FIRST in the News

FIRST Impressions Podcast featured in Feedspot Top 10 Incident Response Podcasts

Mon, 28 Aug 2023 00:00:00 +0000

FIRST Impressions Podcast has been selected as one of the Top 10 Incident Response Podcasts on the web.

The FIRST Impressions podcast brings you regularly scheduled content focused on discussions from across the incident response and security spectrum. Hosted by Chris John Riley and Martin McKeay, new episodes released first Friday of the month!

Need to prioritize security bug patches? Don't forget to scan Twitter as well as use CVSS scores

Wed, 19 Jan 2022 21:22:00 +0000

Organizations looking to minimize exposure to exploitable software should scan Twitter for mentions of security bugs as well as use the Common Vulnerability Scoring System or CVSS, Kenna Security argues.

#GlobalEthicsDay2020: New Security Incident Response Ethics Guidelines Released

Wed, 21 Oct 2020 00:00:00 +0000

New ethics guidelines for incident response and security teams have been released by the Forum of Incident Response and Security Teams (FIRST) to coincide with Global Ethics Day today. The document offers advice and recommendations for cybersecurity professionals on how they should conduct themselves in a professional and ethical manner when dealing with incidents.

FIRST Announces Cyber-Response Ethical Guidelines

Wed, 21 Oct 2020 00:00:00 +0000

The 12 points seek to provide security professionals with advice on ethical behavior during incident response.

The Forum of Incident Response and Security Teams (FIRST) has launched ethics guidelines for incident response and security teams. The group, consisting of Internet emergency response teams from 539 organizations worldwide, seeks to provide cybersecurity professionals with guidance on how to behave ethically during incidents.

FIRST launches new code of ethics for incident response and security teams on Global Ethics Day

Wed, 21 Oct 2020 00:00:00 +0000

Following a global consultation, the Forum of Incident Response and Security Teams (FIRST) is launching new ethics guidelines for incident response and security teams today on Global Ethics Day. ethicsfIRST provides guidance for cybersecurity professionals on how to conduct themselves professionally and ethically during incidents. Inspired by Earth Day, Global Ethics Day provides an opportunity for organizations to explore the meaning of ethics in international affairs

New code of ethics for cyber security professionals – Guidelines applicable for all sectors, including European NRENs

Tue, 14 Jan 2020 00:00:00 +0000

For the first time, and with input from Jisc, a code of ethics has been created for all professionals working in product and computer security incident response teams (PCIRTs and CSIRTs) in all sectors, including education and research. Cyber security and the important work of security incident response teams in keeping the Internet safe has never been more important and, as the security landscape changes, more is expected of experts working in this field.

Cybersecurity forum begins

Mon, 02 Dec 2019 00:00:00 +0000

The ‘FIRST Technical Colloquium 2019’, featuring two days of workshop and training programme began yesterday. It is organised by the Ministry of Transport and Communication (MoTC) in accordance with the National Cyber Drill (STAR-7) hosted by Doha ahead of the National Day celebrations.

Qatar pays special attention to cybersecurity

Mon, 02 Dec 2019 00:00:00 +0000

Qatar pays special attention to cybersecurity and protection of national vital information infrastructure as reliance on Information and communications technology (ICT) and internet is growing in the country, said Engineer Khalid Sadiq Al Hashimi, Assistant Undersecretary for Cyber Security Department at the Ministry of Transport and Communications (MOTC). He was speaking at the ‘FIRST Technical Colloquium 2019’ workshop which began yesterday. The two-day workshop is being attended by a large number of regional and international cyber security experts. FIRST (the Forum of Incident Response and Security Teams), is a premier organisation and recognised global leader in incident response.

Businesses must prepare to welcome Generation Alpha

Mon, 01 Jul 2019 00:00:00 +0000

Business Insider, July/August 2019

‘Largest-ever’ gathering of infosec specialists for five-day conference in Edinburgh

Mon, 17 Jun 2019 09:19:00 +0000

More than 1,100 web security specialists from over 80 countries will gather today for their ‘largest ever’ conference in Edinburgh – reflecting a growing interest in the coordination of responses to global hacking incidents.

