Message from the Chair

It has already been three months since the successful Copenhagen FIRSTCON25 took place. If you want to get access to over 40 of the TLP-CLEAR presentations, they are available online. For those who attended, I hope you pinged back to those you met, and that you already knew before. Since FIRSTCON22, I noticed an increase in the number of attendees that were "Happy to be there" - as in the tag I boast almost every year.

If you met new faces, especially if they were newbies, please check whether they are on our Slack workspace, and if not, please help them to join. The wider our community, the better.

Since Copenhagen, FIRST events already took place in September and many more are already scheduled as you can see at the bottom of this quarterly newsletter. Let's cast some light on them.

Please take some time to bookmark your calendars with the different types of FIRST events:

  • A FIRST Symposium is a regional themed event that is run by FIRST or co-hosted with a local team(s) and sponsors. At least 2 have already been scheduled between now and FIRSTCON26.

  • A FIRST Technical Colloquium (TC) is hosted and managed by a local team or jointly with regional CSIRTs. After the successful 2025 Vulnerability Forecasting TC that took place in Cambridge, UK this September,r there are 4 more scheduled in the coming months, and we’re working on more.

  • Finally, we will have two conferences in April 2026: 'CVE/FIRST VulnCon 2026 & Annual CNA Summit' in Scottsdale, US, and '2026 Cyber Threat Intelligence Conference' in Munich, DE.

FIRST and the events teams are working hard all year long to organize such events in as many regions as possible, and we are close to covering all of them again.

FIRSTCON26 is obviously far from being the only place to meet other FIRST members - or not yet members - and as with any other year, there are over a dozen events that are already scheduled. So many opportunities to share face-to-face and liaise with peers representing a wide spectrum of Incident Responders, CTI specialists, Vulnerability gurus, SIG enthusiasts, and regional communities.

You’ll know that we are strong believers in the SIM3 maturity model. Attending community events – and providing feedback to your team members – can be found in various parameters: O-10 (Participation in CSIRT Systems), H-7 (External Networking), and P-17 (Peer Collaboration Process).

Only one – H-7 – is part of the FIRST Membership Baseline to join our organization, but all three parameters help improve YOUR maturity!

Side note. Generative AI tend to add bits of sentences between dashes - like this. I for one have done so for decades ago, a (bad) habit I have also in French - using commas. However, I can assure you that yours is the one and only who wrote this "Message from the Chair".

It’s Olivier-powered, no Gen-AI inside :-)