-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 CSIRT Description for CERT PKO BP ================================ 1. About this document This document contains a description of CERT PKO BP according to RFC 2350. It provides basic information about the CERT, the ways it can be contacted, describes its responsibilities and the services offered. 1.1 Date of Last Update This is version 1.00, published at 2017-06-20 1.2 Distribution List for Notifications Notifications of updates are submitted to Trusted Introducer by e-mail: 1.3 Locations where this Document May Be Found The current version of this CSIRT description document is available from website at: www.pkobp.pl/cert Please make sure you are using the latest version. 2. Contact Information 2.1 Name of the Team CERT PKO Bank Polski 2.2 Address PKO Bank Polski S.A. Departament Cyberbezpieczenstwa UL. PULAWSKA 15 02-515 WARSZAWA POLSKA 2.3 Time Zone Central European Time (CET) - UTC+1 Central European Summer Time (CEST) - UTC+2 according to EU regulations (from the last Sunday of March to the last Sunday of October) 2.4 Telephone Number +48 22 521 7090 2.5 Facsimile Number +48 22 521 8418 (please note this is NOT a secure fax) 2.6 Other Telecommunication None available 2.7 Electronic Mail Address cert@pkobp.pl 2.8 Public Keys and Other Encryption Information CERT PKO BP uses the PGP key: User ID: CSIRT PKO BP User ID: CSIRT PKO BP Key ID: 0x76CAF671 Key type: RSA Key size: 4096 Expires: 2021-07-11 Fingerprint: 4780 9B22 0946 15D4 2E04 8004 C014 6689 76CA F671 This key can be received from directory servers or directly from our website: www.pkobp.pl/cert 2.9 Team Members A full list of CERT PKO BP team members is not publicly available. Team members will identify themselves to the reporting party with their full name in an official communication regarding an incident. 2.10 Other Information General information about PKO Bank Polski S.A. can be found at https://www.pkobp.pl/pkobppl-en/ 2.11 Points of Customer Contact CERT PKO BP prefers to receive incident reports via e-mail. Please use our cryptographic keys above to ensure integrity and confidentiality 3. Charter 3.1 Mission Statement CERT PKO BP provides incident handling for PKO Bank Polski S.A., the largest financial institution in Poland and one of the leading financial groups in Central and Eastern Europe. Our goal is to proactively identify and mitigate cyber threats to the organization and its subsidiaries. We also cooperate with other financial institutions in order to contribute to the national and financial sector cybersecurity efforts. 3.2 Constituency The CERT PKO BP constituency are all users of IT systems, network infrastructure and service platforms of the PKO Bank Polski S.A. That includes users based in Poland and from branches in Germany and Czech Republic. 3.3 Sponsorship and/or Affiliation The CERT PKO BP is a part of and sponsored by the PKO Bank Polski S.A. 3.4 Authority The CERT PKO BP operates under the auspices of, and with authority delegated by, the management of PKO Bank Polski S.A. 4. Policies 4.1 Types of Incidents and Level of Support CERT PKO BP handles all types of cybersecurity incidents that may have occur. The level of support depends on the type of the incident and the impact as determined by CERT PKO BP staff. 4.2 Co-operation, Interaction and Disclosure of Information CERT PKO BP declares that all information related to incidents handled is considered Confidential. Information that is evidently very sensitive in nature is only communicated and stored in a secure environment, if necessary using encryption technologies. Information submitted to CERT PKO BP may be distributed on a need-to-know basis to trusted parties for the sole purpose of incident handling. 4.3 Communication and Authentication The preferred method of communication is via e-mail. When the content is sensitive enough or requires authentication, the CERT PKO BP PGP key is used for signing e-mail messages. All sensitive communication to should be encrypted with the team's PGP key. 5. Services 5.1 Incident Response CERT PKO BP incident response provides 24/7 avaliability to coordinate all types of cybersecurity related incidents. CERT PKO BP's capabilities cover the full cycle of incident response - Preparation - Detection and Analysis - Containment, Eradication and Recovery - Lessons learned, Collected evidence analysis and Recommendation 5.2 Proactive Activities CERT PKO BP makes all efforts to enhance organizations immunity to security incidents and to limit the impact of incidents that may occur. CERT PKO BP provides the constituents with current information and advice on new threats and attacks which may have impact on their operations and builds awareness and skills of employees. 6. Incident Reporting Forms There are no specific forms developed to report incidents. 7. Disclaimers While every precaution will be taken in the preparation of information, notifications and alerts, CERT PKO BP assumes no responsibility for errors or omissions, or for damages resulting from the use of the information contained within. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJbVe8mAAoJEMAUZol2yvZxbewP/jKhlNaaj1igFYNm5tehmbho FI/Jnx/Cg0u+eKc7qpWocPsKh129/bsMAh1Mgw5HAPlYkHaKgRN3MQBE2szfWqBR kbtJVmhcj12m83THr/g00/D8jJ7rn9xphJnRAycGPTQVMikueLQ09ZD5sSLlFJgy QJH9NwPFaFRLtxoYkHdnpSPBIzOWJyX4GE4jFO5fBd2vrJFAlAJqcn7f8KGJm8PE nDumSVM3HaS5hR3YDbe3VGraqJIArsbj+GFC+ca4X3Fp7Kum+/xu2QL6EvhbuF6d 6AoudItiYDrBDZW8Z0URmh2FQBNHUCtufhAjwTPqoe069c+m3LWKm4zK8WK44nOH pvAVyiXlVBU9GuH4JkV7h3rtifHU8GK31XXHAi9Ayaq9gl95iw1b5HDK1nc04742 w+QPfGFrQgRCt+3m78Itb4BK6NFbT5CQsa2HnEbG8/Tv77FSpLBs9zdxt9HWdt3E vd7oGiwI2blu5DKpEso32YOZ3Yf5teTuNbsH0OYh6iOFoVMuYPZ9cRnxc6MUa8EX z88zmVE865Rgu/B9GgSkUIz1ckbaesvwxl4P5SE5h05H/Lfrc5R+hj8K5vDf13RC ZSueWAPLIPp7vqXqpCKwVCXeL1Rpvws+WVeflxYZG1/YOGQPjOANxf6M8w6oxIhK /LBYGnz/vI46FA6GS92L =iIKZ -----END PGP SIGNATURE-----