FIRST released ethics guidelines to deepen trust among incident response teams

Calling for public consultation until end of January, 2020

December 19th, 2019 – As technology accelerates, it has become more important and more challenging to determine the right thing to do. The Forum of Incident Response and Security Teams (FIRST) has released a set of ethics guidelines for Incident Response Teams with the aim to develop more practical advice and support the incident response community. EthicsfIRST, Ethics for Incident Response and Security Teams, is a document developed by the FIRST Ethics Special Interest Group (SIG) that set expectations for FIRST teams and provide guidance to incident response teams worldwide.

EthicsfIRST is designed to inspire and guide the ethical conduct of all Team members, including current and potential practitioners, instructors, students, influencers, and anyone who uses cybersecurity in an impactful way. This framework includes principles formulated as statements of responsibility, based on the understanding that the public good is always the primary consideration. Each principle is supplemented by guidelines, which provide explanations to assist cybersecurity professionals in understanding and applying the principle.

The document is supported by diverse members of the FIRST community and thus far presented at national and international conferences, to empower security teams to handle difficult ethical situations in a confident and methodical manner. As technology diversifies, the risk from mishandling incidents increases, and cybersecurity professionals face growing ethical challenges. EthicsfIRST seeks to reinforce the duties of trustworthiness, coordinated vulnerability disclosure, authorization, team health, and recognition of jurisdictional boundaries, among others. It also furthers the professionalization of the FIRST community and its practitioners, increase the prominence of FIRST as a unique professional association for Security Incident Response Team members.

“Ethics guidelines help make incident response teams as a community more predictable, reliable and trustworthy. This initiative fits into FIRST’s wider goal of increasing trust between incident response teams, and between incident response teams and their constituencies. We welcome the feedback and discussion of ethical scenarios from other security teams,” stated Jeroen van der Ham and Shawn Richardson, Ethics SIG co-Chairs of FIRST.

The document is now available on the Ethics SIG page for public consultation. The security teams community is invited to provide input via e-mail to by end of January 2020.


Founded in 1990, the Forum of Incident Response and Security Teams (FIRST) consists of internet emergency response teams from more than 360 corporations, government bodies, universities and other institutions across 78 countries in the Americas, Asia, Europe, Africa, and Oceania. It promotes cooperation among computer security incident response teams. For more information, visit:

Media Contacts

Nicole Chan
Cred Communications Ltd
Tel: +852 9027 1404 | +852 2110 3519