RFC 2350 Version: 1.4 Author: GovCERT.ch 1. Document Information This document contains a description of GovCERT.ch according to RFC 2350. It provides basic information about the CERT, the ways it can be contacted, describes its responsibilities and the services offered. 1.1. Date of Last Update First version released on August 2014. This is version 1.2 of August 2019. Changes: - V1.0: 2014/08 - Initial document - V1.1: 2015/06 - Fixed a typo in section 3 and update the our regular phone number (2.4) - V1.2: 2019/08 - Removed duplicated index (6) - V1.3: 2022/07 - Removed phone numbers (2.4 / 2.11) - V1.4: 2022/07 - Fixed name in Disclaimers (7) 1.2. Distribution List for Notifications This profile is kept up-to-date on the location specified in 1.3. There is no distribution list for notifications as of 2014/08. Any questions about updates please address to the GovCERT.ch e-mail address (see 2.7). 1.3. Locations where this Document May Be Found The current version of this profile is always available on http://www.govcert.ch/downloads/rfc2350.txt 2. Contact Information 2.1. Name of the Team Full name: Swiss Government Computer Emergency Response Team Short name: GovCERT.ch 2.2. Address GovCERT.ch Bundesgasse 3 3003 Bern 2.3. Time Zone We are located in the central European timezone (CET) which is GMT +0100 (+0200 during day-light saving time). 2.4. Telephone Number - 2.5. Facsimile Number Not available. 2.6. Other Telecommunication Not available. 2.7. Electronic Mail Address Please send incident reports to incidents[at]govcert{dot]ch. Non-incident related inquiries should be addressed to outreach[at]govcert{dot}ch 2.8. Public Keys and Encryption Information PGP/GnuPG is supported for secure communication. The current GovCERT.ch team-key can be found on http://www.govcert.ch/downloads/govcert_alternative.pgp Encrypted communications with GovCERT.ch should use this operational key. 2.9 Team Members For operational security, no information is provided about the GovCERT.ch team members in public. 2.10 Other information For more information about GovCERT.ch or its parent organisation, please have a look at the following websites: http://www.govcert.ch/ https://www.ncsc.admin.ch/ 2.11 Points of customer contact The preferred method for contacting GovCERT.ch is via e-mail (see 2.7). Monday-Sunday, 08:00-21:00 local time. 3. Charter 3.1. Mission statement GovCERT.ch is the Computer Emergency Response Team (GovCERT) of the Swiss government and the official national CERT of Switzerland. 3.2 Constituency Our constituency is the network of the Swiss Federal Administration (Government) as well as the private and public sectors in Switzerland. GovCERT.ch supports the critical IT infrastructure in Switzerland in dealing with cyberthreats by providing services such as technical analyses and information about targeted (but not limited to) attacks against the national critical IT infrastructure. Additionally, GovCERT.ch is authorized to handle all types of computer security incidents related to Switzerland, representing the national CERT of Switzerland. 3.3 Sponsorship and/or affiliation GovCERT.ch is part of the Swiss Federal Administration. 3.4 Authority The team coordinates security incidents on behalf of their constituency and has no authority reaching further than that. 4. Policies - 4.1 Types of incidents and level of support - 4.2 Co-operation, interaction and disclosure of information - 5. Services 5.1 Incident response - 5.2 Proactive Activites - 5.3 Security Quality Management Activites - 5.4 Reactive Activites - 6. Incident reporting Forms Not available as of today. Preferably report in plain text using e-mail. 7. Disclaimers While every precaution will be taken in the preparation of information, notifications and alerts, GovCERT.ch assumes no responsibility for errors or omissions, or for damages resulting from the use of the information contained within.