Making Your Business Resilient to Data Breaches

Sat, 11 May 2019 00:00:00 +0000

A business can make a wide variety of cybersecurity investments, from prevention to incident response. It’s often challenging to determine the appropriate level of investment in each area, as each is important and contributes to an organisation’s resilience against cyber threats. Even when your business is too small to invest in a dedicated capability, there are steps you can take to bolster your organisation against an incident. Published in High Growth Scotland

FIRST Named Among Top InfoSec Networking Groups to Join

Wed, 01 May 2019 00:00:00 +0000

Digital Guardian, a comprehensive data protection platform with millions of deployments worldwide, securing the sensitive data of the world’s most inventive, influential companies. FIRST was named among “The Top 50 InfoSec Networking Groups to Join."

Tripwire names FIRST Annual Conference among top information security conferences of 2019

Thu, 03 Jan 2019 00:00:00 +0000

This five-day annual conference features incident response, management and technical tracks, keynote presentations, lightning talks and plenty of networking opportunities. In addition to learning the latest security strategies in incident management, attendees can earn up to 25 continuing professional education (CPE) credits and gain insight into analyzing network vulnerabilities.

Making it mandatory to declare data breaches

Mon, 02 Jul 2018 00:00:00 +0000

The Star — Malaysian newspaper The Star writes about the FIRST conference, data breach legislation, and quotes Gant Redmon of IBM Resilient and Datuk Dr Amirudin Abdul Wahab, CEO of Cybersecurity Malaysia.

The challenge of scaling up security for a whole country

Thu, 28 Jun 2018 00:00:00 +0000

Digital News Asia — An article about Martijn van der Heide of ThaiCERT, and his mission to secure a whole country through training, awareness, and developing support for critical infrastructure sectors via sectorial CERT teams. He presented his work at the 30th Annual FIRST Conference in Kuala Lumpur, Malaysia.

STC joins FIRST computer security network

Thu, 28 Jun 2018 00:00:00 +0000

Telecompaper — Saudi operator STC announced it has been admitted to the Forum of Incident Response and Security Teams (FIRST).

The importance of cooperation during a security response

Wed, 27 Jun 2018 00:00:00 +0000

Digital News Asia – The article covers Ben Ridgway’s presentation at the 30th Annual FIRST Conference in Kuala Lumpur, discussing the importance of cooperation during a security incidents.

FIRST security conference opens in Malaysia with a record attendance

Wed, 27 Jun 2018 00:00:00 +0000

Digital News Asia — The 30th annual conference of The Forum of Incident Response and Security Teams (FIRST) began on June 26 in Malaysia, boasting a record-breaking 829 attendees from 79 countries, including 55 from Malaysia from both the private and public sector. The articles quotes our Chair, Thomas Schreck, Christopher Painter, keynote speaker and Commissioner, Global Commission on the Stability of Cyberspace and Datuk Dr Amirudin Abdul Wahab, CEO of Cybersecurity Malaysia.

A Communion of Cyber Security Incident Responders at the 30th Annual FIRST Conference

Tue, 26 Jun 2018 00:00:00 +0000

Cybersecurity ASEAN – Cybersecurity ASEAN covered the 30th edition of our Annual Conference, quoting Chris Painter’s keynote on the importance of helping policymakers understand the work incident responders do.

FIRST Releases Training to Help Companies Respond to Product Security Vulnerabilities

Thu, 21 Jun 2018 00:00:00 +0000

ASEAN Tech & Sec – ASEAN Tech & Sec covers the release of FIRST’s training for Product Security Incident Response Teams (PSIRT).

Bahraini firm CTM360 gets FIRST membership

Wed, 18 Apr 2018 00:00:00 +0000

TradeArabia – CTM360 from Bahrain, announced being accepted into the Forum of Incident Response and Security Teams (FIRST).

Meet the Internet’s FIRST Responders to security emergencies

Tue, 10 Apr 2018 00:00:00 +0000

Internet Health Report 2018 – As a computer systems expert, Margrete Raaum in Norway has seen her fair share of cybersecurity incidents. When asked to recall a memorable one, the Oslo-based Raaum remembers an attack about four years ago on a high-performance computer facility serving several European universities.

Meet the Internet’s FIRST responders to security emergencies

Sun, 01 Apr 2018 00:00:00 +0000

As a computer systems expert, Margrete Raaum in Norway has seen her fair share of cybersecurity incidents. When asked to recall a memorable one, the Oslo-based Raaum remembers an attack about four years ago on a high-performance computer facility serving several European universities.

