As cybersecurity professionals, we are no strangers to unexpected events and chaotic schedules. We can easily get swept up in preventing or responding to the next big incident or tackling other items on our to-do list. For most, these are the things that attracted them to the field in the first place. However, if we’re not careful the things we like about our work environments can also have negative impacts on us. This is not going unnoticed as I have seen an uptick in articles and blogs reminding cybersecurity professionals how to avoid burnout and the importance of mental and physical health.
When FIRST started some 30 years ago, the Internet was little more than an exotic thing. It was mostly used by academics and engineers. Today, Internet technologies are the fastest growing segments of the global economy, so we are no longer in a purely technical space. States increasingly see the Internet as both an opportunity and a risk. Critical infrastructure, with all its vulnerabilities, is connected to the Internet. There is no doubt that our work is as important as ever. There is also no doubt that our work must be done on a global scale, in an increasingly polarised world. A few years ago, FIRST set out to have a team from every country in the world.
The FIRST Standards Committee has been meeting regularly since our last update. 12 March we had a call with updates on ISO topics by Laurie Tyzenhaus and an introduction to ETSI by Tony Rutkowski from the Center for Internet Security (CIS). 26 March we had an interesting call on "SCITT, SBOM, and the future of software supply chain security" featuring Roy Williams and Sarah Novotny from Microsoft, and Allan Friedman from CISA. 23 April we had a call with Murugiah Souppaya and Karen Scarfone from NIST to discuss the proposed changes in NIST Special Publication (SP) 800-61r3 (Revision 3) "Incident Response Recommendations and Considerations for Cybersecurity Risk Management”.
Having participated in almost every edition of the FIRST CTI conference since the first edition way back in 2016, it was thrilling to see how the event has grown and matured into a proper conference. It was apparent from the enthusiasm of the (over 300!) attendees that CTI is here to stay. There is a clear drive towards professionalization within the field in terms of defining frameworks, workflows, taxonomies, and KPIs. The impact of AI within the field of CTI was another favorite topic. Particularly exciting was the update from Aaron Kaplan, Jay Jacobs, Paolo Di Prodi, and Syra Marshall regarding the custom fine-tuned LLM for CTI use cases which has been co-developed within the CTI SIG, and which I understand will be launched publicly at the upcoming annual conference in Fukuoka. If you’re looking to increase your skills when it comes to CTI, this is an event you definitely don’t want to miss!
Thanks to all our participants as well as our great sponsor community for their terrific support!
FIRST welcomed a whopping 40 newcomers between February and April 2024: 25 teams, and 15 liaisons. They are based in Europe (19), North America (8), South America (6), Africa (2), Asia (4), and Oceania (1).
Congratulations to all of them, and thank you for all the primary and secondary sponsors who accompanied them. It is a real effort that is to be recognized. Stay tuned!
FIRST is happy to extend its membership to 1 new country, reaching 108 countries.
Get ready to join us for the 2024 FIRST Annual Conference, June 9-14 in Fukuoka, Japan!
The full program agenda for the conference is now published here! More than 70 sessions in 3 tracks during the course of 6 days will cover a wide range of topics.
If you have not registered for the event, please make sure to do so before the seat runs out.
We have been receiving a lot of interests and offerings from various sponsors and very much appreciate their kind support. The sponsorship teams for the conference are listed here.
For more details about the conference, please visit the website. If you have any questions, please contact events@first.org
Last year, we published the FIRST Diversity and Inclusion statement. One of the goals of Diversity and Inclusion in FIRST is that the speakers at our events reflect the diversity of our members.
This goal perfectly aligns with the Diana Initiative, whose vision is “to create a more inclusive information security industry”. They do this through organizing a diversity-driven annual conference in Las Vegas. FIRST has recently signed an MoU with them, making us a Community Partner, and will attend this year’s conference with at least one board member.
Check out the initiative on their website and LinkedIn, and if you are interested in a free ticket to this year’s conference, please reach out to the FIRST Secretariat.
Growth Stack Media has exceeded expectations in the first quarter, surpassing the set coverage goal and delivering outstanding results for FIRST.
Throughout the quarter, they secured an impressive 21 pieces of news coverage, elevating the profiles of our executive team and highlighting the expertise of our members and VulnCon speakers. Additionally, Growth Stack Media's efforts significantly contributed to the expansion of our social media presence, with a notable increase of 834 new followers on LinkedIn and 168 new followers on X.
We are happy to bring you some last updates from our SIGs before our next annual conference, such as the TLP SIG, and the NETSEC SIG.
Don't miss two captivating episodes of the FIRST Impressions Podcast, featuring speakers from the upcoming 36th annual FIRST Conference in Fukuoka, Japan.
In Episode 38, hosts Martin McKeay and Chris John Riley sit down with Megan Samford, VP Chief Product Security Officer at Schneider Electric Energy Management Division. Samford shares her expertise on the importance of a secure development lifecycle and introduces the groundbreaking concept of ICS for ICS.
Episode 39 features Georgy Kucherin from Kaspersky's Global Research and Analysis team, discussing the challenges of combating sophisticated mobile spyware like Pegasus and Operation Triangulation. Gain valuable insights into analyzing and adapting to evolving mobile threats.
Are you aware of the social network presence of FIRST? Our handle name is ‘firstdotorg’. Time to start following us if you haven’t done so.