FIRST Standards Committee


Effective, interoperable, and ubiquitous standards are a key element in FIRST’s mission, especially towards the pillar of “Global Language - Incident responders around the world speak the same language and understand each other’s intents and methods.” The systems that underpin our digital world are increasingly diffuse and cross-border in nature, hence we need effective standards to increase public safety by supporting cross-border incident response coordination. Effective, understandable, reality-based standards serve to increase professionalization within the field of cybersecurity.

The FIRST standards committee brings together people from around the world, all experienced with technical standards development, able to bridge between the FIRST community and exterior standards bodies. This committee provides a single point of contact for external standards bodies to be able to perform a reality check, to avoid the outcome that we as practitioners become liable for conforming to non-working, ineffective, conflicting, and/or outdated standards. This committee serves as a resource for the FIRST SIGs to help increase the quality, visibility, and uptake of FIRST standards.


  1. Provide a single point of contact for FIRST SIGs seeking guidance in their standards-defining work.
  2. Provide a clearly defined path for FIRST standards to be formally recognized by external standards development organizations, and to help drive more effective adoption of FIRST's own cybersecurity standards.
  3. Define mechanisms and policies to provide a trusted contact point for handling potential vulnerabilities in FIRST standards.
  4. Establish (and strengthen existing) liaison relationships with external standards definition organizations to ensure that our collective real-world experience as cybersecurity professionals is reflected in key standards touching upon our work.
  5. Inform the FIRST community of emerging standardization efforts likely to impact upon our work, and to serve as a conduit for the FIRST community to provide feedback on draft standards being developed externally.


  1. Recurring community calls
  2. Regular standards updates communicated to the FIRST teams list
  3. Standards development policies, templates, procedures for FIRST SIGs
  4. Maintaining formal liaison relationships with external SDOs

Initial chairs

Name Team affiliation
Trey Darley Accenture
Brian DeWyngaert CISA
Jason Keirstead Liaison
Warren Kumari Google
Shawn Richardson NVIDIA

Initial members

Name Team affiliation
Carlos Alvarez ICANN
Vinay Bansal Cisco Systems
Vilius Benetis NRD CIRT
Trey Darley Accenture
Brian DeWyngaert CISA
Alexandre Dulaunoy CIRCL
Jean-Robert Hountomey Liaison
Aaron Kaplan Liaison
Jason Keirstead Liaison
Koichiro "Sparky" Komiyama JPCERT/CC
Warren Kumari Google
Peter Lowe Liaison
Art Manion Liaison
Tom Millar CISA
Damir "Gaus" Rajnovic Panasonic CSIRT EU
Shawn Richardson NVIDIA
Desirée Sacher-Boldewin Liaison
Jonathan Spring CISA
Thomas Schreck Liaison
Laurie Tyzenhaus CERT/CC
Jeroen van der Ham Liaison