Why is Cyber Threat Intelligence Sharing Important?

Mon, 12 Feb 2018 00:00:00 +0000

The ever-accelerating flood of software vulnerabilities and innovative attack techniques leaves increasingly few organizations capable of defending themselves and safeguarding sensitive data in their care.

Information-sharing is a critical tool for network defenders because it allows them to avoid the missteps of their peers within the infosecurity community and to deploy proven defensive measures. Proactive information-sharing about attacks and defensive mitigations builds resilience across organizations participating within a given trust community, evolving herd immunity against attacks that others have seen within their own networks.

Kazakhstan launches Cyber Shield Project

Mon, 20 Nov 2017 00:00:00 +0000

Eurasia Daily Monitor – A priority of the Kazakhstan government’s “Cyber Shield” Project is to participate in the Forum of Incident Response and Security Teams (FIRST).

Can stakeholders find common ground on cybersecurity?

Thu, 02 Nov 2017 00:00:00 +0000

GPD’s executive director Charles Bradley talks to Gaus Rajnovic, chief financial officer and board member at the Forum of Incident Response and Security Teams (FIRST), and GPD’s Lead Strategist Matthew Shears, about multistakeholder approaches to cybersecurity.

Rate of data compromise revealed: 121 records per sec; defenders lagging

Fri, 22 Sep 2017 00:00:00 +0000

More data records have been breached in the first six months of 2017 than the whole of 2016. The Gemalto Breach Level Index reports that this amounts to an astonishing 121 records lost or stolen every second of every day.

Briefing: Cyberwar without end

Thu, 06 Jul 2017 00:00:00 +0000

Investment & Pensions Europe — Daniel Ben-Ami writes for IPE about how financial institutions are involved in a cyber arms race against criminals. He notes how many of these companies are members of the Forum of Incident Response and Security Teams.

Wie die Navy Seals des Cyberspace in einem verschlafenen Waadtländer Dörfchen gegen Viren kämpfen

Wed, 28 Jun 2017 11:07:00 +0000

Neue Zürcher Zeitung (German) — An article about our member Kudelski Security covers how FIRST helps assist individual security teams during major cyber attacks, such as an internet worm.

Global Forum Empowers Incident Response Teams to Fight Emerging Security Threats by Sharing Information and Expertise

Tue, 27 Jun 2017 00:00:00 +0000

HostingAdvice — Laura Stamey of HostingAdvice published an article interviewing Board Members Serge Droz and Maarten Van Horenbeeck on their involvement in FIRST. It covers important initiatives, special interest groups, the Suguru Yamaguchi Fellowship Program, and how FIRST helps support a safer internet.

Ciberterrorismo: problema global de contexto local

Tue, 27 Jun 2017 00:00:00 +0000

CaribbeanBusiness (Spanish) — Augustin Criollo Oquero of CaribbeanBusiness interviews Héctor Martínez of local host GM Security Technologies about the FIRST conference in Puerto Rico, and how security is a global problem with a local context.

Millonario impacto de FIRST en la Isla

Tue, 13 Jun 2017 00:00:00 +0000

El Vocero (Spanish) — José Carmona of El Vocero speaks with Derek Manky of Fortinet, a long standing FIRST member, and Margrete Raaum, Chair, about the FIRST conference and its visit to Puerto Rico.

Trump's Saudi pivot is a golden opportunity in terror fight

Thu, 08 Jun 2017 05:00:00 +0000

CNN — Barak Seener writes about a NATO-style Islamic Military Counter Terrorism Coalition of 41 Sunni states, and how it plans to reach out to the Forum of Incident Response and Security Teams to cooperate on its response to cyber-attacks.

Puerto Rica será sede de un foro mundial de seguridad informática

Fri, 02 Jun 2017 18:57:00 +0000

El Nuevo Dia (Spanish) — El Nuevo Día writes about our announcement of holding the FIRST conference in San Juan, Puerto Rico. Over 700 security experts from 68 countries are expected to participate.

FIRST conference focuses on handling security breaches

Thu, 01 Jun 2017 00:00:00 +0000

News is my Business — A local Puerto Rican business outlet writes about the FIRST conference, quoting Margrete Raaum and Maarten Van Horenbeeck of FIRST, and our local host, Héctor G. Martínez of GM Security Technologies.

