Member
Login

RFC 2350

1. Document Information
This document contains a description of IRISS-CERT according to RFC 2350 . It provides basic information about the CERT, the ways it can be contacted, describes its responsibilities and the services offered.

1.1 Date of Last Update
This is version 1.0 as of 25/02/2010

1.2 Distribution List for Notifications

• Distribution list for notifications is on a member only basis. Membership is free and can be subscribed at https://www.iriss.ie/FWA5/Resources/Signup.aspx.
• More information on subscribing to IRISS-CERT is available at http://www.iriss.ie/iriss/subscription_page.htm.
• Alternatively you can follow IRISS-CERT on Twitter at http://www.twitter.com/irisscert  or @irisscert

1.3 Locations where this Document May Be Found
The current version of this document can always be found at http://www.iriss.ie/iriss/RFC%202350.htm

2. Contact Information

2.1 Name of the Team
IRISS-CERT

2.2 Address
Irish Reporting and Information Security Service, Suite B011 The LINC Centre, Blanchardstown Road North, Blanchardstown, Dublin 15.

2.3 Time Zone
We are located in the Greenwich Mean Time time-zone.

2.4 Telephone Number
+353 1 4404065

2.5 Facsimile Number
None

2.6 Other Telecommunication

Twitter using @irisscert

2.7 Electronic Mail Address
Please send incident reports to info@iriss.ie.
Non-incident related mail can also be addressed to info@iriss.ie.

2.8 Public Keys and Encryption Information


Encrypted communications with info@iriss.ie should use this operational key.

PGP Key
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: PGP Desktop 9.10.0 (Build 500)

