1. Document Information
This document contains a description of IRISS-CERT according to
. It provides basic information about the CERT, the ways it can be contacted,
describes its responsibilities and the services offered.
1.1 Date of Last Update
This is version 1.0 as of 25/02/2010
1.2 Distribution List for Notifications
1.3 Locations where this Document May Be Found
The current version of this document can always be found at
2. Contact Information
2.1 Name of the Team
Irish Reporting and Information Security Service, Suite B011 The LINC
Centre, Blanchardstown Road North, Blanchardstown, Dublin 15.
2.3 Time Zone
We are located in the Greenwich Mean Time time-zone.
2.4 Telephone Number
+353 1 4404065
2.5 Facsimile Number
2.6 Other Telecommunication
Twitter using @irisscert
2.7 Electronic Mail Address
Please send incident reports to email@example.com.
Non-incident related mail can also be addressed to firstname.lastname@example.org.
2.8 Public Keys and Encryption Information
Encrypted communications with email@example.com should use this operational key.
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: PGP Desktop 9.10.0 (Build 500)
-----END PGP PUBLIC KEY BLOCK-----
2.9 Team Members
The CERT team leader is
Other team members include;
- Mark Hillick
- Andrew Barnes
- Ciaran Caffrey
- Michael Hanna
- Brian O’Crowley
- Andy Whelan
2.10 Other Information
2.11 Points of Customer Contact
- The preferred method for contacting IRISS-CERT is via
e-mail. For incident reports and related issues please use firstname.lastname@example.org.
This email is monitored regularly and will be actioned upon once
- If it is not possible (or advisable due to security
reasons) to use e-mail, you can reach us via telephone at +353 1
- IRISS-CERT's hours of operation are generally
restricted to regular business hours - 09:00-17:00 Monday to Friday.
3.1 Mission Statement
The mission statement of the IRISS-CERT is;
‘To provide a range of high quality information security based services to
aid Irish based organisations and citizens to better secure their
information technology facilities and services in accordance with industry
recognised standards and compliance requirements, to provide high quality
research services on current and potential information security threats
facing its constituency, to provide information security prevention,
response and mitigation strategies to its constituency and to become a
recognised centre of information security excellence for national and
international organisations to refer to'
IRISS-CERT provides services primarily to all business organisations
within the Republic of Ireland. As such our constituency is based in the
- SME Sector
- Private Sector organisations
- Public sector bodies
- Commercial Bodies
- Non-Commercial Organisations
- Non-Governmental Organisations
3.3 Sponsorship and/or Affiliation
The Irish Reporting & Information Security Service (IRISS) is an
independent not for profit company limited by guarantee founded in 2008 to
provide a range of free services to Irish businesses and consumers in
relation to information security issues to help counter the security threats
posed to the Irish businesses and the Irish Internet space. Our ability to
provide our services is possible due to the support of our sponsors which
are listed at http://www.iriss.ie/iriss/sponsors.htm
IRISS-CERT's main purpose in incident handling is the coordination of
incident response. As such, we only advise local security teams and
have no authority to demand certain actions.
4.1 Types of Incidents and Level of Support
IRISS-CERT is authorised to address all types of computer security
incidents which occur, or threaten to occur, in our Constituency (see 3.2)
and which require cross-organisational coordination. The level of
support given by IRISS-CERT will vary depending on the type and severity of
the incident or issue, the type of constituent, the size of the user
community affected, and IRISS-CERT's resources at the time. Special
attention will be give to issues affecting critical infrastructure.
IRISS-CERT is committed to keeping its constituency informed of potential
vulnerabilities, and where possible, will inform this community of such
vulnerabilities before they are actively exploited. This communication will
be in the form of;
4.2 Co-operation, Interaction and Disclosure of Information
IRISS-CERT will cooperate with other Organisations in the Field of
Computer Security. This Cooperation also includes and often requires the
exchange of vital information regarding security incidents and
vulnerabilities. Nevertheless IRISS-CERT will protect the privacy of their
customers, and therefore (under normal circumstances) pass on information in
an anonymised way only unless other contractual agreements apply.
IRISS-CERT operates under the restrictions imposed by
Irish law. This involves careful handling of personal data as required by
the Irish Data Protection Act 1988 and the Data Protection (Amendment) Act
2003, but it is also possible that - according to Austrian law - IRISS-CERT
may be forced to disclose information due to a Court's order.
4.3 Communication and Authentication
For normal communication not containing sensitive information IRISS-CERT
will use conventional methods like unencrypted e-mail.
For secure communication PGP-Encrypted e-mail or telephone will be used. If
it is necessary to authenticate a person before communicating, this can be
done either through existing webs of trust, such as the Trusted Introducer
by other methods like call-back, mail-back or even face-to-face meeting if
5.1 Incident Response
IRISS-CERT will assist IT-security team in handling the technical and
organizational aspects of incidents. In particular, it will provide
assistance or advice with respect to the following aspects of incident
5.1.1. Incident Coordination
- Determine the involved organisations.
- Contact the involved organisations to investigate
the incident and take the appropriate steps.
- Facilitate contact to other parties which can
help resolve the incident. Send reports to other CERTs
- IRISS-CERT will also collect statistics about
incidents within its constituency.
5.2 Proactive Activities
- IRISS-CERT will endeavor to raise security awareness
in its constituency and the greater Internet community.
- Collect contact information of local security teams.
- Publish announcements concerning serious security
- Observe current trends in technology and distribute
relevant knowledge to the constituency.
- Provide fora for community building and information
exchange within the constituency.
- Host an annual conference on
6. Incident Reporting Forms
If you wish to report a security incident you should be a registered user of our system and report the incident via our reporting page.
There are no public forms available yet. If possible, please
make use of the Incident Reporting Form of the CERT Coordination Center. The
current version is available from:
http://www.cert.org/reporting/incident_form.txt. Alternatively please
send as much detail as possible to us via email to
While every precaution will be taken in the preparation of information,
notifications and alerts, IRISS-CERT assumes no responsibility for errors or
omissions, or for damages resulting from the use of the information contained
If you have any queries regarding the Irish Reporting and
Information Security Service please email us at the following address
We will endeavour to contact you within 24 hours.