Egypt conducts assessment for UG-CERT to obtain FIRST membership

Sun, 19 Mar 2017 00:00:00 +0000

The Ministry of Communications and Information Technology of the Arab Republic of Egypt announces they are visiting UG-CERT headquarters in Kampala on March 20th-22nd to conduct a FIRST site visit

Energy Sector and Incident Response

Wed, 01 Mar 2017 00:00:00 +0000

European CIIP Newsletter – FIRST Chair Margrete Raaum describes how FIRST as an international umbrella organization connects incident responders worldwide, and how it can benefit the European energy sector.

These Arab Hackers Want To Make America Safe Again — Will Trump Let Them?

Tue, 07 Feb 2017 00:00:00 +0000

Forbes - "FIRST.org is one example among many other professional associations of cyber defenders that now struggle with holding technical conferences in the wake of the immigration ban uncertainty," said Katie Moussouris, founder and CEO of Luta Security in an interview with Forbes.

Principales retos en ciberseguridad para 2017

Mon, 23 Jan 2017 00:00:00 +0000

One Magazine (Spanish) – Valencia hosts the TF-CSIRT and FIRST conference, bringing together representatives of the most important centers for the protection of international cybersecurity.

Guidelines and Practices for Multi-Party Vulnerability Coordination Open to Review

Fri, 20 Jan 2017 00:01:00 +0000

Cisco Blogs – Omar Santos of Cisco describes the release of the Guidelines and Practices for Multi-Party Vulnerability Coordination, released by the FIRST Vulnerability Coordination SIG.

Scoring Cisco Security Vulnerabilities with CVSSv3

Thu, 19 Jan 2017 00:00:00 +0000

Cisco Blogs – Omar Santos of Cisco describes the value of using CVSSv3 to score security advisories that address security vulnerabilities in Cisco software

2017 predictions: US isolationism, DDoS, data sharing

Thu, 29 Dec 2016 19:00:00 +0000

ITProPortal — Without a doubt, 2016 was the year of the DDoS. The year came to a close with a major DDoS attack on DNS provider Dyn, which took down several major internet sites on the Eastern US seaboard. This attack was different - not so much in terms of its volume or its technique, but in the fact that instead of being directed at its intended target, it was targeted at network infrastructure used by the target.

Hackers expect replies, not rewards, for finding bugs

Fri, 16 Dec 2016 00:00:00 +0000

Fedscoop – Shaun Waterman of Fedscoop covers a project of FIRST members and the NTIA to describe vulnerability coordination scenarios and corresponding patterns of communication.

Valencia se convertirá en capital mundial de la ciberseguridad en 2017

Mon, 14 Nov 2016 00:00:00 +0000

Levante El Mercantil Valenciano (Spanish) – Article describes how Valencia will become the world capital of cybersecurity in 2017, as TF-CSIRT and FIRST converge on the city to organize a symposium from January 23rd through 25th.

Egypt takes growing cyber threat more seriously

Thu, 03 Nov 2016 00:00:00 +0000

ITWeb Africa – Article describes the 5th Regional Cybersecurity Summit in Egypt, and mentions training FIRST has organized together with the government of Egypt.

4SICS: making cyber-threat intel work better for ICS pros

Fri, 28 Oct 2016 00:00:00 +0000

SC Magazine UK – Thomas Schreck and Margrete Raaum of the FIRST boardy told an audience at 4SICS 2016, co-organized by FIRST, on why cyber-threat intelligence plays an important part in information sharing in the energy industry.

Cybersecurity Measures, A Raw “Fort” ~ Struggling to set up CSIRTs within an organization

Mon, 12 Sep 2016 00:00:00 +0000

Yomiuri (Japanese) – The Yomiuri Shimbun explores computer security incident response teams in private business, and puts a spot light on human resource development in this particular field in an interview with board members Pete Allor, Damir Rajnovic and Thomas Schreck.

New findings in the field of information security announced by international researchers

Sun, 28 Aug 2016 00:00:00 +0000

Iranian Students News Agency (Farsi) – Thirteenth International Conference on Information Security and Cryptography (ISCISC2016) to take place at Shahidh Beheshti University in Tehran features a keynote and Incident Response workshop by FIRST Board member Maarten Van Horenbeeck.

