Intesa Sanpaolo established a Computer Emergency Readiness Team (CERT) with the mission of identifying and assessing the cyber threats which might have a potential impact on the Group, coordinate the response against cyber security related incidents and provide timely advice to all its constituency. The CERT is authorized to operate under the name "ISP-CERT" by Carnegie Mellon.
The mission of the CERT in Intesa Sanpaolo is to:
Furthermore, the Intesa Sanpaolo CERT maintains contacts with other external incident response teams as well as with national and European institutions and government entities.
The ISP-CERT is authorized to handle critical incidents that occur, or threaten to occur, to the Intesa Sanpaolo Group. The level of support given by ISP-CERT will vary depending on e.g. type and severity of the incident, the resulting impacts, the perimeter affected and the target involved.
ISP-CERT is also committed to keeping its constituency informed of potential threats and attackers TTPs possibly before they are actively exploited.
The Intesa Sanpaolo CERT constituencies consists of all entities of Intesa Sanpaolo Group, including the holding and all the affiliated entities.
The constituencies are located mainly in the following countries: Italy, Russia, Albania, Czech, Slovenia, Slovakia, Croatia, Romania, Egypt, Serbia, Bosnia Herzegovina, Hungary and in any other country where the Intesa Sanpaolo Group operates.
ISP-CERT service offering is built around three key domains:
ISP-CERT assists and coordinates the response to cyber security incidents within its constituency to ensure incidents are handled effectively and efficiently. In case of incident, ISP-CERT will support with respect to the following aspects of incident management:
The preferred method for contacting the ISP-CERT is via e-mail at firstname.lastname@example.org.
The mailbox is monitored during regular office hours: Monday to Friday, 08.30 to 17.00 Central European Time Zone (GMT+0100 and GMT+0200 from the last Sunday of March to the last Sunday of October), except during public holidays in Italy.
Please use PGP if you plan to send sensitive information.
Urgent cases can be reported preferably by phone to +39 0287966093 which is monitored 24x7x365.
ISP-CERT provides a "Group Reporting Form" to its constituency.
In case an incident has to be reported from outside ISP-CERT's constituents, please report at least the following information, preferably using encrypted e-mail:
ISP-CERT supports the Information Sharing Traffic Light Protocol; information that comes in with the tags WHITE, GREEN, AMBER or RED will be handled accordingly.
The complete ISP CERT profile is available at the link