Contact Information for the Seychelles CERT-SC
This is version 1.0 published 01/01/2025
CERT-SC will not plan frequent modifications to this document.
Full name: Computer Emergency Response Team Seychelles
Short name: CERT-SC
P.O.Box 737, 3rd Floor, Caravelle House, Manglier Street, Victoria, Mahe, Seychelles
GMT+4
Tel: +248 4286630
head@cert-sc.sc
Email: head@cert-sc.sc
PGP KeyID: 400F 221D 35D3 D12D
Fingerprint: C51B7BCFD2B01BFE280518E4400F221D35D3D12D
No public information is provided about CERT-SC team members.
Further information about CERT-SC can be found at: https://www.cert.gov.sc/
The preferred communication channel is e-mail as mentioned in section 2.5.
To enhance the cybersecurity posture of Seychelles by supporting incident response, proactive threat intelligence, and fostering a resilient digital environment through collaboration and awareness.
The main goals for CERT-SC, as a national CERT, are to:
Constituency is all Internet users in Seychelles including all sectors and home users.
CERT-SC is a national CERT which operates under the Department of Information and Communication Technology of the Government of Seychelles.
CERT-SC has signed a memorandum of understanding (MoU) with Mauritius.
CERT-SC functions within the purview of the Department of Information and Communication Technology under the governance of the Seychelles government.
CERT-SC holds the authority to address a comprehensive range of computer security incidents within its designated constituency, whether they have already transpired or pose a potential threat. The level of assistance offered by CERT-SC will be contingent upon factors such as the nature and severity of the incident, the specific constituency involved, the scale of the impacted user community, and the available resources of CERT-SC at that moment. CERT-SC also pledges to keep its constituents well-informed about potential vulnerabilities.
CERT-SC works closely with government bodies, law enforcement agencies, and industry experts, in compliance with applicable privacy laws. Should you suspect a criminal incident, we recommend seeking assistance from the relevant law enforcement authorities. We have robust policies and procedures in place to protect personal and corporate information from unauthorised disclosure.
When reporting a sensitive incident, please clearly indicate its nature, for example by including the label "SENSITIVE" in the subject line of your email. If possible, encrypt your communication for enhanced security.
For secure communication, standard precautions should be observed. This includes communicating with or through previously trusted and listed/accredited teams (TI) and utilizing PGP for secure communication.
CERT-SC will support IT security teams in managing both technical and organizational aspects of incidents. Specifically, it will offer guidance and assistance concerning the following facets of incident management:
5.1.1 Incident Reporting and Tracking
· Establishing a centralized reporting mechanism for incidents.
· Tracking and documenting incident data for trend analysis and reporting.
5.1.2. Incident Triage
Investigating authenticity of an incident.
Evaluating and assigning priority to the incident.
5.1.3. Incident Coordination
· Centralized coordination of incident response activities within Seychelles.
· Identifying facilitation of communication and collaboration among affected entities.
· Coordinating communication with other parties, including potential engagement with law enforcement, as required.
Requesting and compiling reports, contingent on the involved organizations, incident type, and severity.
5.1.4. Incident Resolution
Providing guidance to the concerned organization(s) on suitable measures.
Monitoring the progress of the incident resolution process.
· Dissemination of timely and relevant threat intelligence to organizations.
· Collaboration with international CERTs and sharing of global threat information.
5.2.2 Training and Awareness
· Conducting training sessions for governmental organizations and the public on best practices while using the internet.
· Raising awareness about emerging threats and cybersecurity hygiene.
5.2.3 Incident Response Exercises
· Conducting simulated incident response exercises to test the readiness of organizations.
· Evaluating and refining incident response plans based on exercise outcomes.
5.2.4 Collaboration with industry stakeholders and international CERTs
Establishing strategic partnerships and fostering collaboration with industry stakeholders and international Computer Emergency Response Teams (CERTs) to enhance collective cybersecurity efforts and ensure effective response mechanisms on a global scale
5.2.5 Alert CIIs of discovered threats
Delivering precision-targeted alerts tailored to critical sectors, ensuring timely and relevant notifications to enhance situational awareness and fortify the resilience of key infrastructures.
Incidents can also be reported at https://cert-sc.sc/report-a-cyber-incident/
While due diligence will be exercised in the preparation of information, notifications, and alerts, CERT-SC disclaims any responsibility for errors or omissions. CERT-SC shall not be liable for any damages arising from the use of the information contained within.