RFC 2350 (EN)

1. ABOUT THIS DOCUMENT

This document constitutes the official description of bjCSIRT, in accordance with the international standard RFC 2350.
It provides general information about the team, its communication channels, as well as its roles and responsibilities.

1.1 Date of Last Update

October 14, 2024

1.2 Distribution List for Notifications

There is currently no notification mailing list in place.

1.3 Distribution Locations

Official version available at:
RFC 2350

1.4 Authenticity

This document is signed using the official PGP key of bjCSIRT.
Details are provided in section 2.8.

2. CONTACT INFORMATION

2.1 General Information

Team Name	bjCSIRT – National CSIRT of the Republic of Benin
Address	Fawaz Building, Rue des Cheminots, Cotonou – Benin
Time Zone	West Africa Time (GMT+01)
Phone	+229 01 21 30 02 36
Email	bjcsirt@asin.bj contact@csirt.gouv.bj soc@asin.bj
Availability	Operational service 24/7

2.2 PGP Public Key

2.3 Team Members

Information regarding team members is provided upon request.

2.4 Additional Information

Official website: https://csirt.bj
Twitter: https://twitter.com/bjCSIRT

2.5 Preferred Contact Method

The preferred communication channel is email
(bjcsirt@asin.bj).
Alternatively, the phone contact listed in section 2.1 may be used.

3. CHARTER

3.1 Mission Statement

The bjCSIRT assists the Government of the Republic of Benin,
its official institutions, as well as Critical Information Infrastructure Operators (CIIOs),
in protecting against threats that may compromise the integrity,
availability, or confidentiality of their information systems.

Its scope of action includes:

• Prevention
• Detection
• Response
• Recovery

3.2 Guiding Principles

• Ethics and professional integrity
• Operational excellence
• Responsiveness in emergency situations
• Strengthening national capacities
• Sharing best practices
• Culture of openness within a secure framework

4. POLICIES

4.1 Types of Incidents and Level of Intervention: N/A

4.2 Cooperation and Information Sharing:

The bjCSIRT places great importance on cooperation and information sharing between response teams and other organizations.
It collaborates with law enforcement authorities (Republican Police).
Confidentiality laws apply. Criminal incidents must be assessed by the competent Police unit.

4.3 Communication and Authentication:

For internal communications, the use of PGP and trusted contact lists is recommended.

5. SERVICES

5.1 Incident Response

bjCSIRT defines, assesses, and prioritizes all types of ICT-related incidents,
and provides assistance and guidance for their management.

5.1.1 Triage

• Determine whether a security incident has actually occurred.
• Assess the scope of the incident.

5.1.2 Coordination

• Identify and contact the affected organizations.
• Facilitate contact with the Police if necessary.
• Draft reports depending on the incident and entities involved.
• Communicate with the media if necessary.

5.1.3 Resolution

• Advise organizations on appropriate measures.
• Monitor the resolution process.
• Collect and interpret evidence, if necessary.

5.2 Proactive Activities

• Conduct periodic security audits.
• Provide information on threats and trends for awareness.
• Perform continuous monitoring.
• Collect contacts and strengthen the security community.

5.3 Cybercrime Investigation

bjCSIRT may provide the Republican Police with essential information for cybercrime investigations, including forensic analysis services.

6. INCIDENT REPORTING FORM

The notifier must answer the standard questions: Where? When? What? How? Who?
and provide relevant log files.
Online form: https://csirt.bj/report

7. DISCLAIMER