You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Current »

Who should I choose as my Sirtfi contact?

The purpose of this page is to assist you in selecting a Sirtfi contact for your entity. Your federation operators may provide valuable recommendations – be sure to liaise with them for guidance.

  • The Sirtfi contact should be an individual or group who has agreed to perform the incident response obligations of the Sirtfi Framework on behalf of the entity
  • Existing incident response structures, including CERTs, may be leveraged where available

Correspondence sent to the Sirtfi contact must not be publicly archived

A flow chart has been provided to describe the thought process for choosing a Sirtfi contact.

Example Sirtfi contact choices

By liaising with your federation operators, you should be able to gauge which potential Sirtfi contact is best placed to be the initial point of contact during federated incident response. Consider the expertise, availability and mandate of candidates when making your decision. The table below provides some example choices of Sirtfi contact.

Model

Possible Choice

Entity in federation with centralised incident response support

External security team – Federation

Entity in e-infrastructure with centralised support

External security team – e-Infrastructure

Entity within organisation with federation aware security team

Organisation’s security team

Mature entity with security conscious entity support

Entity’s support team or individual

Small scale entity

Individual with appropriate knowledge 

What are the expectations on the Sirtfi contact?

The Sirtfi contact will:

  • Use and respect the Traffic Light Protocol (TLP) during all incident response correspondence
  • Promptly acknowledge receipt of a security incident report
  • As soon as circumstances allow, investigate incident reports regarding resources, services, or identities for which they are responsible

Which information is required?

The following fields are mandatory for a Sirtfi contact:

  • GivenName
  • EmailAddress

Can additional information be included?

Additional fields, such as telephone numbers or secondary email addresses, may be added if desired. Only fields from the OASIS Standard for contactType may be added.

 

 

 

  • No labels