-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

RFC 2350 CSIRT Description for

'##::::::::::'##::'##:: '#####::::'########:::'#######:::'######::::::'######:::'######:::'##::'########::'########:
 ###::::::::'###:: ##::'##... ##:: ##.... ##:'##.... ##:'##... ##::::'##... ##:'##... ##:. ##:: ##.... ##:... ##..::
 ####::::::'####:: ##:: ##:::..::: ##:::: ##: ##:::: ##: ##:::..::::: ##:::..:: ##:::..::: ##:: ##:::: ##:::: ##::::
 ##:##:::::## ##:: ##:: ##::'###:: ########:: ##:::: ##:. ######::::: ##:::::::. ######::: ##:: ########::::: ##::::
 ##: ##:::##: ##:: ##:: ##::: ##:: ##.. ##::: ##:::: ##::..... ##:::: ##::::::::..... ##:: ##:: ##.. ##:::::: ##::::
 ##:: #####:: ##:: ##:: ##::: ##:: ##::. ##:: ##:::: ##:'##::: ##:::: ##::: ##:'##::: ##:: ##:: ##::. ##::::: ##::::
 ##::. ###::: ##:: ##::. ######::: ##:::. ##:. #######::. ######:::::. ######::. ######:::'##:: ##:::. ##:::: ##::::
..:::::..::::...::...:::......::::..:::::..:::.......::::......:::::::......::::......:::....::..:::::..:::::..::;-)

1. About this document
1.1 Date of Last Update
2025-12-17

1.2 Distribution List for Notifications
This document is publicly available at https://privacy.migros.ch/dam/jcr:20532285-ebf4-4c2e-b825-5156cebbcf53/rfc.txt. 
Updates will be published at the same URL. No specific distribution list is used for notifications of updates.

1.3 Locations where this Document May Be Found
The current version of this document can be found at:
https://privacy.migros.ch/dam/jcr:20532285-ebf4-4c2e-b825-5156cebbcf53/rfc.txt

1.4 Authenticity of this Document
This document has been digitally signed with the Migros CSIRT PGP key. 

2. Contact Information
2.1 Name of the Team
Migros CSIRT (Computer Security Incident Response Team)

2.2 Address
Migros-Genossenschafts-Bund
Cyber Defense Center - CSIRT, LP46/2 
Limmatstrasse 152
CH-8005 Zurich
Switzerland

2.3 Time Zone
Central European Time (CET) / Central European Summer Time (CEST) – UTC+1 / UTC+2

2.4 Telephone Number
+41 58 570 34 50 

2.6 Electronic Mail Address
csirt@migros.ch

2.7 Public Keys and Encryption Information

PGP Key ID: 0x5FE9106485F3A3FD
PGP Fingerprint: F665A71E13AE4BDB3C7EF17A5FE9106485F3A3FD

2.8 Team Website
https://privacy.migros.ch/en/it-security/csirt.html

2.9 Business Hours
The Migros CSIRT operates Monday through Friday, 08:00–17:00 CET/CEST.

3. Charter
3.1 Mission Statement
The Migros CSIRT is responsible for detecting, analyzing, and responding to IT security incidents affecting the Migros Group. The team's mission is to protect the confidentiality, integrity, and availability of Migros' IT systems, networks, and data.

3.2 Constituency
The Migros CSIRT serves all entities within the Migros Group, including regional cooperatives, subsidiaries, and affiliated organizations.

3.3 Sponsorship and/or Affiliation
The Migros CSIRT is funded and managed by the Migros-Genossenschafts-Bund (MGB). It collaborates with national and international security organizations, industry groups, and governmental authorities.

3.4 Authority
The Migros CSIRT is authorized to take necessary actions to prevent, detect, and mitigate security incidents within its constituency. It operates under the governance of the Migros Group's Information Security leadership.

