Vulnerabilities ... What's in a name? (again)
VulnCon 2026 came at a perfect time. Over the years, vulnerabilities have become a subject of choice.
Vulnerabilities are all over the press, social media, blogs, reports and ... our mailing lists, our messaging apps, discussions in our FIRST community. And vulnerabilities translate for most into CVEs. But some are not CVEs.
Can you walk us through your career background and how that experience brought you into the organization?
I started installing firewalls in the mid-1990s and looked at the logs... and I right away entered incident management! Long story short, I joined the emerging informal association of CSIRTs in France - aka InterCERT France - at the turn of the century, then TF-CSIRT, and FIRST in 2013 while joining French GovCERT, CERT-FR.
Building the infrastructure of trust — one open-source contribution at a time
Koen Van Impe is one of those community figures whose impact is greater than the sum of its visible parts. With over 20 years of experience in cybersecurity, Koen works as a freelancer specializing in threat intelligence, incident response and security operations, and is part of the core team behind the MISP project, the world's most widely used open-source platform for structured threat intelligence sharing. His profile as a FIRST member reflects a consistent track record of contribution to the global community of CSIRTs and response teams.
The launch of the United Nations Global Cybersecurity Mechanism (G-Mech) marks an important step toward more stable and continuous governance of cyberspace. Unlike previous processes, this new arrangement has been established as a permanent framework, with an organizational session that began in March 2026, a first substantive plenary next July, and dedicated thematic groups in December. Its structure combines general discussions in plenary with more focused exchanges in the Dedicated Thematic Groups, under the five well-established pillars of the framework for responsible State behaviour: threats, norms, international law, confidence-building measures, and capacity-building.
STP SIG White Paper published on the future of CERTs/CSIRTs/ISACs and their operating models
“This white paper, authored by AUSCERT, examines the rapid evolution of CERTs/CSIRTs/ISACs as the cyber threat landscape grows increasingly complex and interconnected. Originally created as technical response units, CERTs have since expanded into strategic institutions supporting national resilience, sectoral preparedness, and organisational cyber maturity. Rising regulatory pressures, globalised supply‑chain risk, and competition from commercial cybersecurity providers have reshaped expectations of CERTs, demanding both technical excellence and the ability to coordinate diverse stakeholders during high‑impact events, whilst maintaining sustainable operations.
FIRST CORE is excited to welcome the support of the Internet Society and Internet Society Foundation through the newly launched Common Good Cyber Fund (CGCF). As part of the initial pilot phase, the CGCF grant will bolster FIRST’s community and capacity building program to better support and grow our community training efforts.
As Chair of FIRST, I want to inform you about an upcoming adjustment to the annual membership fee for full members (teams). Starting with the 2027 membership year, and for the period 2027–2029, the fee will increase from 2,800 USD to 3,000 USD per year.
FIRST holds its Annual General Meeting (AGM) during the Annual Conference. The 2026 FIRST AGM will take place on June 15, 2026 22:00 UTC (16:00 MDT, local time) and will also be streamed for observation.
Group-IB hosted the FIRST Technical Colloquium in Paris, where cybersecurity experts challenged assumptions around modern cyber defense. FIRST Chair Olivier Caleff opened and moderated the event. The cybersecurity industry has been facing multiple parallel challenges in recent years. The pace at which cybercrime evolves is hard to match, but gatherings like FIRST provide a unique opportunity for the community to convene, reflect, and move forward together.
The 2026 FIRST Technical Colloquium in Bangalore brought together a group of security professionals and students for two days of practical learning, technical discussion, and community building on Cisco's campus on February 10-11, 2026. The event created space for attendees to exchange ideas, share lessons learned, and strengthen connections across the incident response community.
The 2026 FIRST Regional Symposium for Central Asia brought the global cybersecurity community to Tashkent, Uzbekistan over February 26-27, 2026, marking an exciting milestone for the organization. Hosted by UZCERT and INHA University in Tashkent, it was the very first regional symposium organized by the Forum of Incident Response and Security Teams (FIRST) in Central Asia, and it did not disappoint.
Growth Stack Media secured and tracked 120+ pieces of earned media coverage, generating more than 1M views of content for FIRST in Q1FY26 across notable publications including Fast Company, CSO, SC Media, and Infosecurity Magazine. You can view the full CoverageBook of articles here. This robust coverage reinforced FIRST's position as the authoritative voice in vulnerability management and global cybersecurity coordination.
May 5-6, 2026
Geneva (CH)
May 6-8, 2026
Victoria Falls (ZW)
June 14-19, 2026
Denver (US)
#FIRSTCON26
SAVE THE DATE!
August 24-26, 2026
Mexico City (MX)
#FIRSTMX26
SAVE THE DATE!
October 27-30, 2026
Nairobi (KE)