The FIRST Virtual Symposium for Latin America and Caribbean Regions will be held online on October 14-15, 2021, co-located with LACNIC 36 and co-hosted by CERT.br – NIC.br. October 14 will host the plenary with trainings being held on October 15th.
Attendees are expected to be comprised of FIRST members, CSIRTs from the Latin American and Caribbean Region that are not members yet, plus network operators and security professionals from the LAC region.
There is no fee to participate.
FIRST Symposium Plenary Sessions
FIRST Symposium Training
|FIRST Symposium Plenary Sessions|
|14:00 – 14:05|
|14:05 – 14:30|
Shadowserver Services and Activities in the Latin America and Caribbean Region
Piotr Kijewski (Shadowserver, PL)
|14:30 – 14:55|
The Closed Resolver Project: Measuring the Deployment of Source Address Validation of Inbound Traffic and Notifications
Dr. Maciej Korczynski (Grenoble Alpes University, FR)
|15:05 – 15:30|
Presentación del CSIRTNQN (Presented in Spanish; Translation Available)
MSc V. Figueroa, Seguridad de la Información (Neuquén Gov, AR)
|15:30 – 15:55|
Estudio de Protocolos Que Permiten Ataques DDoS en la Región LAC (Presented in Spanish; Translation Available)
Guillermo Pereyra (CSIRT LACNIC, UY); N. Macia y P. Venosa (CERT UNLP, AR)
|15:55 – 17:00|
|17:00 – 17:25|
An Exclusive Botnet Threat Update, Live with Spamhaus
Fabricio Pessoa (Spamhaus, BR); Matthew Stith (Spamhaus)
|17:25 – 17:50|
Sharing Information When Your World is on Fire
Margrete Raaum (KraftCERT – KraftCERT/InfraCERT - Norwegian ICS, NO)
|17:50 – 18:05|
|18:05 – 18:30|
Experiencias y Resultados de la Red de Sensores IoT @LAC (Presented in Spanish; Translation Available)
Ing. Paul F. Bernal B., MSc. (CSIRT CEDIA, EC)
|18:30 – 18:55|
Phishers Meets Devops (Presented in Spanish; Translation Available)
Iván Hernández (CSIRT CSIETE, CO)
|18:55 – 19:05|
|19:05 – 19:30|
Standardizing Incident Handling and Response with ISO27035 (Presented in Spanish; Translation Available)
Pablo Barrera (ES Consulting, GT)
|19:30 – 19:55|
Aplicando Mejora Contínua en el Proceso de Gestión de Incidentes de Nuestro CSIRT (Presented in Spanish; Translation Available)
Nicolás Macia, Paula Venosa (CERT UNLP, AR)
|FIRST Symposium Training|
|14:00 – 17:00|
SIM3 Modelo de madurez de CSIRTs (held in Spanish only)
Ernesto Pérez Estévez, Ing. Paul F. Bernal B., MSc. (CSIRT CEDIA, EC)
Piotr KijewskiPiotr Kijewski (Shadowserver, PL)
Piotr is a member of The Shadowserver Foundation, a non-profit with a mission of making the Internet a more secure environment. He has a strong CSIRT background, previously working in incident response at a national level for 14 years in the CERT Polska (CERT.PL) team. He managed the team for nearly 7 years up until 2016, building up its various security data gathering and analysis projects as well as managing its anti-malware operations, including numerous botnet disruptions. Piotr is also a member of The Honeynet Project (where he also served as a Director) - a well-known and respected non-profit that is committed to the development of honeypot technologies and threat analysis.
October 14, 2021 14:05-14:30
Margrete Raaum (KraftCERT/InfraCERT - Norwegian ICS, NO)
Margrete Raaum is CEO for KraftCERT, the Norwegian CERT for energy, water&waste water and industrial control system industry. She has a background from IC design, computer networking and information security. She has woken with information security since 1998; for the ISP community, in academia, the Norwegian Security Authority, NorCERT and the grid- and transmission system operator. She was on the board of directors of FIRST (The Forum for Incident Response and Security Teams) for 8 years, serving as a chairman for 2 of these.
October 14, 2021 17:25-17:50
Ernesto Pérez Estévez (CSIRT CEDIA, EC), Ing. Paul F. Bernal B., MSc. (CSIRT CEDIA, EC)
Both run CEDIA's Incident Response Team and have many years of experience in the deployment of solutions based on Free Software, including several security related tools. They enjoy being able to exchange experiences and knowledge in the technical and cybersecurity area, with other teams and individuals of the area.
Short training in the Security Incident Management Maturity Model (SIM3). How to understand SIM3, and how to use it in real life to measure CSIRT maturity, target improvements based on the results, and keep a check on progress. Important applications of SIM3 like FIRST's new membership application programme, and the GCMF approach for national teams, will also be explained, including the use of free online tools.
October 15, 2021 14:00-17:00