4. Policies
4.1 Types of Incidents and Level of Support
The Migros CSIRT handles all types of IT security incidents, including but not limited to:

Malware infections
Vulnerabilities
Phishing and social engineering attacks
Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) attacks
Data breaches and privacy violations
Unauthorized access to systems or accounts
The level of support provided depends on the severity of the incident and the available resources. Priority is given to incidents that pose a significant risk to the organization’s critical systems or data.

4.2 Co-operation, Interaction, and Disclosure of Information
The Migros CSIRT works in close collaboration with internal teams, external partners, and law enforcement agencies. Information about security incidents is shared only with authorized parties and in compliance with applicable laws and internal policies.

4.3 Communication and Authentication
The Migros CSIRT uses PGP to ensure the confidentiality and authenticity of email communications. Additional authentication measures may be employed when necessary.

5. Services
5.1 Incident Response Services

Incident triage (classification, prioritization, and initial analysis)
Incident coordination and communication
Technical analysis and forensic investigation
Incident containment, eradication, and recovery support

5.2 Proactive Services
Vulnerability management and threat intelligence sharing
Penetration Testing and Red Teaming activities
Security awareness training

5.3 Security Management Services
Development and review of security policies and procedures
Consultancy on security best practices
Support for compliance with regulatory requirements

6. Incident Reporting Forms and Information
6.1 Reporting an Incident
Security incidents should be reported to the Migros CSIRT as soon as possible. Reports can be made via:

Email: csirt@migros.ch
Vulnerabilities can be reported via the following form: https://privacy.migros.ch/en/it-security/report.html

6.2 Information to Include in a Report
To assist with incident response, please include the following information when reporting an incident:

Your contact details (name, organization, phone, email)
A detailed description of the incident
Affected systems, applications, or data
Date and time of the incident
Any steps already taken to mitigate or resolve the issue

7. Disclaimers
The Migros CSIRT provides its services on a best-effort basis. While every effort is made to ensure the accuracy and reliability of the information provided, the Migros CSIRT cannot be held liable for any damages resulting from the use or misuse of this information. The responsibility for implementing security measures lies with the respective system or data owners.
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEE9mWnHhOuS9s8fvF6X+kQZIXzo/0FAmlCrzQACgkQX+kQZIXz
o/3sdQ/+MT5zqO/nPaCxINavAy/Z6Op56zEXPCBFJS7e8/MVFkuQRzY18cwBX44f
quw1BVj4xHLBdEAL183gR2dibM4WpSB/lSxiePB57NOlaOraI4GSKcHySmhc7Say
eyf3lpOsrVkXYREYFhtHVlz8LwttUll14tZfP+I9ZifHjPjL8Sr3wzgXZ/ruPGMT
b5GSADiZacQ7sd7Q43KMcx0ej6haWIMiGovpUFWk6DiDF3dC2evePdkSneGQknRd
dPJTKFap+jslkUKJHoPbTK5UABKxHBMAg82bmW4WpBS2RJXEBzSCMDhyVuG1pQac
R6/+0C8q7KMwk5nPIw3rYYJWCj40tuuU+RrH/l3W46xaFnRlGb7UPVTktEjm/D7O
Bz9AbYQeFsY3QDsTadf2ZdlCecz/YuqP5CKQsvAdvc3qa+MhyOx+BdtPdCH1kMbp
LaQwbNvt6nbQWv/UoZKyX3pH7/7ZADIIyNT5ogY4B0wqTJ/dQscQTDqPuCxR3+xl
UL67ptjkTZi3CZBh3zuzpf5PaVzIQT6tT9mhYlAu7Mu2pwLNY2Fufw3gZ235FDvD
yzp2vo0gQHj9Wf8TJLXVTiYB/bLHckD2jfuOBPJ1b60Yrbag563VJazkgi5c3hhd
5IFXBkwcHsPpOeLV7saR8DiOFuDkdwL47peLe4g6H1LLivIXERY=
=DBX3
-----END PGP SIGNATURE-----