Home

FAQ

A Computer Security Incident Response Team (CSIRT) is a service provider responsible for receiving, reviewing, and responding to computer security incident reports. These services are generally offered to a predefined sector-specific constituency and possibly a parent structure such as a large company, a government, an educational organism; or else a region, a country or a research network.
Anyone may report incidents to GOVCERT.LU, as long as they are related to governmental entities or critical infrastructure operators. Incidents which are not related to GOVCERT.LU's constituency will be forwarded to the appropriate CSIRT. Incidents impacting on education and research networks should be reported to RESTENA-CSIRT. Incidents impacting on municipal authorities or any other entity not covered by the previous two sectoral CSIRTs should be reported to CIRCL.
Incidents may be reported to any CSIRT as long as they are related to its constituency. When in doubt, please contact the national CSIRT which will then redirect you to the most appropriate CSIRT. A list of most European CSIRTs can be found on the Trusted Introducer's website.
Incidents can be reported either by completing an online form or by using a template. Please refer to our incident reporting section for further information.
Any governmental entity and any critical infrastructure operator can register at GOVCERT.LU. Although our services are also offered to non-registered members of our constituency, registration greatly improves the quality of the services offered. For more information on the registration process, please visit the corresponding section of our website.
Critical infrastructure operators are public and private entities. Any computer incident occurring within their structure could seriously harm the well-being of the Grand Duchy of Luxembourg, its citizens or its economy.
An information security event is an identified occurrence in a system, service or network state that indicates a possible breach of information security policy, a failure of safeguards, or a previously unknown situation that may be security relevant.

An information security incident (or computer incident) is a single or a series of unwanted or unexpected information security events that have a significant probability of compromising business operations or threatening information security, where "information security" means preservation of the confidentiality, integrity and availability of information.
Protecting large IT systems requires in-depth ICT knowledge and should be combined with a risk analysis. An approach to IT security based on risk management is the best way to avoid unnecessary investments. For more information on securing your systems please visit the CASES website if you are a company, or the BEESECURE website if you are an individual.

Report an incident

If you wish to report an incident anonymously, please complete the PGP encrypted reporting form.

> Report
> More Information