June 22-27, 2008
Hyatt Regency Vancouver
British Columbia, Canada
In conjunction with the 2008 FIRST annual conference in Vancouver, Canada, the CERT Coordination Center and the Forum of Incident Response and Security Teams (FIRST) jointly held the first-ever international competition honoring best practices and advances in safeguarding the security of computer systems and networks. The purpose of the contest was to honor experts worldwide who have developed best practices to prevent cyber attacks or mitigate attacks that are unfolding.
The 2008 contest focused on two fields of security activity—prevention and mitigation—under the banner "Protect," reflecting the first phase of a computer security incident response team's cycle of activity: Protect, Detect, Respond and Sustain. Preventive actions were defined as those that secure and fortify systems and networks, decreasing the chances of an attack against infrastructure. Mitigation involves changing the enterprise infrastructure to contain, eradicate or fix actual or potential malicious activity.
The Forum of Incident Response and Security Teams (FIRST) annual conference brings together computer security incident response teams (CSIRTS), Government officials, researchers, practitioners, system administrators, system programmers, and others interested in the latest advances in the field of computer system and network security. FIRST and the CERT Coordination Center will host a best practices contest during the 2008 FIRST annual conference in Vancouver, Canada. The purpose is to identify and share the CSIRT community's best practices in order to help organizations use methods that most effectively mitigate security threats globally.
All interested parties are encouraged to submit the best practices they use to improve and maintain a high standard of information security in the topic area Protect as described below. Submissions are due on April 30, 2008 11:59pm (U.S. Eastern Standard Time, UTC-5).
An evaluation committee will review the submitted best practices and give an award for the top two. FIRST and the CERT Coordination Center will present the awards during the 2008 FIRST annual conference.
The first place will be awarded with USD 5,000 (five thousand US Dollars), and the second place a USD 2,500 (twenty five hundred US Dollars) award.
The topic for this year's best practices contest is chosen from the operational activity cycle within CSIRTs. This cycle is typically divided into four categories: Protect, Detect, Respond, and Sustain. This year's topic will be focused on the Protect category.
The Protect process describes actions taken to prevent attacks from happening and to mitigate the impact of those that have already occurred. Preventative actions secure and fortify systems and networks. They decrease the likelihood of successful attacks against an organization's infrastructure. Such steps can include:
Mitigation involves making changes in the enterprise infrastructure to contain, eradicate, or fix actual or potential malicious activity. Such actions might include:
Teams may alter their organization's infrastructure based on process improvement changes and lessons learned from a postmortem review after they have handled an incident. These types of changes are made to prevent reoccurrence of the same or similar incidents.
Diamond Sponsor
Platinum Best Practices
Platinum / Geek Lounge
Gold
Network
Podcast
Polo Shirt
T-Shirt
Folder
Lanyard/Badge
Beer 'n Gear Sponsor
