This is version
1.0.0 published on March 5th, 2018.
There isn’t any distribution list for notifications.
The document is available on CERTBI’s website at the following URLs:
CERT Banca d’Italia
Short name: CERTBI
CERT Banca d’Italia
Servizio Pianificazione Informatica
Largo Guido Carli, 1
00044 Frascati (Roma)
Central European Time (UTC+1), and observing Daylight Saving Time (UTC+2) from the last Sunday of March to the last Sunday of October.
+39 06 4792 9797
+39 06 4792 8946 (this is not a secure fax)
CERTBI can be reached at firstname.lastname@example.org.
PGP/GPG is supported for secure communication.
CERTBI has a public PGP/GPG key for email@example.com which is available at the usual public key servers such as http://pgp.mit.edu.
All team members of CERTBI have a personal PGP/GPG key for exchange of classified information.
CERTBI team consists of qualified cyber security analysts. The team leader is the pro tempore head of the “Divisione CERTBI”.
General information about CERTBI can be found at https://cert.bancaditalia.it.
The preferred method for contacting CERTBI is via email at firstname.lastname@example.org. The mailbox is monitored during hours of operation. Please use PGP/GPG if you intend to send sensitive information.
The CERTBI’s hours of operation are generally restricted to regular business hours (9:00 - 17:00, Monday to Friday except Italian holidays).
If necessary, any urgent case can be reported by phone at +39 06 4792 9797.
CERTBI is the focal point for the collection, analysis and sharing of information related to cyber threats, and for the coordination of activities to prevent and respond to cyber emergencies that could harm IT-assets of Banca d’Italia.
The CERTBI’s constituency includes people and IT-assets of Banca d’Italia.
CERTBI is part of Banca d’Italia organization.
CERTBI operates under the auspices of, and with authority delegated by, the Director General of the Directorate General for Information Technology of Banca d’Italia.
CERTBI is authorized to address relevant cyber security incidents which occur, or threaten to occur, at Banca d’Italia. Depending on the security incident’s nature, CERTBI will gradually roll out its services which include incident response coordination, alerting, and digital forensic analysis.
The level of support given by CERTBI will vary depending on the type and severity of the incident or issue, its potential or assessed impact, and the CERTBI’s resources available at the time.
The CERTBI is committed to keeping its constituency informed of potential vulnerabilities, possibly before they are actively exploited.
CERTBI regards the operational cooperation and information sharing with other CERTs and similar qualified organizations as of paramount importance. Therefore, while appropriate measures will be taken to protect the identity of members of the constituency and of neighboring sites where necessary, the CERTBI will otherwise share information when this will assist others in resolving or preventing security incidents.
CERTBI operates within the current Italian and European legal frameworks, with specific regard to the handling and disclosure of information.
CERTBI observes the CSIRT Code of Practice.
Telephones and unencrypted emails are considered sufficiently secure for the transmission of low-sensitive data. If it is necessary to send highly sensitive data by email, PGP/GPG will be used. Network file transfers will be considered to be similar to email for these purposes: sensitive data will be encrypted for transmission.
CERTBI recognizes and supports the TLP (Information Sharing Traffic Light Protocol).
Where it is necessary to establish trust, for example before relying on information given to the CERTBI or before disclosing confidential information, the identity and bona fide of the other party will be ascertained to a reasonable degree of trust by use of appropriate methods (e.g.: referrals from known trusted sources, checks with the originator, digital signatures).
CERTBI will assist the affected constituents in handling the technical and organizational aspects of relevant cyber security incidents. In particular, CERTBI is responsible for the incident response coordination, including sending out alerts and warnings to its constituency, for performing digital forensic analysis when necessary, and for providing assistance or advice with respect to the different incident response phases.
CERTBI coordinates and maintains the following services for its constituency:
CERTBI does not provide any public form for reporting incidents.
When reporting a cyber security incident to CERTBI, please provide at least the following information:
Please classify the information using the Traffic Light Protocol and apply encryption as appropriate.
While every precaution will be taken in the preparation of information, notifications and alerts, CERTBI assumes no responsibility for errors or omissions, or for damages resulting from the use of the information contained within.