© 2020 CERT-WM

Computer Emergency Response Team voor Water Management

About this document

This document covers the contact and organizational information of the
CERT-Water Management (CERT-WM) in accordance with IETF RFC2350: https://www.ietf.org/rfc/rfc2350.txt(externe link)

Date of Last Update

The latest update is from June 8, 2021. This change includes reformatting the document.

Publication

The most current version can always be found at the website of the CERT-WM: https://www.cert-wm.nl. Any questions regarding the content of this document can be sent to mailto:cert@hetwaterschapshuis.nl.

Contact Information

Name of the Team

Cyber Emergency Response Team voor Water Management (CERT-WM).

Addresses

Mailing address

Het Waterschapshuis

CERT-WM

PO Box 2180

3800 CD Amersfoort

The Netherlands

Office address

Rijkswaterstaat Security Centre

Derde Werelddreef 1

2622 HA Delft

The Netherlands

 

Time zone

Europe/Amsterdam

UTC+1 | CET between the last Sunday in October and the last Sunday in March (winter).

UTC+2 | CEST | DST between the last Sunday in March and the last Sunday in October (summer).

Mobile Phone

+31 6 51 25 65 22

Landline

+31 88 79 86 400 (SOC Rijkswaterstaat)

Public Keys and Encryption Information

The CERT-WM uses PGP for signing and en/decrypting information.

Relevant keys are available on public PGP/GPG key servers and at:

https://pgp.surfnet.nl(externe link)

https://pgp.key-server.io(externe link)

Team Members

In accordance with national law, the CERT-WM does not publicly publish the names of individual team members. Team members will identify themselves to the reporting party with their full name during official communication regarding an incident.

Other Information

General information about the CERT-WM (in Dutch) can be found at:

https://www.cert-wm.nl

Charter

The CERT-WM functions as the CERT for the entire water management sector in the Netherlands and it offers cyber security related services to its constituents.

Mission Statement

The primary mission of the CERT-WM is to actively improve the information and cyber security and resilience of its constituents by means of:

  • proactive advice on security improvements;
  • detection of anomalies;
  • managing (potential) cyber-related incidents that can overcome constituents;
  • providing tailored advisories on vulnerabilities or patches.

Constituency

The constituency of the CERT-WM consists of organizations in the Netherlands involved in national water management (excluding potable-water) and wastewater treatment.

Sponsorship and Affiliation

Funded by Het Waterschapshuis and sponsored by Rijkswaterstaat, the CERT-WM operates as a co-operation of the Security Operations Centre (SOC) of Rijkswaterstaat and Het Waterschapshuis.

Authority

The authority of the CERT-WM is restricted to advising and assisting its constituents by coordinating the response to cyber-related incidents.

 

Policies

Types of Incidents and Level of Support

The CERT-WM is restricted to handling only cyber-related types of security incidents. The CERT-WM advises or informs constituents. The CERT-WM is not capable of delivering capacity support.

Co-operation, Interaction and Disclosure of Information

While appropriate measures are taken to protect the identity of constituents and members of neighbouring sites where necessary, the CERT-WM will -if possible- share information freely to assist others in resolving or preventing security incidents.

Communication and Authentication

Regarding the classification of information that the CERT-WM is likely to be dealing with, telephones will be considered sufficiently secure to be used unencrypted. Unencrypted e-mail is considered secure and will be sufficient for the transmission of non-sensitive data. If it is necessary to send sensitive data by e-mail, encrypted attachments will be used. Secure IM-communications will be conducted using Threema.

 

Services

Incident response

The CERT-WM will provide assistance or advice with respect to the following aspects of incident management:

Incident Triage/Taxonomy
  • Investigate whether indeed an incident occurred.
  • Determinate the extent of the incident.
Incident Coordination

The CERT-WM can contact stakeholders, constituents and other CERTs if the information obtained is considered of interest to those.

Proactive Activities

The CERT-WM coordinates and maintains the following services to the extent possible within its resources:

  • List of security contacts per constituent, administrative, organizational and technical.
  • List of used computer systems (software, hardware and services) per constituent to provide: 
    • tailored and early warnings of vulnerabilities;
    • tailored and early reporting on patches or updates.
  • Coordination of RD/CVD  reports.
  • Monitoring of web systems used by constituents.

Disclaimers

While every precaution will be taken in the preparation of information, notifications and alerts, the CERT-WM assumes no responsibility for errors or omissions, or for damages resulting from the use of the information contained within.

The CERT-WM advises constituents and has no authority to order operational activities. Final responsibility therefore remains with the constituents.