The 30th edition of the annual FIRST (Forum of Incident Response and Security Teams) conference lands in Kuala Lumpur this week, from 24-30 June 2018 at the beautiful Shangri-La Hotel. At the start of the event, organisers proudly announced that this year’s conference had the largest turnout in the event’s history with 829 attendees and cyber security experts from around the globe.
The five-day event features keynotes that address topics in the area of incident response or global cyber security, with various incident response, management and technical workshops, vendor showcase and exhibits, as well as hackathons and training tracks. One the major goals of the conference over the years has long been to build awareness on the importance of having incident response capabilities and working together to solve computer security problems and fight cyber attacks. For that reason, the conference is held in different places each year.
FIRST was founded with a small set of members in 1988 after the outbreak of one of the first computer worms distributed via the internet and now, the organisation has over 400 members in 88 countries. Among the ASEAN based members include the Malaysian Computer Emergency Response Team (MyCERT), Singapore CERT (SingCERT), and the Indonesia Security Incident Response Team on Internet Infrastructure Coordination Centre (IDS-SIRTII/CC) - those responsible for stepping in when major security incidents occur in cyberspace. Attendees also include product security teams from the government, commercial and academic sectors, information security practitioners, policy and decision makers and law enforcement staff.
Many of those present have been in the cyber security industry for a long time. And over the many years, as one of the invited speakers, American cyber security journalist Kim Zetter observed in a media briefing held right after the event was officially launched on Monday, “A lot has changed, and nothing has changed. The recognition that cyber security is a global level I think is at a greater level. It’s very clear now to everyone, from the individual to the nation state level, that all of our networks are interconnected in ways that weren’t before. Everyone’s individual systems can become a component to larger forms of attacks. So it’s becoming more and more important that everyone examines their cyber security level, not only for themselves, but for the global good.”
The overarching mission of the community is to make the lives of global security incident response teams easier, helping teams from the different countries to respond to security incidents more effectively by providing them with access to the required tools, best practices as well as trusted communication between member teams. Also present during the media briefing, Thomas Schreck, Chairman of FIRST, stated that in the past few years, the organisation has also been actively educating other related communities, such as policy makers.
Commissioner of the Global Commission on the Stability of Cyberspace, Christopher Painter, reiterated that point when he said that it’s vital for the community to continue to build bridges with the policy community and diplomatic community. “There’s still a bit of a misunderstanding between the policy community who don’t really understand cyber [security]. They know it’s important now, which is great, but they don’t know why,” said Christopher. Hence, FIRST plays a role in demystifying some of the often misunderstood or mistaken notions around this field.
The organisation trains not just the technical people, but also the policy makers to help them understand. Elaborating further, he also went on to say, “They don’t have to be a member of FIRST to understand the larger implications and I think this is only becoming a greater field of national security, economic security, human rights and diplomacy going forward. So, I think what FIRST is doing is great.”