RFC 2350

RFC 2350

1. Document Information

This document contains a description of CSIRTMalta according to RFC 2350. It provides basic information about the team, the ways it can be contacted, describes its responsibilities and the services offered.

1.1 - Date of Last Update
This is version 4.3 dated 24/10/2022

1.2 - Distribution List for Notifications
No distribution list exists to notify changes of this document.

1.3 - Locations where this Document May Be Found
The current version of this document will be available online at RFC 2350​.

2. Contact Information

2.1 - Name of the Team

2.2​ - Address
43A St Paul Building Suite 1,
West Street
Valletta, VLT1532​

Malta is located in the Greenwich Mean Time time-zone. (GMT 0, GMT 1 during summertime).

2.4​ - Telephone Number
(356) 2568 9800

2.5 - Facsimile Number

2.6 - Electronic Mail Address

2.7 - Other Telecommunication
Twitter using @csirtmalta

2.8 - Public Key and Encryption information

CSIRTMalta PGP Public key can be viewd here.

2.9 - Team Members
The CSIRTMalta team leader is Matthew Yeomans.

2.10 - Working Hours
Until further notice CSIRTMalta staff will be accessible as follows:

     Summer Time: Monday to Friday from 0700 to 15:30 excluding public holidays
     Winter Time: Monday to Friday from 0700 to 16:30 excluding public holidays

2.11 - Other Information
Further information will be available at 

2.12 - Points of Customer Contact
The preferred method for contacting CSIRTMalta is via e-mail. For incident reports and related issues please use csirtmalta@gov.mt. This email is monitored regularly and emails will be acted upon once received.

If it is not possible (or advisable due to security reasons) to use e-mail, you can reach us via telephone (see 2.4 above). CSIRTMalta hours of operation are generally restricted to regular business hours (see 2.10 above).

3. Charter

3.1 - Mission Statement
Supporting CI's, CII's and other sensitive infrastructure in Malta on how to protect their information infrastructure assets and systems from cyber threats and incidents.

3.2 - Constituency
CSIRTMalta provides services primarily to organisations with Critical Information Infrastructure in Malta.

3.3 - Sponsorship and/or Affiliation
CSIRTMalta is established within the 
Ministry for Home Affairs, Security, Reforms and Equality​.

3.4 - Authority
CSIRTMalta’s main purpose in incident handling is the coordination of incident response on a national level.

4. Policies

4.1 - Types of Incidents and Level of Support
CSIRTMalta team will gradually roll out its services, starting with Announcements, Alerts and Incident Response Coordination on a best-effort basis.

4.2 - Co-operation, Interaction and Disclosure of Information
CSIRTMalta will cooperate with other Organisations in the Field of Computer Security. This Cooperation also includes and often requires the exchange of vital information regarding security threats and vulnerabilities. 

CSIRTMalta will protect the privacy of its customers. CSIRTMalta operates under the restrictions imposed by the Laws of Malta.

4.3 - Communication and Authentication
For normal communication not containing sensitive information CSIRTMalta will use conventional methods like unencrypted e-mail.

For secure communication PGP-Encrypted e-mail or telephone will be used. If it is necessary to authenticate a person before communicating, this can be done either through existing webs of trust, such as the Trusted Introducer network, or by other methods like call-back, mail-back or even face-to-face meeting if necessary.
5. Services

5.1 - Announcements
Announcements provide information about known threats and vulnerabilities, and countermeasures needed to protect systems and networks.

5.2 - Alerts and warnings
Alerts and warnings about cyber attacks or disruptions, security vulnerabilities, intrusion alerts and computer viruses will be disseminated to the constituents together with recommendations to counteract the problem.

5.2 - Incident Response Coordination
This service aims at supporting any affected constituents by coordinating the response to information security incidents, possibly in cooperation with the European and international communities of Computer Emergency Response Teams, and other public and private bodies as appropriate.
6. Incident Reporting Forms

Not available; please report using encrypted e-mail.
7. Disclaimers

Go here

Contact Information:

 Contact Name 
Malta Critical Infrastructure Protection Directorate

43A St Paul Building Suite 1,
West Street
Valletta, VLT1532​
+356 2568 9800

MaltaCIP Email