More information on subscribing to IRISS-CERT is available at http://www.iriss.ie/iriss/subscription_page.htm.
Alternatively you can follow IRISS-CERT on Twitter at http://www.twitter.com/irisscert or @irisscert
1.3 Locations where this Document May Be Found
The current version of this document can always be found at http://www.iriss.ie/iriss/RFC%202350.htm
2. Contact Information
2.1 Name of the Team
Irish Reporting and Information Security Service, Suite B011 The LINC Centre, Blanchardstown Road North, Blanchardstown, Dublin 15.
2.3 Time Zone
We are located in the Greenwich Mean Time time-zone.
2.4 Telephone Number
+353 1 4404065
2.5 Facsimile Number
2.6 Other Telecommunication
Twitter using @irisscert
2.7 Electronic Mail Address
Please send incident reports to email@example.com.
Non-incident related mail can also be addressed to firstname.lastname@example.org.
2.8 Public Keys and Encryption Information
Encrypted communications with email@example.com should use this operational key.
—–BEGIN PGP PUBLIC KEY BLOCK—–
Version: PGP Desktop 9.10.0 (Build 500)
—–END PGP PUBLIC KEY BLOCK—–
2.9 Team Members
The CERT team leader is Brian Honan.
2.10 Other Information
2.11 Points of Customer Contact
The preferred method for contacting IRISS-CERT is via e-mail. For incident reports and related issues please use firstname.lastname@example.org. This email is monitored regularly and will be actioned upon once received.
If it is not possible (or advisable due to security reasons) to use e-mail, you can reach us via telephone at +353 1 4404065.
IRISS-CERT’s hours of operation are generally restricted to regular business hours – 09:00-17:00 Monday to Friday.
3.1 Mission Statement
The mission statement of the IRISS-CERT is;
‘To provide a range of high quality information security based services to aid Irish based organisations and citizens to better secure their information technology facilities and services in accordance with industry recognised standards and compliance requirements, to provide high quality research services on current and potential information security threats facing its constituency, to provide information security prevention, response and mitigation strategies to its constituency and to become a recognised centre of information security excellence for national and international organisations to refer to’
IRISS-CERT provides services primarily to all business organisations within the Republic of Ireland. As such our constituency is based in the following sectors;
Private Sector organisations
Public sector bodies
3.3 Sponsorship and/or Affiliation
The Irish Reporting & Information Security Service (IRISS) is an independent not for profit company limited by guarantee founded in 2008 to provide a range of free services to Irish businesses and consumers in relation to information security issues to help counter the security threats posed to the Irish businesses and the Irish Internet space. Our ability to provide our services is possible due to the support of our sponsors.
IRISS-CERT’s main purpose in incident handling is the coordination of incident response. As such, we only advise local security teams and have no authority to demand certain actions.
4.1 Types of Incidents and Level of Support
IRISS-CERT is authorised to address all types of computer security incidents which occur, or threaten to occur, in our Constituency (see 3.2) and which require cross-organisational coordination. The level of support given by IRISS-CERT will vary depending on the type and severity of the incident or issue, the type of constituent, the size of the user community affected, and IRISS-CERT’s resources at the time. Special attention will be give to issues affecting critical infrastructure.
IRISS-CERT is committed to keeping its constituency informed of potential vulnerabilities, and where possible, will inform this community of such vulnerabilities before they are actively exploited. This communication will be in the form of;
Updates to our Twitter stream at http://www.twitter.com/irisscert and @irisscert
4.2 Co-operation, Interaction and Disclosure of Information
IRISS-CERT will cooperate with other Organisations in the Field of Computer Security. This Cooperation also includes and often requires the exchange of vital information regarding security incidents and vulnerabilities. Nevertheless IRISS-CERT will protect the privacy of their customers, and therefore (under normal circumstances) pass on information in an anonymised way only unless other contractual agreements apply.
IRISS-CERT operates under the restrictions imposed by Irish law. This involves careful handling of personal data as required by the Irish Data Protection Act 1988 and the Data Protection (Amendment) Act 2003, but it is also possible that – according to Austrian law – IRISS-CERT may be forced to disclose information due to a Court’s order.
4.3 Communication and Authentication
For normal communication not containing sensitive information IRISS-CERT will use conventional methods like unencrypted e-mail.
For secure communication PGP-Encrypted e-mail or telephone will be used. If it is necessary to authenticate a person before communicating, this can be done either through existing webs of trust, such as the Trusted Introducer network http://www.trusted-introducer.nl, or by other methods like call-back, mail-back or even face-to-face meeting if necessary.
5.1 Incident Response
IRISS-CERT will assist IT-security team in handling the technical and organizational aspects of incidents. In particular, it will provide assistance or advice with respect to the following aspects of incident management:
5.1.1. Incident Coordination
Determine the involved organisations.
Contact the involved organisations to investigate the incident and take the appropriate steps.
Facilitate contact to other parties which can help resolve the incident. Send reports to other CERTs
IRISS-CERT will also collect statistics about incidents within its constituency.
5.2 Proactive Activities
IRISS-CERT will endeavor to raise security awareness in its constituency and the greater Internet community.
Collect contact information of local security teams.
Publish announcements concerning serious security threats.
Observe current trends in technology and distribute relevant knowledge to the constituency.
Provide fora for community building and information exchange within the constituency.
Host an annual conference on Cyber Crime
6. Incident Reporting Forms
If you wish to report a security incident you should be a registered user of our system and report the incident via our reporting page.
There are no public forms available yet. If possible, please make use of the Incident Reporting Form of the CERT Coordination Center. The current version is available from: http://www.cert.org/reporting/incident_form.txt. Alternatively please send as much detail as possible to us via email to email@example.com
While every precaution will be taken in the preparation of information, notifications and alerts, IRISS-CERT assumes no responsibility for errors or omissions, or for damages resulting from the use of the information contained within.
If you have any queries regarding the Irish Reporting and Information Security Service please email us at the following address firstname.lastname@example.org. We will endeavour to contact you within 24 hours.