RFC 2350 Rhomberg Bau CSIRT

# 1. Document Information

This document contains a public description of RCSIRT according to RFC 2350.
It provides basic information about the CSIRT, the ways it can be contacted, describes its responsibilities and the services offered.

## 1.1 Date of Last Update
1 July 2022, 10:00:00 +0100
## 1.2 Distribution List for Notifications
There is no existing distribution channel for notifications of updates.
## 1.3 Locations where this Document May Be Found
https://www.rhomberg.com/security/rfc2350

# 2. Contact Information

## 2.1 Name of the Team
RCSIRT - Rhomberg Computer Security Incident Response Team
## 2.2 Address
Rhomberg Bau GmbH
IT - CSIRT
Mariahilfstraße 29
6900 Bregenz/Austria
## 2.3 Time Zone
Europe/Vienna
## 2.4 Telephone Number
None.
## 2.5 Facsimile Number
None.
## 2.6 Other Telecommunication
None.
## 2.7 Electronic Mail Address
See https://www.rhomberg.com/security
## 2.8 Public Keys and Encryption Information
See https://www.rhomberg.com/.well-known/Rhomberg CSIRT_public.key

# 3. Charter

## 3.1 Mission Statement
Protect Rhomberg Bau Holding and its constituents from attacks, using state-of-the-art detection methods. Professionally manage cyber incidents and ensure the timely and sustainable resolution and recovery.
## 3.2 Constituency
Rhomberg CSIRT constituency is mixed, thus, the team attends internal and external customers.
## 3.3 Sponsorship and/or Affiliation
Rhomberg CSIRT is an internal unit of Rhomberg Bau GmbH and is solely financed and supported by the latter.
## 3.4 Authority
The main purpose of Rhomberg CSIRT is the group-wide and multinational coordination of incident response and operative incident handling, throughout Rhomberg Bau Holding subsidiaries and member companies.

# 4. Policies

## 4.1 Types of Incidents and Level of Support
Rhomberg CSIRT addresses all kinds of security incidents which occur, or threaten to occur, within its constituency. The level of support depends on the type and severity of the given security incident, the impact for affected companies and persons within our constituency, and our resources at the time. Usually, our first response is timely at the same working day. We expect end users to contact their local systems or network administrators or their local security contacts.
## 4.2 Co-operation, Interaction and Disclosure of Information
Rhomberg CSIRT highly regards the importance of operational cooperation and information-sharing between Computer Emergency Response Teams, and also with other organizations which may contribute towards or make use of their services. Rhomberg CSIRT operates in strict compliance with German and/or EU legislation.
## 4.3 Communication and Authentication
Rhomberg CSIRT makes use common cryptographic methods to ensure the confidentiality and integrity of the communications. GPG/PGP are available for general communication via email.

# 5. Services

## 5.1 Incident Response
Rhomberg CSIRT is able to perform operative incident handling in several different environments.
## 5.2 Proactive Activities
Rhomberg CSIRT offers up-to-date information about security vulnerabilities to its internal constituents.

# 6. Incident Reporting Forms

There are no public forms available.
All communication should be directed to our mail address see 2.7.
We recommend any communication related to security incidents or Vulnerabilities to be encrypted by GPG/PGP tools. Please use our current team-key, published see 2.8.

# 7. Disclaimers

While every precaution will be taken in the preparation of information, notifications and alerts, Rhomberg CSIRT assumes no responsibility for errors or omissions, or for damages resulting from the use of the information contained within.