Conference Overview

Vienna Rathausplatz - The Conference Banquet VenueDo yesterday's IT security governance models still apply, or will they lead to catastrophe? Can new analysis theories transform the world?

Join us in Vienna for the 23rd Annual FIRST Conference to reflect on the state of network security and address the modern challenges facing incident response, while enjoying the rich history and cultural heritage of the Imperial City.

The Forum of Incident Response and Security Teams (FIRST) is a global non-profit organization dedicated to bringing together computer security incident response teams (CSIRTs) and includes response teams from over 214 corporations, government bodies, universities and other institutions spread across the Americas, Asia, Europe and Oceania. The annual FIRST conference provides a setting for conference participants to attend a wide range of presentations delivered by leading experts in both the CSIRT field and from the global security community. The conference also creates opportunities for networking, collaboration, and sharing technical information and management practices. The conference enables attendees to meet their peers and build confidential relationships across corporate disciplines and geographical boundaries. FIRST conference participants include not only CSIRT staff, but also IT managers, network and system administrators, software and hardware vendors, law enforcement representatives, security solutions providers, telecommunications organizations, ISPs, and general computer and network security personnel. The FIRST Annual Conference covers a broad range of security related topics such as (but not limited to):

  • Advanced techniques in security incident prevention, detection and response
  • Latest advances in computer and network security tools
  • Shared views, experiences, and resolutions in the computer security incident response field

The conference is a five-day event running from Monday through Friday with registration starting at 14:00 on Sunday and includes a Sunday evening welcome reception to kick off the week. Each day begins with a keynote address and is followed by one or more invited speakers. The presentations that follow - Special Interest Groups (SIGs) and panel sessions are split into three tracks:

  1. Incident Response
  2. Management
  3. Technical

Features planned for this year's conference include:

  • Specialist Tracks—increased focus on Incident Response, Management and Technical topics relevant to CSIRTs.
  • Case Studies—lessons learned in dealing with real events, from discovery to remediation. Share practical experiences in dealing with cyber incidents along with the tools that provided most valuable.
  • Special Interest Group (SIG) Meetings—providing a forum where FIRST members can discuss topics of common interest to the Incident Response community.
  • Vendor Showcase—special Tuesday evening event showcasing FIRST vendors and attendees to network in a relaxed setting with beverages and appetizers.

The theme for the 2011 conference is Security Lessons: What Can History Teach Us?

The conference language is English.

Conference attire for 2011 is business casual.

Who Attends?

You do not need to be a member of FIRST to attend the conference. Any individual with interest, involvement or responsibility in the field of incident response and computer security should attend. The conference will also be of interest to:

  • Technical staff who determine security product requirements and implement solutions
  • Policy and decision makers with overall security responsibility
  • Law enforcement staff who are involved in investigating cyber crimes
  • Legal counsel who work with policy and decision makers in establishing security policies
  • Senior managers directly charged with protecting their infrastructure
  • Government managers and senior executives who are responsible for protecting systems and critical infrastructures

Past conference participants have included CISOs, IR management, system and network administrators, software and hardware vendors, security solutions providers, ISPs, telecommunication providers and general computer and network security personnel.

Who Attends?

FIRST conferences promote worldwide coordination and cooperation among Computer Security Incident Response Teams (CSIRTs). The conference provides a forum for sharing goals, ideas, information, and information on how to improve global computer security. The five-day event includes:

  • Learn the latest security strategies in incident management
  • Increase your knowledge and technical insight about security problems and their solutions
  • Keep up-to-date with the latest incident response and prevention techniques
  • Gain insight on analyzing network vulnerabilities
  • Hear how the industry experts manage their security issues
  • Interact and network with colleagues from around the world to exchange ideas and advice on incident response
  • Earn up to 26 CPEs credits towards professional certifications