The first quarter of the new calendar year has been a busy one across FIRST programs. I would like to thank each of you for the various ways you have already contributed and plan to in the coming months. I recently had the privilege of speaking with several new member teams to learn more about their teams, what FIRST programs may be the most beneficial to them, as well as to identify ways their teams can contribute back into the FIRST community. These types of conversations do not require a lot of time but are mutually beneficial. I understand that we all have busy schedules, but if you are presented an opportunity to engage with new members, even if it is just to answer a question, I highly encourage you to take a moment to do so. These acts may seem small, but they are the building blocks of trust and collaboration.
The Board of Directors launched in March of this year the FIRST Strategy Framework. This initiative is designed to enhance the organization’s ability to achieve its mission and reinforce its position as a global leader in cybersecurity and incident response. A key component of this framework is the development of a three-year Strategic Plan, which will be updated every three years. This Strategic Plan will then serve as the foundation for a three-year Operating and Financial Plan, which will be updated annually. Furthermore, the Annual Budget and Operational Plan will be directly informed by these strategic and operating plans, ensuring that financial resources are allocated to support strategic objectives and operational priorities. This cohesive system aims to connect FIRST’s long-term vision with its annual operational and financial planning.
FIRST has welcomed 23 new members over the FIRST 3 months of 2025: 6 Liaisons and 18 Teams. The split is: 10 Teams from Europe, 2 from Asia, 2 from North America, and 2 from South America. Warm welcome to our new members!
SOC-SIG (Security Operations Center):
Security Operations Teams, do you wish there were more SOC-specific information for FIRST members? We have just launched a SOC-SIG to focus on the many challenges encountered by SOCs in their mission to defend networks and detect adversaries. SOC teams are inundated with data and charged with extracting threat indicators out of an onslaught of normal everyday network and system activity. Left unaddressed, these challenges can lead to the SOC team being slower to detect and respond to potential incidents, getting distracted with false positive or negative alerts, and being subject to analyst over exposure and alert fatigue.
As the global conversation around international law and responsible behavior in cyberspace grows, it is increasingly clear that this issue transcends the realm of diplomacy. It is no longer limited to political discussions but extends to the teams responsible for responding to cyber incidents. National CERTs/CSIRTs have a pivotal role in bridging the gap between international norms and practical cybersecurity measures. This article examines how these teams can contribute to the implementation of the United Nations norms for responsible behavior in cyberspace, ensuring that these norms translate into actionable steps that enhance global security.
Growth Stack Media achieved significant media presence for FIRST in Q1FY25, securing over 71 pieces of earned media coverage across global publications including Cyber Defense Magazine, CSO, Cyberscoop, Help Net Security, SC Media and Techstrong TV. This extensive coverage continues to establish FIRST as a preeminent cybersecurity organization and community.
Are you aware of the social network presence of FIRST? Our handle name is ‘firstdotorg’. Time to start following us if you haven’t done so.
April 21-23, 2025
Berlin (DE)
#FIRSTCTI25
June 22-27, 2025
Copenhagen (DK)
#FIRSTCON25
SAVE THE DATE
September 25–26, 2025
Cambridge (GB)
SAVE THE DATE
October 7-9, 2025
Oslo (NO)