Document Version: 1.0
Document Date:    2025-04-05

1. Document Information
------------------------
1.1  Title:
     Novalytics CERT – RFC 2350 Profile

1.2  Author:
     Novalytics CERT

1.3  Document Version:
     1.0

1.4  Document Date:
     2025-04-05

1.5  Distribution List for Notifications:
     Updates to this document will be announced at:
     https://www.novalytics.co.uk/.well-known/RFC2350.txt

2. Contact Information
-----------------------
2.1  Name of the Team:
     Novalytics Computer Emergency Response Team

2.2  Short Name:
     Novalytics CERT

2.3  Address:
     Novalytics Limited  
     2 Irish Town  
     Gibraltar, GX11 1AA  
     Gibraltar  
     Company Number: 125038

2.4  Time Zone:
     Europe/Gibraltar (UTC+1 / UTC+2 in DST)

2.5  Telephone Number:
     Not provided

2.6  Facsimile Number:
     +350 2162 8955

2.7  Other Telecommunication:
     Not provided

2.8  Electronic Mail Address:
     CERT@novalytics.co.uk

2.9  Public Keys:
     PGP key available upon request. Contact CERT@novalytics.co.uk
     to obtain the current key.

2.10 Team Members:
     Information withheld for privacy and security.

2.11 Operating Hours:
     09:00–17:00 Monday to Friday (Gibraltar time), excluding Gibraltar
     public holidays.

2.12 Emergency Contact:
     Please include “URGENT” in the subject line of the email to
     CERT@novalytics.co.uk.

3. Charter
----------
3.1  Mission Statement:
     Novalytics CERT coordinates responses to cybersecurity incidents
     affecting Novalytics Limited. The team receives, analyses, and
     responds to incidents and vulnerability disclosures.

3.2  Constituency:
     All systems, services, data, and personnel under the responsibility
     of Novalytics Limited.

3.3  Sponsorship and/or Affiliation:
     Novalytics CERT is a function of Novalytics Limited.

3.4  Authority:
     The team operates under the authority of Novalytics Limited
     senior leadership.

4. Policies
-----------
4.1  Types of Incidents and Level of Support:
     Novalytics CERT handles all incident types impacting Novalytics,
     including, but not limited to, malware, phishing, data breaches,
     and vulnerabilities.

4.2  Co-operation, Interaction, and Disclosure of Information:
     Novalytics CERT co-operates with trusted partners, vendors, and law
     enforcement under responsible disclosure and minimal disclosure
     principles.

4.3  Communication and Authentication:
     Encrypted communication is encouraged. PGP key available upon
     request. Instructions and key will be provided upon first contact.

5. Services
-----------
5.1  Incident Response:
     - Incident triage
     - Coordination and containment
     - Recovery and lessons learned

5.2  Proactive Services:
     - Security advisories
     - Vulnerability coordination
     - Awareness activities

6. Incident Reporting Forms
----------------------------
     Email CERT@novalytics.co.uk to initiate reporting. Secure transfer
     via pCloud – detailed instructions will be provided upon first
     response.

7. Disclaimers
--------------
     This document is provided “as is”. Novalytics CERT accepts no
     liability for any damages resulting from the use or misuse of the
     information contained herein.