Security Conferences Abound: Which Should You Attend?

Fri, 26 Aug 2016 00:00:00 +0000

SecurityIntelligence.com – FIRST conference one of nine “conferences worthy of consideration for the security leader or CISO, security professional and operational business leader.”

Should encryption software be banned?

Fri, 26 Aug 2016 00:00:00 +0000

Network Security Journal – FIRST Board member Serge Droz comments on why encryption technology often gets a strong response from governments.

NCCIC team wins 1st place at FIRST conference in Seoul

Mon, 15 Aug 2016 00:00:00 +0000

NCCIC Monitor Newsletter – The newsletter of the US Industrial Control Systems CERT describes how their team won first place in the annual Dragon Research Group FIRST Challenge at the 28th Annual FIRST Conference in Seoul.

Bringing something new to the table

Tue, 05 Jul 2016 00:00:00 +0000

SCMagazine.co.uk – Kate O’Flaherty asks what the information security industry can do to encourage more women to join the sector. FIRST Chair, Margrete Raaum, responds.

Cutting edge global security issues: from a FIRST perspective

Tue, 21 Jun 2016 00:00:00 +0000

BoanNews (Korean) – FIRST Board members Damir Rajnovic and Maarten Van Horenbeeck are interviewed on how FIRST builds a global information security community, and how Korea contributes.

How to balance between new industries and security? FIRST: “Incentive should come first”

Sun, 19 Jun 2016 00:00:00 +0000

DigitalDaily (Korean) - FIRST Chair Margrete Raaum and Maarten Van Horenbeeck discuss the incentives that help industry innovative while still designing security controls, and how FIRST contributes.

“Even a four year old can hack into your computer”

Tue, 14 Jun 2016 00:00:00 +0000

Yonhap News (Korean) – FIRST Board member Katherine Gagnon is interviewed about her experience working in security, and on the risk of smart home and smart car threats.

KISA hosts the world’s biggest cyber security forum in Korea

Tue, 24 May 2016 00:00:00 +0000

Digital Times (Korean) – Margrete Raaum, Chair of FIRST, and Kee-Seung Baik, President and CEO of the Korea Internet & Security Agency, discuss the forthcoming FIRST conference in Seoul, Korea from June 12th – 18th.

How Cyberspace Is at the Leading Edge of Global Change

Thu, 25 Feb 2016 00:00:00 +0000

The Diplomat – Bruce McConnel describes FIRST as a potential model for the intermediating role of institutions and organizations of addressing emerging risk.

Cyberthreat info-sharing on the rise: Fortinet expert

Thu, 03 Dec 2015 00:00:00 +0000

DigitalNewsAsia – Fortinet security expert Derek Manky discusses working with FIRST for about four years, setting up non-commercial intelligence exchange with appropriate stakeholders.

Interview by Egyptian security magazine BlueKaizen about FIRST

Mon, 16 Nov 2015 00:00:00 +0000

BlueKaizen – an interview with Maarten Van Horenbeeck, former chair and Board member of FIRST, discussing the benefits for an organization to join, and how the organization contributes to dealing with complex security incidents.

Government committed to tackling cyber security

Fri, 02 Oct 2015 00:00:00 +0000

Ghana News Agency – FIRST and AfricaCERT organize a two-day training workshop and regional symposium on cyber security on the team, “Joining Forces to Promote Cyber Security in Africa”.

20 anos CGI.br: Funcionalidade, Segurança e Estabilidade

Thu, 17 Sep 2015 00:00:00 +0000

CGI.br – A video of former Board member Yurie Ito and Board member Maarten Van Horenbeeck discussing functionality, security and stability of the internet.

Futuro conectado pode comprometer segurança na rede

Sun, 16 Aug 2015 00:00:00 +0000

Estadão (Portuguese) – FIRST Board member Maarten Van Horenbeeck is interviewed on the impact of security vulnerabilities on an ever growing and more interconnected internet.

IT-Sicherheitskonferenz FIRST: Ohne Vertrauen geht nichts, aber das Vertrauen geht

Thu, 18 Jun 2015 00:00:00 +0000

Heise (German) – 27th annual FIRST conference, keynoted by German Federal CIO Cornelia Rogall-Grothe takes place in Berlin, discusses how to improve security of computer networks.

