1. About this document
This document describes the Computer Security Incident Response Team (CSIRT) of Euronext N.V. in accordance to RFC 2350. It provides basic information about the Euronext CSIRT team, its channels of communication, and its roles and responsibilities
1.1 Date of last udpate
Version 4.0, published 2024/06/19.
1.2 Distribution list for notifications
There is no distribution list for notifications.
1.3 Locations where this document may be found
The current version of this document can be found at https://www.euronext.com/RFC2350 .
1.4 Authenticating this document
This document has been signed with the PGP key of EURONEXT CSIRT - see section 2.8 for more details on the PGP key.
1.5 Document identification
Title: "RFC 2350 EURONEXT CSIRT"
Version: 4.0
Document Date: 19 June 2024
Expiration: This document is valid until superseded by a later version.
2. Contact information
2.1 Name of the team
EURONEXT CSIRT: Euronext Computer Security Incident Response Team
Short name: EURONEXT CSIRT
2.2 Address
EURONEXT CSIRT
Av. da Boavista, 3433
4100-138 Porto
PORTUGAL
2.3 Time Zone
Time-zone: WET/WEST
2.4 Telephone number
(+351) 910 124 465
2.5 Facsimile number
None.
2.6 Other telecommunication
None.
2.7 Electronic mail address
All incident reports should be sent to: security [dot] incident [at] euronext [dot] com.
All non-incident related email should be addressed to: csirt [at] euronext [dot] com.
Use of phone for reporting incidents should be avoided as much as possible.
2.8 Public keys and other encryption information
EURONEXT CSIRT uses PGP for encrypting information in communication with other entities.
KEYID: 1AFA5C2B793ABE53
FINGERPRINT: 89D9 5308 51C1 C104 98EE 528D 1AFA 5C2B 793A BE53
VALIDITY: 2025-06-18
SIZE: 3072
2.9 Team members
No public information is provided about EURONEXT CSIRT team members.
2.10 Other information
None.
2.11 Points of customer contact
The preferred method to contact EURONEXT CSIRT team is to send an e-mail to one of the addresses in the Electronic Mail Address section of this document.
Urgent cases can additionally be reported by phone to the telephone number identified on the Telephone Number section of this document.
3. Charter
3.1 Mission statement
EURONEXT CSIRT provides information and assistance to its constituents (business units, users) in responding to computer security incident, on the imminence of their occurrence or when they occur, along with promoting proactive measures to reduce the risks of computer security incidents at all.
3.2 Constituency
The constituency of Euronext CSIRT is composed of all the personnel, services and underlying infrastructure of Euronext N.V. and its subsidiaries.
3.3 Sponsorship and/or affiliation
EURONEXT CSIRT is composed of Information Security personnel and from other offices, acting under the authority of the Information Security Office and its Chief Information Security Officer to protect Euronext N.V.
3.4 Authority
EURONEXT CSIRT is a Euronext N.V. service under the Information Security Office and its Chief Information Security Officer.
4. Policies
4.1 Types of incidents and level of support
All incidents are considered normal priority before internal triage.
EURONEXT CSIRT handles all computer security incident types, namely, those that result in a security violation of the following types:
- Data Breach
- Malware
- Availability
- Information Gathering
- Intrusion
- Intrusion Attempt
- Information Security
- Fraud
- Abusive Content
- Vulnerability
Depending on the type, severity and scope of the ongoing incident, adequate support levels are provided.
4.2 Co-operation, interaction and disclosure of information
CSIRT EURONEXT recognizes the importance of operational cooperation and information-sharing between CSIRT / CERT teams, and with other organisations which may contribute towards or make use of their services.
EURONEXT CSIRT operates within the confines imposed by EU legislation.
Sensitive data is only shared with third parties on a need-to-know basis and with the previous authorization of the owner of the information.
4.3 Communication and authentication
EURONEXT CSIRT protects sensitive information in accordance with relevant regulations and policies within the European Union.
For non-sensitive information clear text email or telephone can be used. For sensitive information, the use of PGP is recommended.
5. Services
5.1 Alerts and warnings
This service aims at disseminating information on ongoing (or risk of happening) computer security attacks or disruptions, security vulnerabilities, intrusions, computer viruses and other related security information with the aim to provide guidance and recommendations to the constituent.
5.2 Incident handling
This service aims at the coordination of response to information security incidents in the Euronext N.V. The Incident Handling service (also known as incident management) activities include:
- Determining the impact, scope, and nature of the event or incident;
- Understanding the technical cause of the event or incident;
- Identifying what else may have happened or other potential threats resulting from the event or incident;
- Researching and recommending solutions and workarounds;
- Coordinating and supporting the implementation of the response strategies with other parts of the organization;
- Disseminating information on current threats or attacks, through alerts, advisories or other technical publications;
- Coordinating and collaborating with external parties such as vendors, ISPs, other security groups and CSIRTs, and law enforcement;
- Assure that a proper lesson learned is performed for major incidents or minors (if recurrent);
- Maintaining a repository of incident and activity related to the constituency that can be used for correlation, trending, and developing lessons learned to improve the security posture and incident management processes of an organization;
- Escalate incidents to Management;
- Communication.
6. Incident reporting forms
There are no local forms developed yet for reporting incidents to EURONEXT CSIRT
In case of an emergency or crisis, please provide CSIRT EURONEXT at least with the following information:
- Contact details and organizational information – name of person and organisation name and address, email address, telephone number;
- IP address and observation time;
- Available evidences showing the problem (logs, screenshots, emails etc.);
- In case of email forwarding, please ensure that all content (headers, body and any attachments) are included.
7. Disclaimers
While every precaution will be taken in the preparation of information, notifications and alerts, EURONEXT CSIRT assumes no responsibility for errors or omissions, or for damages resulting from the use of the information contained within.