Services

Computer Security Incident Response Team (CSIRT)

Continue reading

A dedicated team

Luxembourg's education, research, and culture sectors may, like any other economic stakeholder, and at any time, encounter computer security incidents compromising their operational activities and even threatening the security of their information.

In order to assist them in such circumstances, the Restena Foundation operates a Computer Security Incident Response Team (CSIRT). This dedicated team has several different missions: 

  • supporting and coordinating response efforts to detected or anticipated security incidents;
  • being the contact point for any information request about security incidents;
  • participating in computer security plans;
  • working in close partnership with other national and international CSIRT/CERT teams;
  • raising awareness and providing information about the importance of computer security.

Prevention, processing and responding to security incidents

With a constituency consisting of stakeholders from education, research, and culture in Luxembourg, the CSIRT team managed by the Restena Foundation offers different services including prevention, processing, and responding to security incidents.

Reactive services

The CSIRT provides reactive services, in response to security incidents arising in the research and education community in Luxembourg that has been detected by CSIRT itself, a staff member of a member institution, or reported by another CSIRT or third party.

The CSIRT also provides the following services in response to incidents:

Incident triage

  • interpretation, monitoring, and prioritising of incoming security incident reports; 
  • determination of the scope or range of the security incident.

Incident coordination

  • incident investigation and appropriate measures taken after contact with the organisation(s) in question;
  • notification, where necessary, of other parties involved, in accordance with the disclosure of information policy;
  • liaising with the relevant security teams and/or law-enforcement authorities if necessary;
  • drafting reports for other CSIRT teams;
  • sending alerts to users.

Even though CSIRT does not provide an active resolution service for security incidents, it is able to provide advice on a case-by-case basis and closely collaborates with the other national CERTs in order to offer the best service.

Pro-active services

Pro-active services, related to preventing incidents and reducing their impact when they arise are also offered by the Restena Foundation, in particular through awareness-raising activities.

Benefits

Restena Foundation's CSIRT is a member of the Cybersecurity Emergency Response Teams Community Luxembourg (CERT.lu)

Restena Foundation's CSIRT is an accredited Trusted Introducer

More details on the service

Who can benefit?

Établissements d'enseignement supérieur, Centres de recherche, Institutions culturelles, Écoles primaires et secondaires

How to benefit?

To report an incident, it is recommended that you fill in an "Incident reporting form" as fully as possible and send it to: csirt@restena.lu. You can also submit a report by telephoning the Restena Foundation.

PGP encryption recommended

To deal with incidents in a secure and confidential manner, it is preferable to use encrypted messages when contacting CSIRT. PGP encryption used for confidential e-mails is mandatory when the incident report contains confidential or personal information.

Key to encrypt messages sent to CSIRT

  • PGP fingerprint: 1DB6 71B7 8071 4050 14E3  F654 DADB E3E2 C873 17E8

Individual PGP keys for the members of CSIRT

  • Jo Hoffmann: BE56 D770 BBE1 AC40 BDE3  3753 E11A 581F E208 FA7F
  • Denim Latic: 3152 DBF5 CED7 7BFC BFD8 31BE A9D9 5A53 E2A9 241F 
  • Gaël Ortega: 344C 8DBD D005 86A0 14DF FECD 60F8 BECF 265A 3F20 
  • Bruno Prémont: B831 D9DB 84F2 E2A3A18C 58D5 C941 0241 4374 0DC8
  • David Rosada: EB2D 808C 8445 99EC 6CAE 438A 5D99 C27F 0FFD 7B1F 
  • Marc Stiefer: 3F9D BB45 92DE C2E6 A6DA  73CF 351D 14F8 0052 F9B4
  • Cynthia Wagner: CBEA FB4D 42DE CEFB 10A8 D56A 6765 5C01 42B1 01D9
  • Stefan Winter: AD30 91F3 AB24 E05F 4F72 2C03 C0DE 6A35 8A39 DC6

Assistance and support

csirt@restena.lu

Documents and links

RESTENA CSIRT - RFC2350 (PDF)

1.17 MB

CSIRT - Incident Reporting Form (TXT)

1.54 KB

Services

Other services that might be of interest to you

Projects

GÉANT (GN5-1)

Ensuring effective, relevant, high-value, and competitive research and innovation activity throughout Europe.

Learn more

Have a question?

  • Faq

  • How to report an incident to CSIRT?

    Complete and send the "Incident reporting form" by e-mail to csirt@restena.lu or contact the Restena Foundation by phone.

  • Where can I report a security incident?

    If your institution is part of the research and education sectors in Luxembourg or if you are a user of RESTENA services, your privileged point of contact is the Restena Foundation. 

    Other Luxembourg public Computer Security Incident Response Team (CSIRTs) are to be contacted depending on the sector of activity of your entity. To find your contact person, we invite you to visit the cyber security website, section "Signaler".

Haven't found the information you needed?

Helpdesk page