Coordinating Attack Response at Internet Scale

Thu, 12 Mar 2015 00:00:00 +0000

CircleID — This article in CircleID covered how the Internet Society and the Internet Architecture Board developed and hosted a one-day “Coordinating Attack Response at Internet Scale (CARIS) Workshop” at the FIRST Conference in Berlin, June 19th of 2015.

OAS Organizes Training Course for Computer Security Incident Response Teams (CSIRTs) in the Americas

Mon, 09 Mar 2015 00:00:00 +0000

TheBahamasWeekly – The Organization of American States, FIRST and GEANT Association organize a training course on Computer Security Incident Response Teams focused on technical CSIRT staff of Dominica, the Dominican Republic, Honduras, Nicaragua, Saint Kitts and Nevis, Suriname and Trinidad and Tobago

FIRST Standards to clean up messy CERTs

Mon, 20 Oct 2014 00:00:00 +0000

The Register – An interview with FIRST board member Pete Allor describing how FIRST is spearheading a global standards effort to unify the operations of security incident response teams.

Microsoft introduces Interflow: Sharing cybersecurity threats in near real-time

Mon, 23 Jun 2014 00:00:00 +0000

NetworkWorld — Article by Networkworld about Microsoft launching Interflow, a new platform for sharing cybersecurity threats in near real-time, at the 2014 FIRST Conference in Boston.

Cooperation is key to Africa’s security future

Mon, 30 Dec 2013 00:00:00 +0000

SC Magazine UK – Opinion piece by FIRST Chair, Maarten Van Horenbeeck, discussing the need for the wider community to help Africa build information security and incident response capability.

Meet the man who’ll TAKE OVER if UK faces CYBER ATTACK

Fri, 22 Nov 2013 00:00:00 +0000

The Register – An article by John Leyden about former FIRST Chair Chris Gibson, and his new role in the United Kingdom’s government.

Least developed countries are vital for global security

Thu, 06 Jun 2013 00:00:00 +0000

The Guardian – FIRST Chair, Chris Gibson, discusses the need for the information security community to help support incident response capacity building in the group of Least Developed Countries (LDCs).

Why cyber crime remains a growing business?

Wed, 20 Mar 2013 00:00:00 +0000

CIO Asia — Derek Manky, in a guest post on CIO Asia, describes how FIRST is one of the best examples of an international body that encourages information sharing between public and private sector.

Why Cybercrime remains big business – and how to stop it

Fri, 01 Feb 2013 00:00:00 +0000

Forbes – Derek Manky of Fortinet describes FIRST as one of the best examples of information sharing, and how it helps address cyber security problems through collaboration.

Enough defense: Is it time for an IT security offense?

Wed, 18 Jan 2012 00:00:00 +0000

In an interview with George V. Hulme, David Mortman of Securosis recommends joining FIRST, flagging the immediate benefit of the connections a new member makes. “Should something happen, you know who to call”, he says.

Steps on constructing a CSIRT for Incident Response

Wed, 25 Mar 2009 00:00:00 +0000

IT Media (Japanese) — Article in Japanese discussing the development of incident response teams and the value of participating in the cyber security community.

Qualys announces support for vulnerability rating methodology

Wed, 07 Dec 2005 00:00:00 +0000

Networkworld – Ellen Messmer of Networkworld writes about how Qualys services will now start supporting the Common Vulnerability Scoring System (CVSS), stewarded by FIRST.

Between phishers and the deep blue sea

Mon, 18 Jul 2005 00:00:00 +0000

ZDNet — Dawn Kawamoto quotes Gavin Reid of FIRST, who discusses what companies should do to build better industry relationships, and how they can better protect themselves from internet threats. He notes how trade and international groups are working to bridge the gap in fighting cybersecurity threats on a worldwide basis.

Information security management: leading information security associations

Tue, 20 Jul 2004 00:00:00 +0000

Networks Asia — Al Berg describes five leading information security associations, a list which includes FIRST. He notes how FIRST focuses on bringing together information security incident response teams to share best practices, experiences and information.

Network Security: A New Virtual Foot Soldier Against Cyberterrorism

Wed, 03 Apr 2002 00:00:00 +0000

SC Magazine — Joseph Vaughn-Perling writes about network security, and in particular how FIRST is a valuable organization to join for strong internal security groups.