diff --git a/SECURITY.md b/SECURITY.md
index b35604de249..2f786ed1a9e 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -1 +1,18 @@
+# Security Policy
+
+## Reporting a Vulnerability
+
+Please report (suspected) security vulnerabilities to security@intersectmbo.org. You will receive a
+response from us within 48 hours. If the issue is confirmed, we will release a patch as soon
+as possible.
+
+Please provide a clear and concise description of the vulnerability, including:
+
+* the affected version(s) of OSC-documentation,
+* steps that can be followed to exercise the vulnerability,
+* any workarounds or mitigations
+
+If you have developed any code or utilities that can help demonstrate the suspected
+vulnerability, please mention them in your email but ***DO NOT*** attempt to include them as
+attachments as this may cause your Email to be blocked by spam filters.
 See the security file in the [Cardano engineering handbook](https://github.com/input-output-hk/cardano-engineering-handbook/blob/main/SECURITY.md).