This document contains a description of Botswana CIRT (Bw-CSIRT) accordance to RFC2350. It provides basic information about Bw-CSIRT, its channels of communication, services and its role and responsibilities.
This is version 2.0, published 08-11-2022
There is no distribution list for notification as of November 2022
This document has been digitally signed by Emmanuel Thekiso, The Head of Bw-CSIRT
08 November 2022
This document is valid until superseded by a later version
Botswana National Computer Security Incident Response Team
Botswana Communications Regulatory Authority,
Plot 50671, Independence Avenue,
Greenwich Mean Time (GMT+2), in Central Africa Time Zone (CAT)
+267-3685548, +267 3929960, +267-3957755
For notifications and operational matters, please contact us at: Email address: Info(@)cirt.org.bw, and for incident reporting email : ticket(@)cirt.org.bw.The email address is monitored by duty officers during hours of operations .
PGP key ID
PGP Key Fingerprint
DAF5 2A67 B39E C7F7 F7E8 53F2 8A7F 14F8 8801 2C52
Please use this key when you want/need to encrypt messages that you send to Bw-CSIRT
The head of Bw-CSIRT is Emmanuel Thekiso. Information about other team members is available by request.
- General information about Bw_CSIRT is available at https://www.cirt.org.bw
- Bw-CSIRT is a member of AfricaCERT .
- Bw-CSIRT complies with the CSIRT Code of Practice
- Bw-CSIRT supports the use of the Information Sharing Traffic Light Protocol
Our days of operation are from 07:30 to 17:00 GMT+2 on business days Monday to Friday. We may operate out of these hours and days in case of emergency only.
Emergency Cases: If it's not possible to use e-mail, please call the hotline number +267-73111260 and +2673685548
The Bw-CSIRT mission is to create, maintain, and promote the adequate capabilities for Botswana to respond to cyber threats and to protect its national critical information infrastructures. The scope of our activities covers prevention, detection, response, and recovery.
We operate according to the following key values:
- The highest standard of ethical integrity
- High degree of service orientation and operational readiness
- Fostering culture of openness within a protected environment
- Exchange of good practices among our constituents and our peers
- Effective responsiveness in case of cybersecurity incidents and emergencies at the highest level
The Constituency of Bw-CSIRT is basically all economic sectors of Botswana as stated in the National Cybersecurity Strategy. Note that usually no direct support will be given to end users; they are expected to contact their ISPs system administrators, network administrators for assistance
Bw-CSIRT is an independent organization under the Ministry of Communications, Knowledge, and Technology.
The team coordinates cybersecurity incidents on behalf of its constituency and has no authority reaching further than that. The team is however expected to make operational, non-obligatory recommendations in the course of their work. The implementation of such recommendations is not a responsibility of the team, but solely of those to whom the recommendations were made
All cybersecurity incidents will be given normal priority unless they are explicitly labelled EMERGENCY or URGENT. The Bw-CSIRT is committed to keep its constituents informed of potential vulnerabilities and existing threats before they are actively exploited. Special attention will be given to issues affecting critical infrastructure and designated operators
Bw-CSIRT highly regards the importance of operational cooperation and information sharing between CSIRTs and other organizations that may contribute towards or make use of the services. Bw-CSIRT cooperate with other organizations like the law enforcement agencies to protect the privacy of its constituency and stakeholders and operates within the laws of Botswana when disclosing information.
Bw-CSIRT protects sensitive information in accordance with the relevant policies, and in particular respects the sensitivity markings defined by the originators of information. The Bw-CSIRT uses the PGP encryption and signing for secure communication.
The Bw-CSIRT has adopted the use of FIRST CSIRT Services Framework  and provides assistance on prevention, detection, resolution and advice to its constituent on the following aspects of information security incident management
- Incident Response
- Incident triage
- Cyber threat intelligence
- Alerts and warnings,
- Incident detection and resolution
- Analyzing information security incidents
- Information security incident coordination
- Supporting crisis management
The Bw-CSIRT proactively advises its constituency regarding recent vulnerabilities and trends in cybersecurity and includes :-
- information dissemination
- Education and awareness raising
- Training in incident management
- Cooperating with other CSIRTs
- Threats Monitoring
- Announcement about existing vulnerabilities
- Technology Watch
- Assist with development of new CSIRTs
BW-CSIRT will always strive to react to incoming incident reports from humans within one business day. Due to current staffing levels this cannot be guaranteed, though. If you haven't received feedback to an incident report after two business days, we ask that you contact us again.
Incident reporting forms are not available. Please report security incidents via encrypted security(@)cirt.org.bw/ , When contacting us please provide at least the following
- Incident date and time (including time zone)
- Contact details, organizational information, name of a person, organizational name, and address, email address, telephone number
- Short summary of the incident/emergency /crisis and type of event
- The event/incident (e.g., which system produced the alert).
- Affected systems, Source IPs, ports, and protocols
- And any relevant information
While every precaution will be taken in the preparation of information, notifications, and alerts, BW-CIRT assumes no responsibility for errors or omissions, or damages resulting from the use of information contained within