Incident Response: Sharing to Win

We live in a digital era punctuated by security incidents affecting every letter in the "CIA" of computer security. Every day, there seems to be some news about sensitive data published somewhere on the internet, critical systems compromised, unavailability of services affecting millions of users and economic activities or vendor reports highlighting the increasing numbers of internet users affected by cyber crimes. To a certain extent, there are no signs of security incidents slowing down.

On the other hand, we also see people responsible for ensuring security–law enforcement agencies, security teams, vendors–tirelessly working together through new initiatives and responding faster to prevent and mitigate security risks. The question however is, are we doing it right? Or to some, what else can be done?

So join us in Bangkok for the 25th Annual FIRST Conference to learn from security practitioners on how they are collaborating and sharing threat intelligence to tackle security incidents. Learn valuable lessons from their successes or mistakes. Additionally, take this opportunity to bask in the cultural experience and heritage presented by the 'City of Angels'.

The Forum of Incident Response and Security Teams (FIRST) is a global non-profit organization dedicated to bringing together computer security incident response teams (CSIRTs) and includes response teams from over 240 corporations, government bodies, universities and other institutions spread across the Americas, Asia, Europe and Oceania. The annual FIRST conference provides a setting for conference participants to attend a wide range of presentations delivered by leading experts in both the CSIRT field and from the global security community. The conference also creates opportunities for networking, collaboration, and sharing technical information and management practices. The conference enables attendees to meet their peers and build confidential relationships across corporate disciplines and geographical boundaries. FIRST conference participants include not only CSIRT staff, but also IT managers, network and system administrators, software and hardware vendors, law enforcement representatives, security solutions providers, telecommunications organizations, ISPs, and general computer and network security personnel. The FIRST Annual Conference covers a broad range of security related topics such as (but not limited to):

• Advanced techniques in security incident prevention, detection and response
• Latest advances in computer and network security tools
• Shared views, experiences, and resolutions in the computer security incident response field
  

The conference runs from Monday through Friday with registration starting at 14:00 on Sunday and includes a Sunday evening welcome reception to kick off the week. Each day begins with a keynote address and is followed by one or more invited speakers. The presentations that follow - Special Interest Groups (SIGs) and panel sessions are split into three tracks:

1. Incident Response
2. Management
3. Technical

Features planned for this year's conference include:

• Specialist Tracks—increased focus on Incident Response, Management and Technical topics relevant to CSIRTs.
• Case Studies—lessons learned in dealing with real events, from discovery to remediation. Share practical experiences in dealing with cyber incidents along with the tools that provided most valuable.
• Special Interest Group (SIG) Meetings—providing a forum where FIRST members can discuss topics of common interest to the Incident Response community.
• Lightning Talks—Attendees are welcome to sign-up first-come, first-served and present to their peers in the main ballroom at scheduled times.
• Vendor Showcase—special Tuesday evening event showcasing FIRST vendors and attendees to network in a relaxed setting with beverages and appetizers.

The conference language is English.

Conference attire for 2013 is business casual.

You do not need to be a member of FIRST to attend the conference. Any individual with interest, involvement or responsibility in the field of incident response and computer security should attend. The conference will also be of interest to:

• Technical staff who determine security product requirements and implement solutions
• Policy and decision makers with overall security responsibility
• Law enforcement staff who are involved in investigating cyber crimes
• Legal counsel who work with policy and decision makers in establishing security policies
• Senior managers directly charged with protecting their infrastructure
• Government managers and senior executives who are responsible for protecting systems and critical infrastructures

Past conference participants have included CISOs, IR management, system and network administrators, software and hardware vendors, security solutions providers, ISPs, telecommunication providers and general computer and network security personnel.

FIRST conferences promote worldwide coordination and cooperation among Computer Security Incident Response Teams (CSIRTs). The conference provides a forum for sharing goals, ideas, information, and information on how to improve global computer security. The five-day event includes:

• Learn the latest security strategies in incident management
• Increase your knowledge and technical insight about security problems and their solutions
• Keep up-to-date with the latest incident response and prevention techniques
• Gain insight on analyzing network vulnerabilities
• Hear how the industry experts manage their security issues
• Interact and network with colleagues from around the world to exchange ideas and advice on incident response
• Earn up to 26 CPEs credits towards professional certifications