mQENBEtraeEBCAC1rVYFjqCIQcAC+AJnmFfmce5WeyyH2308xsZU7pOO3QJsVfNK
8lNJGyR5h3VirTZHqzMyvUncaO4zwhbVnDsCx6hjaqNBe4ewZ8YZWkt9dxP9sF8O
64zS+TbmY+gtFXEheb/q7BxuTIJteiNXtSeZrah8udxmtPzrOhWWylV/11mrqPZ8
pDGKgw6J7L9A8T6t3mGVx/hvoaJW5BSGGfXR56/n+Mf3swZijJzd2fREkl+NM6pD
sNBHjmb0OGUNWCnOazSayfxr1PGgaz4DIBYwgT1E6ywbcCMA23VMSHWUEuhaNMvD
VcdLkUMGGTX9pIKV0LA71d+PKF8jFGQXReN7ABEBAAG0GklSSVNTLUNFUlQgPGlu
Zm9AaXJpc3MuaWU+iQGHBBABAgBxBQJLa2nsMBSAAAAAACAAB3ByZWZlcnJlZC1l
bWFpbC1lbmNvZGluZ0BwZ3AuY29tcGdwbWltZQcLCQgHAwIKAhkBGRhsZGFwOi8v
a2V5c2VydmVyLnBncC5jb20FGwMAAAADFgIBBR4BAAAABBUICQoACgkQ0+vgIRK2
VveDKAf/dyZy9QQhmyDrsY1CSItuybUimInOnfjF2qIdoD9YO8d1nCVoVkHKjXi3
GrdaQx+n2B3h/mt4erGrxcUw+Es6tV1Mrx9Q2nntkLRuuw614eTxDUr6KPd6Qqks
tkuGhlaUG0HxYz2rDQPlz80DStnqgTQ3rF9C5wXFnfpei2ZxYdUWI7L9TzahIF3T
7LCoxTDn7qZTTt7g/1Wqc2CA0kfVQgeQUvNgVHJTSJl6PiGhD/VHkztdD/XAF46E
AazSgIB71WbIR45L30rNxVZ6/Y+wa3lVoMBpHzkEdkRx6NOd2GvEmPYiASJtYCw6
kMEl7dybinOAeoCtUkpkiOWSjHmssLQbSVJJU1MtQ0VSVCA8YWJ1c2VAaXJpc3Mu
aWU+iQGEBBABAgBuBQJLa2nsMBSAAAAAACAAB3ByZWZlcnJlZC1lbWFpbC1lbmNv
ZGluZ0BwZ3AuY29tcGdwbWltZQcLCQgHAwIKGRhsZGFwOi8va2V5c2VydmVyLnBn
cC5jb20FGwMAAAADFgIBBR4BAAAABBUICQoACgkQ0+vgIRK2VvfWqgf/ZJh82wTw
w9hER2Wgg+HWpELaoQIdKB+ao1Kqqh157dJEhYr5oH8IOOqIuQ8fgcsvO3oF88hu
OTxwD8E1amgpnG6uTphz+qk+cxfuJa8PtB5H8FEbxA6li90j58OyNSYpc/qWEjPi
0y7wzH02ljNyJ3USh3hCL2/4s/VZgDsErJaTaihUwUmEFuCSd631MRqV/rP1KQUV
1s8IPydALQonGZpAkZnFyRg1CobcQRz4FrZCUOPjgxJY0AEBjC+1LOxubWYmPOvS
CbxJWcN2XEX2GAfm4EgwyaZqT/ZMJWScbr09YVU4xHBiS8Q6W8c9taaVRb3zp22I
3iQnUyikDWhSP7kBDQRLa2niAQgArFqEZ4pkNyPvBrtXrPxdm17tjckoPRgNmIes
R3fji/ncHhXKmsWtTq/USn8EKmbeOK+tD/N7NdlIulYrbMNYN98SjjQdTbSuFgmD
lkSHFPaXkELen/42kCK4mDBg9TbVkWQ3aO4CHRBJnxj5zT2djQa09glyXlg1JIju
N6pUrh2lxHVqkpqg2QgAZQ5d50HtgvOmpxqzRJOZ6l59DPMFCVLp7qYtiGVon5dK
7RZs2T0XWmrsXOuB4arlk14mP06LRK3g/lnmwGgGqPp122RjfM/OUMtjfrjnaN+o
DXzh8EjGHJEcARHZbd9IMVvxZpcz36w0EsO/s3WTk8ww40SwVwARAQABiQJBBBgB
AgErBQJLa2njBRsMAAAAwF0gBBkBCAAGBQJLa2niAAoJEG2vSLgwBiHCT5IIAJG0
e7CqLmlqn/ZtHxSHHmSrlNL5tQsQfIRIvMZx0+cApeJB35WQ2/gyExxC1iUNNls8
znhSAzheYaStprLSgwQxzNyxNoWO22f7FzTfU15XkVnibmKdTuM1km1Dvg5Sn+nS
j5b5rxkLBl8AWcNF4lK2z870M0qn+VbecHCg8F0limU2ejH0Co592PunaRS0gEFC
fknWTUWId2wrxB8pOn9Hy8YztcbAhNhY65EBpfyHj2oLyrc+E6502G2ymfgncYaR
JWxnylYKCQQmyGZJafiMztAqw2zmybTo2GBfvJR3LPASZY/7E/fJv6O3TPvNYog6
y3EThhV+mnbOnGT7eXYACgkQ0+vgIRK2Vvd/qwgAldjwDspSHQ7cx/vAI+kIXvk2
SBMAVRQE1OSahjlyA2D1cyGJ1+llRkk2R1qT9iZPpyzumPJNvMFrtXytfhb0lkfu
bu9gVqjMSCcayJDop6dVErEa1DClcWXLHV7MjM+WyfaP/elSZy90N8rmusKDoOSU
lkR3GndhJ1kwUovA2OSmkg3qSiyzLj1aT740MpB2RyHWh/GdhNjs/gejxk3+jv/f
RZiH62QuVVDmfjTpp5csHt2oenH7ktIGk0yDNwRaR0NxBuXtUltcHdGy3PjfBN0Q
qZsudUo8/Y+LyM4BQuZsWr8ISy5/qDeiBE3eaNRjO7eSk8QMCp7V4blzu5Rdng==
=mLJd
-----END PGP PUBLIC KEY BLOCK-----


2.9 Team Members
The CERT team leader is Brian Honan.

Other team members include;

• Mark Hillick
• Andrew Barnes
• Ciaran Caffrey
• Michael Hanna
• Brian O’Crowley
• Andy Whelan

2.10 Other Information
None

2.11 Points of Customer Contact

• The preferred method for contacting IRISS-CERT is via e-mail. For incident reports and related issues please use info@iriss.ie. This email is monitored regularly and will be actioned upon once received.
• If it is not possible (or advisable due to security reasons) to use e-mail, you can reach us via telephone at +353 1 4404065.
• IRISS-CERT's hours of operation are generally restricted to regular business hours - 09:00-17:00 Monday to Friday.

