Euronext CSIRT

Download PDF Version

1. About this document

This document describes the Computer Security Incident Response Team (CSIRT) of Euronext N.V. in accordance to RFC 2350. It provides basic information about the Euronext CSIRT team, its channels of communication, and its roles and responsibilities

1.1 Date of last udpate

Version 2.0, published 2022/07/15.

1.2 Distribution list for notifications

There is no distribution list for notifications.

1.3 Locations where this document may be found

The current version of this document can be found at https://www.euronext.com/RFC2350 .

1.4 Authenticating this document

This document has been signed with the PGP key of EURONEXT CSIRT - see section 2.8 for more details on the PGP key.

1.5 Document identification

Title: "RFC 2350 EURONEXT CSIRT"

Version: 1.0

Document Date: June 2018

Expiration: This document is valid until superseded by a later version.

2. Contact information

2.1 Name of the team

EURONEXT CSIRT: Euronext Computer Security Incident Response Team

Short name: EURONEXT CSIRT

2.2 Address

EURONEXT CSIRT

Av. da Boavista, 3433

4100-138 Porto

PORTUGAL

2.3 Time Zone

Time-zone: WET/WEST

2.4 Telephone number

(+351) 910 124 465

2.5 Facsimile number

None.

2.6 Other telecommunication

None.

2.7 Electronic mail address

All incident reports should be sent to: security [dot] incident [at] euronext [dot] com.

All non-incident related email should be addressed to: csirt [at] euronext [dot] com.

Use of phone for reporting incidents should be avoided as much as possible.

2.8 Public keys and other encryption information

EURONEXT CSIRT uses PGP for encrypting information in communication with other entities.

KEYID: 973FE70FFE0AB53C

FINGERPRINT:  EA11 49D3 DC37 59E7 6C32  3AFF 973F E70F FE0A B53C

VALIDITY: 2023-07-15

SIZE: 3072

2.9 Team members

No public information is provided about EURONEXT CSIRT team members.

2.10 Other information

None.

2.11 Points of customer contact

The preferred method to contact EURONEXT CSIRT team is to send an e-mail to one of the addresses in the Electronic Mail Address section of this document. 

Urgent cases can additionally be reported by phone to the telephone number identified on the Telephone Number section of this document.

3. Charter

3.1 Mission statement

EURONEXT CSIRT provides information and assistance to its constituents (business units, users) in responding to computer security incident, on the imminence of their occurrence or when they occur, along with promoting proactive measures to reduce the risks of computer security incidents at all.

3.2 Constituency

The constituency of Euronext CSIRT is composed of all the personnel, services and underlying infrastructure of Euronext N.V. and its subsidiaries.

3.3 Sponsorship and/or affiliation

EURONEXT CSIRT is composed of Information Security personnel and from other offices, acting under the authority of the Information Security Office and its Chief Information Security Officer to protect Euronext N.V.

3.4 Authority

EURONEXT CSIRT is a Euronext N.V. service under the Information Security Office and its Chief Information Security Officer.

4. Policies

4.1 Types of incidents and level of support

All incidents are considered normal priority before internal triage.

EURONEXT CSIRT handles all computer security incident types, namely, those that result in a security violation of the following types:

  • Data Breach
  • Malware
  • Availability
  • Information Gathering
  • Intrusion
  • Intrusion Attempt
  • Information Security
  • Fraud
  • Abusive Content
  • Vulnerability

Depending on the type, severity and scope of the ongoing incident, adequate support levels are provided.

4.2 Co-operation, interaction and disclosure of information

CSIRT EURONEXT recognizes the importance of operational cooperation and information-sharing between CSIRT / CERT teams, and with other organisations which may contribute towards or make use of their services.

EURONEXT CSIRT operates within the confines imposed by EU legislation.

Sensitive data is only shared with third parties on a need-to-know basis and with the previous authorization of the owner of the information.

4.3 Communication and authentication

EURONEXT CSIRT protects sensitive information in accordance with relevant regulations and policies within the European Union.

For non-sensitive information clear text email or telephone can be used. For sensitive information, the use of PGP is recommended.

5. Services

5.1 Alerts and warnings

This service aims at disseminating information on ongoing (or risk of happening) computer security attacks or disruptions, security vulnerabilities, intrusions, computer viruses and other related security information with the aim to provide guidance and recommendations to the constituent.

5.2 Incident handling

This service aims at the coordination of response to information security incidents in the Euronext N.V. The Incident Handling service (also known as incident management) activities include:

  • Determining the impact, scope, and nature of the event or incident;
  • Understanding the technical cause of the event or incident;
  • Identifying what else may have happened or other potential threats resulting from the event or incident;
  • Researching and recommending solutions and workarounds;
  • Coordinating and supporting the implementation of the response strategies with other parts of the organization;
  • Disseminating information on current threats or attacks, through alerts, advisories or other technical publications;
  • Coordinating and collaborating with external parties such as vendors, ISPs, other security groups and CSIRTs, and law enforcement;
  • Assure that a proper lesson learned is performed for major incidents or minors (if recurrent);
  • Maintaining a repository of incident and activity related to the constituency that can be used for correlation, trending, and developing lessons learned to improve the security posture and incident management processes of an organization;
  • Escalate incidents to Management;
  • Communication.

6. Incident reporting forms

There are no local forms developed yet for reporting incidents to EURONEXT CSIRT

In case of an emergency or crisis, please provide CSIRT EURONEXT at least with the following information:

  • Contact details and organizational information – name of person and organisation name and address, email address, telephone number;
  • IP address and observation time;
  • Available evidences showing the problem (logs, screenshots, emails etc.);
  • In case of email forwarding, please ensure that all content (headers, body and any attachments) are included.

7. Disclaimers

While every precaution will be taken in the preparation of information, notifications and alerts, EURONEXT CSIRT assumes no responsibility for errors or omissions, or for damages resulting from the use of the information contained within.