3. Charter

3.1 Mission Statement
The mission statement of the IRISS-CERT is;

‘To provide a range of high quality information security based services to aid Irish based organisations and citizens to better secure their information technology facilities and services in accordance with industry recognised standards and compliance requirements, to provide high quality research services on current and potential information security threats facing its constituency, to provide information security prevention, response and mitigation strategies to its constituency and to become a recognised centre of information security excellence for national and international organisations to refer to'

3.2 Constituency
IRISS-CERT provides services primarily to all business organisations within the Republic of Ireland. As such our constituency is based in the following sectors;

• SME Sector
• Private Sector organisations
• Public sector bodies
• Commercial Bodies
• Non-Commercial Organisations
• Non-Governmental Organisations

3.3 Sponsorship and/or Affiliation
The Irish Reporting & Information Security Service (IRISS) is an independent not for profit company limited by guarantee founded in 2008 to provide a range of free services to Irish businesses and consumers in relation to information security issues to help counter the security threats posed to the Irish businesses and the Irish Internet space. Our ability to provide our services is possible due to the support of our sponsors which are listed at http://www.iriss.ie/iriss/sponsors.htm

3.4 Authority
IRISS-CERT's main purpose in incident handling is the coordination of incident response.  As such, we only advise local security teams and have no authority to demand certain actions.

4. Policies

4.1 Types of Incidents and Level of Support
IRISS-CERT is authorised to address all types of computer security incidents which occur, or threaten to occur, in our Constituency (see 3.2) and which require cross-organisational coordination.  The level of support given by IRISS-CERT will vary depending on the type and severity of the incident or issue, the type of constituent, the size of the user community affected, and IRISS-CERT's resources at the time. Special attention will be give to issues affecting critical infrastructure.

IRISS-CERT is committed to keeping its constituency informed of potential vulnerabilities, and where possible, will inform this community of such vulnerabilities before they are actively exploited. This communication will be in the form of;

• Email alerts
• XML feed to constituent's home member page within the member section of IRISS-CERT at www.iriss.ie
• Updates to our Twitter stream at http://www.twitter.com/irisscert and @irisscert

4.2 Co-operation, Interaction and Disclosure of Information
IRISS-CERT will cooperate with other Organisations in the Field of Computer Security. This Cooperation also includes and often requires the exchange of vital information regarding security incidents and vulnerabilities. Nevertheless IRISS-CERT will protect the privacy of their customers, and therefore (under normal circumstances) pass on information in an anonymised way only unless other contractual agreements apply.

IRISS-CERT operates under the restrictions imposed by Irish law. This involves careful handling of personal data as required by the Irish Data Protection Act 1988 and the Data Protection (Amendment) Act 2003, but it is also possible that - according to Austrian law - IRISS-CERT may be forced to disclose information due to a Court's order.

4.3 Communication and Authentication
For normal communication not containing sensitive information IRISS-CERT will use conventional methods like unencrypted e-mail.
For secure communication PGP-Encrypted e-mail or telephone will be used. If it is necessary to authenticate a person before communicating, this can be done either through existing webs of trust, such as the Trusted Introducer network http://www.trusted-introducer.nl, or by other methods like call-back, mail-back or even face-to-face meeting if necessary.

5. Services

5.1 Incident Response
IRISS-CERT will assist IT-security team in handling the technical and organizational aspects of incidents. In particular, it will provide assistance or advice with respect to the following aspects of incident management:
 

5.1.1. Incident Coordination

• Determine the involved organisations.
• Contact the involved organisations to investigate the incident and take the appropriate steps.
• Facilitate contact to other parties which can help resolve the incident. Send reports to other CERTs
• IRISS-CERT will also collect statistics about incidents within its constituency.
   

5.2 Proactive Activities

• IRISS-CERT will endeavor to raise security awareness in its constituency and the greater Internet community.
• Collect contact information of local security teams.
• Publish announcements concerning serious security threats.
• Observe current trends in technology and distribute relevant knowledge to the constituency.
• Provide fora for community building and information exchange within the constituency.
• Host an annual conference on Cyber Crime

6. Incident Reporting Forms
 

If you wish to report a security incident you should be a registered user of our system and report the incident via our reporting page.

There are no public forms available yet. If possible, please make use of the Incident Reporting Form of the CERT Coordination Center. The current version is available from: http://www.cert.org/reporting/incident_form.txt. Alternatively please send as much detail as possible to us via email to info@iriss.ie

7. Disclaimers
While every precaution will be taken in the preparation of information, notifications and alerts, IRISS-CERT assumes no responsibility for errors or omissions, or for damages resulting from the use of the information contained within.
If you have any queries regarding the Irish Reporting and Information Security Service please email us at the following address info@iriss.ie. We will endeavour to contact you within 24 hours.

[ Home ] [ About IRISS ] [ Services ] [ Subscribe ] [ Sponsors ] [ IRISSCON ] [ HackEire ] [ Useful Links ] [ Contact Us ] [ RFC_2350 ] [ Privacy ] [ Disclaimer ]